www.prosites.co.il Open in urlscan Pro
2606:4700:3036::6815:5e0e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.prosites.co.il/recommendation.asp?ID=14035
Submission: On December 09 via manual (December 9th 2021, 8:35:08 pm UTC) from KG — Scanned from IT

Summary HTTP 145 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 21 domains to perform 145 HTTP transactions. The main IP is 2606:4700:3036::6815:5e0e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.prosites.co.il.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.

This is the only time www.prosites.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700:303... 2606:4700:3036::6815:5e0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
13	199.203.20.98 199.203.20.98	1680 (NV-ASN CE...) (NV-ASN CELLCOM ltd.)
9	84.53.188.140 84.53.188.140	34164 (AKAMAI-LON) (AKAMAI-LON)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.249.30.33 34.249.30.33	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	2.19.120.108 2.19.120.108	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2.17.169.171 2.17.169.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.196.196.242 34.196.196.242	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:223... 2600:9000:223f:ac00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
7	54.149.196.103 54.149.196.103	16509 (AMAZON-02) (AMAZON-02)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.233.174.10 3.233.174.10	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1 2	18.196.164.201 18.196.164.201	16509 (AMAZON-02) (AMAZON-02)
145	30

35 2606:4700:3036::6815:5e0e (United States)

ASN13335 (CLOUDFLARENET, US)

www.prosites.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 199.203.20.98 (Ness Ziona, Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)

www.negishim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 84.53.188.140 (Netherlands)

ASN34164 (AKAMAI-LON, NL)
PTR: a84-53-188-140.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.30.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-30-33.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.120.108 (Skondal, Sweden) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-120-108.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.169.171 (Skondal, Sweden)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-169-171.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.196.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-196-242.compute-1.amazonaws.com

realtime.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:ac00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.149.196.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-196-103.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:bb1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.174.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-174-10.compute-1.amazonaws.com

trk.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.164.201 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-164-201.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	prosites.co.il www.prosites.co.il	808 KB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	314 KB
17	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	72 KB
13	negishim.com www.negishim.com	22 KB
12	clinch.co realtime.clinch.co cdn.clinch.co trk.clinch.co	179 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	95 KB
8	addthis.com s7.addthis.com m.addthis.com api-public.addthis.com	220 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	144 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	google-analytics.com www.google-analytics.com ssl.google-analytics.com	37 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.com 1 redirects adservice.google.com www.google.com	970 B
2	myvisualiq.net 1 redirects t.myvisualiq.net	1 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	google.it adservice.google.it	914 B
1	addthisedge.com v1.addthisedge.com	746 B
1	moatads.com z.moatads.com	1 KB
1	googleadservices.com partner.googleadservices.com	645 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	jquery.com code.jquery.com	85 KB
145	21

	Domain	Requested by
35	www.prosites.co.il	www.prosites.co.il
13	www.negishim.com	www.prosites.co.il code.jquery.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net www.prosites.co.il tpc.googlesyndication.com pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.prosites.co.il googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.prosites.co.il pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	cdn.clinch.co	realtime.clinch.co www.prosites.co.il
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	s7.addthis.com	www.prosites.co.il s7.addthis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	www.prosites.co.il googleads.g.doubleclick.net
3	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	t.myvisualiq.net	1 redirects realtime.clinch.co
2	ad.doubleclick.net	1 redirects realtime.clinch.co
2	trk.clinch.co	realtime.clinch.co
2	ssl.google-analytics.com	www.prosites.co.il
2	www.googletagservices.com	www.prosites.co.il googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	1 redirects www.prosites.co.il
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.it	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	api-public.addthis.com	s7.addthis.com
1	www.google.com	1 redirects tpc.googlesyndication.com
1	realtime.clinch.co	googleads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.prosites.co.il
1	code.jquery.com	www.prosites.co.il
145	33

This site contains links to these domains. Also see Links.

Domain
web.whatsapp.com
wa.me
hovala.co.il
www.pronagarim.co.il
www.job-hr.co.il
www.repair-lab.co.il
www.grabo-israel.com
www.taalulim.co.il
mysiddurname.co.il
www.bgrar.co.il
polimor.co.il
ariel-levi.co.il
www.hochma.co.il
www.radiocity.co.il
manofiyoni.co.il
gold-locksmith-and-protection-services-tlv.business.site
www.youtube.com
www.negishim.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.negishim.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-06` - `2022-12-06`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.it GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.clinch.co Go Daddy Secure Certificate Authority - G2	`2020-05-08` - `2022-05-15`	2 years	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.prosites.co.il/recommendation.asp?ID=14035
Frame ID: 3DEAF3206DBE5CFD9B97A9146137D4D0
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 5D00D2020F41D6F039D7512B73A772FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&adk=1812271804&adf=3025194257&lmt=1639082102&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102790&bpp=2&bdt=234&idt=171&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218030820969&frm=20&pv=2&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: 185090B7B9097EA67F3BC1293F1D8741
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&h=100&slotname=6925030410&adk=3340179888&adf=2830734558&pi=t.ma~as.6925030410&w=320&lmt=1639082102&psa=0&format=320x100&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102792&bpp=2&bdt=236&idt=206&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4218030820969&frm=20&pv=1&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1262&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o6Nkb2paGA&p=https%3A//www.prosites.co.il&dtd=211
Frame ID: 61CC6D11043A374160D047BA7610DA66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&h=180&slotname=7815071067&adk=1179630737&adf=1340884760&pi=t.ma~as.7815071067&w=280&lmt=1639082103&psa=0&format=280x180&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102794&bpp=1&bdt=238&idt=215&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100&nras=1&correlator=4218030820969&frm=20&pv=1&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1287&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DGhbvVwnmC&p=https%3A//www.prosites.co.il&dtd=218
Frame ID: 51C998B1C45F8A6B69542056ED8B2F90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&h=180&slotname=7815071067&adk=1179630737&adf=201668668&pi=t.ma~as.7815071067&w=280&lmt=1639082103&psa=0&format=280x180&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102795&bpp=1&bdt=240&idt=221&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100%2C280x180&nras=1&correlator=4218030820969&frm=20&pv=1&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1287&ady=3338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nC2vIzg4wp&p=https%3A//www.prosites.co.il&dtd=224
Frame ID: 8A993B17221DA2A7F1F72379DB588DA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9A9F3DCC2FEEC9BDCE891A069A4B14FA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 22C6305635D58FCAFE069D00E8FA7104
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhD6r-P_ARixoIa9ATAB&v=APEucNVknS0Ypzoli_HQRXeLv24xc6Mb7A_KMf8WbuopUk0HBKEJYQdiMiMV9FQDovLnyBhP6kPHiPLzYMTAx6qdwnlj--HX93knyHcrK8ht4N5exDCanwDhkr9oRCN2lOOFnOjlSVAjw1boxDNTPyZ0B2kd_zBW251lcXlLCBiOCGsjNb3OXlI
Frame ID: 2A436B90F4AE363C292AE52E56B2F469
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOTLwzKJUG-CU822hlmcHRc-LDC59_8CjoaRRhY1JQboJtK3Vl0_bjgQIdGm7lvUW8OU2oc6f2EA79gcH_wo7yW4bIr13Kn8PFA0fxVnQfv2UGiodlnokr2q7LJjLhQqawSNRI8FFPFV9o6kyX-DhILt9Irg&cry=1&dbm_d=AKAmf-ABixjmONrq3q9jLVqct13D7LRJuAv2sltAtSg9WDqguPGsjZAZV2q5ETWVsbIATLs-TZ6uhG4fOLNAAsM_IvdaBaGtLCJ6UcLCZnMnwQxR-kTypMvBLEb4A9_d4pGVpZBtyP-ISuqwZu2mRygIsUKHnX41isUxyCs-BA9vFdp9sWutrIKkIk4hpytZfdArJ5HpDzwIfG6cBLsgwxjUmVsixn7w9yHFdAkKKf1QHRtnUtAVxv_pCVWT5BDTKkH-6CxvYcyRPI-gTmYrkW8_NQ5vjZQR4s2038mGIKfdunfbODB8HsOwIsFCOtKVAEOah8R-m1DvlfaesviEEbJTRUrD-Iord-Joy8u4JYGBOmsygAADM_9mU7R0BvS57bjXd8HB4xA3R1xPQLsa2z8VK7CmjIOa1NYNjeLFDMZqK4VBsVNMKE2ZgC1Zfj3THBYkEDf9nrsB6vDxsaUnxhg2vv1vmpqPK91JYhUJivb3XjhzUpgCtPiTbkV4aNyyrrNIy7LTXs5J_x5QlguOne_pgxXFbmmIvFNubpxT8HqnAVoU2_0o2ePVYUyoVQJDmnWwG45sn5h85twmK6WJfAH2FGnUMzMRGc_JHtgl80VCHwA-R1knz3BgFY_4hYbsh7BoPVAS3OvKd9CritBMAFYSwkdECc0R4a1bP6adxg9-4z6RPhFE9f_GZ2NS8Gm0_4t1XUh4nFaS6Mn5EnRBd63JIYzE5eStGDYaurOn6TxCzYAex9FKsExtoRhgjCxhOjioEZ_0uL4BO9XDRS5DgrDaKaKu05RoIKFVNurzAi80gC7y3Bhg1JfE7Poz_zI5870qJTzXTO4WMALjiV6FR68Q9Ss1-p-2kxoQ3eZc3fpLA0ZtjbmRJxp-LuL4H2IX91M0cBakhKbG2wOvEnu6s69OZigfXOz6pOnQywyMzJNatzPVUvJolJUs5d_XjTxwhezBYUsB7FExe_6xQxQhK18TqmswfwGNERRmuYF4FCgckVaL3NNStT31iVbRyNc_GGMNfhstKUoifrrq7ECkTXcpd9YoO9LCdRIQwoZqqtrUJKjbcSfRXVBhNvETQUKjIUEGVY2O4o-lDJw3ZqurblqA9oNcZyhjjQn412cQWch9vTMkMDXKsv6qVWgLlebTWhud3V0eM796GOzcqyl3237auLD4yTxAMpW8tfF6Q9q8kfczwzFmnUqsRDp4YFc243U8yNFpompkXuVdfGBE5V4PEqTzmQS-npvukzIMBqvUu9EMnP99dU5cdmvV3oqRe_kjuCfL7Kwg5S-KgAFaEPKMcHsGGPpELK6m1Kasi0FV_yASLHzlqcfXoG-2CYF-Utirw48EKUU6Q5GnereMI8UTq8H3zU86Pt6EtUJufqneG80PmbLoRm6Q35KS0cOjXULb5jreT5cwvsgo0kI3Hy8cJtkto6HI9Z-8qADpRt7OAYCBgIAVi02myn26cba9lOve4wehG5oq6nbIDQKG10uoIeyZbctlkZokS25azeDvWOS1kmYaAZCjzqMcUryzPaOyEKSO-wXWSaoRcBfZ_rsbiMF6-0MIT-q9PRgRt3J19Pos5ZPhOMKNoUV86nvrqmfqmygU039IA3mnIDtI8r2iTLNr5RjY_IKIDfzD4wiDRP2RUY5PvO88S4F6xUo1_W3hxAV91tIyb3W8jrKIJU5FygMYWqVaBMfjNDhlnTbmnwpXIlgSP5W8yAk1jLQiaD8UX57di6MHf9kVkM69WGyjQ8vNC8oqnu45d2a184mz8CWQSbZGlsY76MBVkOrNyAe7iWZb2OUrUzr0WnMdQMomp_D7rAe4MvcyfPyY4-JRzVLHtHSURSvuUbGdRNY8j667g_iFf5PF3uQTU4enJTLnzpaoCW7NLXqanUoDZttvos8L5J_BrA2xRgljwcsDx95CXkeCeB_ZKUQaomxtZ6HO3eUV-UMGsMwAlQEvE9W2TkyNm_wwaWSUmprR0YHpCPLmzGA3ef_xivYrrujm16zAleuwPia2iM7eGsq6F_Fy3kNNKxy-TieJmr5-64YOK5Xv5POrVJrI4vxsWzZc8y-IvpHzErLUUywXYjcMbUnorHPPF8MqCGxDHOPMBX66kJxIyGBTtQbIS46PiXt4IXbJfybimIu9nxfFw5NZmiEhenZGa_PReUY-59w8N2aZvuRXOv9ZyTEs9QXFApMOQ15b-lNz5Z25K7DbGQ4mv8KCZeyo0Jlvk_dl9lD-n4iHcp67CR0D7kEElIxXUAxMYlBFGI6GK_X4T8b2AhIkHuse6sFvL6gEhgZD18suz21EuqZQGQ0vsGfp6RhyXz4RTG3n1g2i4yrc1HzthPynRFqd6eq2kUFMH6oC-A9plmqZwAyvJf-Qqyw1tVWGA5tXumbGGCFD86nFjiL6QqTLVQZj09xdyIJFAaCV8XCCOHYMlT5IgOU4wTkz1OLC3ipZiBMqru9SuwVyyW1ab_aV-qdkIrQqdE6VhEYMBpOmggCaaf6OJIU3W4QYly4JXka3-sC5b-1t55_pL28vua4JpMusbPz14T9HUXpldOg598g4rbsOST_vBkxvvvVdvmRCmDzhIN7kceM3Te7Vyhq-2aqM_5yGm0zErtD-uvYI0ZW_LJp6ILbhfzxkGFTXsKPwSiiaSF06DT32MOzjemffLFvEFTj7Wm1y5yt5Tsc_EdYCvHOjn30glrw0U3jSKFD8UzaCVa-rAex8wdWML56Zyoij6xTzSeOPIK50MMnSVia39rb9BodOGUhXkAZ8qIFaQvqy4VAAuKLkQ6gBjkWe_MO80qzyEYM2qYcInljWHR14oVu3_XvBWV0XDzfOidyiQYyIQlthdEOK3GAbqefAx9m8xSQwaf2YlRBnpV7ayNc6dSJc_C4gmzwvyn5dNuRMTfbimuGzl8HWsqNp5os5fNfC-i2T_Ob6qZ0K-hLwzC86qW6mHRBVYZQp887ptSU-wr8CqsHCMsWWT5J_InMMd-m3TrqUZzUlDTmufwdTC2508kNftFk_vaU3N4vAz-wX7fXtcWh4MJ5ckg&cid=CAASBORobgE&rfl=2%2Chttps%253A%252F%252Fwww.prosites.co.il%252F%240
Frame ID: BCFCEB06F698BCDA7E520AF58E3A7A58
Requests: 19 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CHeebo%3A400
Frame ID: 51BC20B0D5D60E0EE64853CD8DD78884
Requests: 7 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: DB757D5071062DB0F8043D9FC7F0F595
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6D4AE3DFBFF77543079C20554C7023F4
Requests: 1 HTTP requests in this frame

Frame: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: 58A50E7EC039E56A0DD1B02169B68DDE
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9C6873AA6A4F4D4A343E5D1889AD63C2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 355BE989472990889140EF71D2E8497A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7F2BE17BD846D5B043731CC8781A55A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C7A2F231A5C9E2359D195E614F5071F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AEFDFE36E1D392A6189E1FA61467483
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

מחירון הובלות - הובלות - David | , כתיבת המלצה FacebookWhatsAppGmailTwitterCopy Link

Page Statistics

145
Requests

94 %
HTTPS

57 %
IPv6

21
Domains

33
Subdomains

30
IPs

6
Countries

2142 kB
Transfer

4180 kB
Size

27
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://web.whatsapp.com/send?phone=+972-0722234470&text=%D7%A8%D7%90%D7%99%D7%AA%D7%99%20%D7%90%D7%AA%20%D7%94%D7%A4%D7%A8%D7%98%D7%99%D7%9D%20%D7%A9%D7%9C%D7%9A%20%D7%91%D7%A4%D7%A8%D7%95%D7%A1%D7%99%D7%99%D7%98%D7%A1%20%D7%95%D7%A8%D7%A6%D7%99%D7%AA%D7%99%20%D7%9C%D7%A9%D7%90%D7%95%D7%9C%20%D7%9B%D7%9E%D7%94%20%D7%93%D7%91%D7%A8%D7%99%D7%9D...https://prosites.co.il/UniqueBusiness.asp?ID=14035

Search URL Search Domain Scan URL

URL: https://wa.me/+972-0722234470?text=%D7%A8%D7%90%D7%99%D7%AA%D7%99%20%D7%90%D7%AA%20%D7%94%D7%A4%D7%A8%D7%98%D7%99%D7%9D%20%D7%A9%D7%9C%D7%9A%20%D7%91%D7%A4%D7%A8%D7%95%D7%A1%D7%99%D7%99%D7%98%D7%A1%20%D7%95%D7%A8%D7%A6%D7%99%D7%AA%D7%99%20%D7%9C%D7%A9%D7%90%D7%95%D7%9C%20%D7%9B%D7%9E%D7%94%20%D7%93%D7%91%D7%A8%D7%99%D7%9D...https://prosites.co.il/UniqueBusiness.asp?ID=14035

Search URL Search Domain Scan URL

URL: https://hovala.co.il/
Title: לחץ למעבר לאתר האינטרנט של העסק

Search URL Search Domain Scan URL

URL: https://www.pronagarim.co.il/

Search URL Search Domain Scan URL

URL: https://www.job-hr.co.il/%D7%9E%D7%A2%D7%A1%D7%99%D7%A7%D7%99%D7%9D/

Search URL Search Domain Scan URL

URL: https://www.repair-lab.co.il/%D7%AA%D7%99%D7%A7%D7%95%D7%9F_%D7%9E%D7%97%D7%A9%D7%91_%D7%A0%D7%99%D7%99%D7%93_DELL/
Title: תיקון מחשב נייד DELL

Search URL Search Domain Scan URL

URL: https://www.grabo-israel.com/post/operator-manual-for-grabo-filter
Title: גרבו® פרו-ליפטר GRABO® PRO-LIFTER 20

Search URL Search Domain Scan URL

URL: https://www.taalulim.co.il/%d7%9e%d7%aa%d7%a7%d7%a0%d7%99-%d7%9c%d7%95%d7%a0%d7%94-%d7%a4%d7%90%d7%a8%d7%a7-%d7%9c%d7%94%d7%a9%d7%9b%d7%a8%d7%94/
Title: מתקני לונה פארק להשכרה

Search URL Search Domain Scan URL

URL: https://mysiddurname.co.il/mincha-and-maariv
Title: מנחה וערבית

Search URL Search Domain Scan URL

URL: https://www.bgrar.co.il/%D7%A7%D7%95%D7%A0%D7%94-%D7%A8%D7%9B%D7%91%D7%99%D7%9D-%D7%9E%D7%A9%D7%95%D7%A2%D7%91%D7%93%D7%99%D7%9D/
Title: קונה רכבים משועבדים

Search URL Search Domain Scan URL

URL: https://www.taalulim.co.il/inflatables-for-sale/
Title: מתנפחים למכירה

Search URL Search Domain Scan URL

URL: https://polimor.co.il/rubber-surfaces/
Title: משטחי גומי

Search URL Search Domain Scan URL

URL: https://polimor.co.il/rubber-floor/
Title: רצפת גומי

Search URL Search Domain Scan URL

URL: https://ariel-levi.co.il/stones-sesame-gravel/
Title: אבני סומסום

Search URL Search Domain Scan URL

URL: https://mysiddurname.co.il/%D7%A1%D7%95%D7%92%D7%99-%D7%9B%D7%99%D7%A4%D7%95%D7%AA
Title: סוגי כיפות

Search URL Search Domain Scan URL

URL: https://www.bgrar.co.il/%D7%A7%D7%95%D7%A0%D7%94-%D7%A8%D7%9B%D7%91%D7%99%D7%9D-%D7%91%D7%9E%D7%96%D7%95%D7%9E%D7%9F/
Title: קונה רכבים במזומן

Search URL Search Domain Scan URL

URL: https://www.grabo-israel.com/post/vacuum-handle-for-thinner-and-tightened-floor-walltiles
Title: ידית ואקום להתקנת אריחים מדוקקים

Search URL Search Domain Scan URL

URL: https://www.hochma.co.il/diagnosis-in-the-eyeball/
Title: אבחון בגלגל העין

Search URL Search Domain Scan URL

URL: https://www.bgrar.co.il/%D7%A7%D7%95%D7%A0%D7%94-%D7%A8%D7%9B%D7%91%D7%99%D7%9D-%D7%9E%D7%A9%D7%95%D7%9E%D7%A9%D7%99%D7%9D/
Title: קונה רכבים משומשים

Search URL Search Domain Scan URL

URL: https://www.radiocity.co.il/%D7%AA%D7%99%D7%A7%D7%95%D7%9F-%D7%9E%D7%A2%D7%A8%D7%9B%D7%95%D7%AA-%D7%9E%D7%95%D7%9C%D7%98%D7%99%D7%9E%D7%93%D7%99%D7%94-%D7%9C%D7%A8%D7%9B%D7%91/
Title: תיקון מערכות מולטימדיה לרכב

Search URL Search Domain Scan URL

URL: https://manofiyoni.co.il/%d7%91%d7%a8%d7%96%d7%a0%d7%98-%d7%99%d7%93-%d7%a9%d7%a0%d7%99%d7%99%d7%94/
Title: ברזנט יד שניה

Search URL Search Domain Scan URL

URL: https://gold-locksmith-and-protection-services-tlv.business.site/?copy
Title: גולד מנעולים אתר גוגל ביזנס

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=1kqo7U_jWn4
Title: אינטרקום

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=pRn59bkkBTc&
Title: ארון לתנור בילט אין וכיריים

Search URL Search Domain Scan URL

URL: http://www.negishim.org/
Title: להורדת מודול נגישות חינם

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&C=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbJod-2xoOrXOqmC.nIvtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&google_hm=2

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA5KLhb8fsZ5pCfXfwaXwOs&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyODQ0MzgzMzIzMzg2NTM5NA%3D%3D

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://pixel.adsafeprotected.com/rfw/st/760547/58793513/skeleton.js?ias_dspID=3&ias_campId=15950141&ias_pubId=pub-0245308634183202&ias_chanId=1&ias_placementId=15451206156&bidurl=https://www.prosites.co.il/recommendation.asp&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.prosites.co.il&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.prosites.co.il%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20211207%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20211207%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-0245308634183202%26fa%3D1%26ifi%3D6%26uci%3Da!6%26btvi%3D3%26xpc%3D6ba1zqUYxC%26p%3Dhttps%253A%2F%2Fwww.prosites.co.il&adsafe_type=b&adsafe_jsinfo=,id:69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5,c:wkKGEc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-57f989f46b-bskfd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:171,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,tt:rjss,et:189,oid:7cec03e0-592f-11ec-8fd2-8ac0d4f55ded,v:19.8.270,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 134

https://ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/B25131455.321914837;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_id)_%7B%7Bdsp_campaign_id%7D%7D_396464177$$;device=;ord=1639082104840;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/B25131455.321914837;dc_pre=CMPn59TI1_QCFV3iuwgdJw0PMg;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_id)_%7B%7Bdsp_campaign_id%7D%7D_396464177$$;device=;ord=1639082104840;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 135

https://t.myvisualiq.net/impression_pixel?r=1639082104840&et=i&ago=212&ao=693&aca=25131455&si=6328519&ci=152186068&pi=321914837&ad=514570975&advt=8121039&chnl=-7&vndr=115&sz=10092&u=$${{dsp_insertion_order_id)_{{dsp_campaign_id}}_396464177$$&pt=i HTTP 302
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1639082104840&et=i&ago=212&ao=693&aca=25131455&si=6328519&ci=152186068&pi=321914837&ad=514570975&advt=8121039&chnl=-7&vndr=115&sz=10092&u=$${{dsp_insertion_order_id)_{{dsp_campaign_id}}_396464177$$&pt=i

145 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request recommendation.asp Show response
www.prosites.co.il/ 56 KB
13 KB 290ms
225ms Document
text/html 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 81887d68712a6087c7ead33afe49f5ff83218e85790176cc653049f3656c5c2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-type: text/html
cache-control: private
expires: Sun, 31 Dec 1989 22:00:00 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8gA5gRxahULEivutpeEb9eCbX6NxphGq07UoLOtHyNW878z8Wny2E3TY7t%2F%2Bquq3MRzeFWSnKityHCtkxHaQz7PxTLu4YeRkmUGOIGv1XMpx43xEzBpjGNDRqgrFE7YbvOCflHHTCLu9k9kgM%2BusLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bb104815dea3763-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 144ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d3dd3f2ae67fafc69c39c62001b35f427b1130681f070d64792115f80856409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51950
x-xss-protection: 0
server: cafe
etag: 10959917872280530683
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 20:35:02 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 128ms
48ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 20:35:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 20:35:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 20:35:02 GMT

GET
H2 200 Logo2021.png
www.prosites.co.il/images/ 12 KB
13 KB 180ms
172ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/images/Logo2021.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5279dad9e2cbb87abd63e5bbb44f7b431e7b9807acde699de85940c905c1d55a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12540
last-modified: Thu, 29 Apr 2021 11:17:47 GMT
server: cloudflare
etag: "d2c0a848e93cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VxAQRzUXABGuxPhwUSELSZXlmI2Ybw%2Bld5P%2BQqV3nitPoc0fY9bB%2FE3iE5xhFS3C5tNZejRu21kl5JHO%2F3O88%2FVFdSnBk%2BUf%2BY49leX4QDWjR82Lv71%2BgzT0PC8NPuFgq2eOJaXDUurU1nTTrN5yWKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec6a3763-MXP

GET
H2 200 whatsapp2.jpg
www.prosites.co.il/images/ 3 KB
3 KB 151ms
144ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/images/whatsapp2.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 88616800b0cb7be79f08dfbf17bd0c80f0dc771926c745c11d437dab47af60e6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2823
last-modified: Wed, 13 Oct 2021 21:10:54 GMT
server: cloudflare
etag: "739c8cf76c0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ff7tIeAG7md018FdoF2mVXbtQzNMaRCmL5hL4QMAezNK%2Bt43bwmIuS3F6w7ucbJDxC5jodc7E8GTQs4DH523uTWti0wOQPVGxS9uWKbJPZftXsgcWUNEskK2jiEWHbU18xDzPN6zy9yV9LbZF8LVdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec6e3763-MXP

GET
H2 200 NoPhotoFound.jpg
www.prosites.co.il/Upload/ 16 KB
17 KB 194ms
187ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/Upload/NoPhotoFound.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 813c3c6588dbf51a522f9ac5c82e804c0c7790f04fff37adffb4f8d62d02b189

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16810
last-modified: Fri, 30 Apr 2021 09:55:55 GMT
server: cloudflare
etag: "85521c3a73dd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxSZ%2FCyIJWTutS%2BmLjzGFo0KUo5%2BenDOTP%2FUsZoukFhaWZc%2FHudPF1Mo2qU6kxlH%2B64hQr0%2FVpAOraaNztQN9ffJ1iacbOvjg5%2BZpQd5kLVGbEESpEh0tlnshilrtYD3lIaF78p6uzEktD%2FjLiHhiUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec713763-MXP

GET
H2 200 whatsapp.jpg
www.prosites.co.il/images/ 4 KB
5 KB 146ms
139ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/images/whatsapp.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 939ff291b2a65c5d3bf20fde9c101d03a272ecf6b3c7b029531c35ee2f7161c3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4386
last-modified: Wed, 13 Oct 2021 20:22:09 GMT
server: cloudflare
etag: "93aba7ff6fc0d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd4JDT4HHlYaQc%2BhmU55YPWFwvENHnXowvuPcl8SeruaLMpyJF5p3keG%2FSUhhI0PtDrp%2Fsvd%2BBZGUJCTh8U%2ByoVZ0Uh866xYXUS%2Fyei%2FZ2y96B5CBou224%2FUn2rWmQTBIfWo0Rdg1xidBxZ4kGDTdtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec723763-MXP

GET
H2 200 aspcaptcha.asp
www.prosites.co.il/inc/ 5 KB
6 KB 126ms
119ms Image
image/bmp 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/inc/aspcaptcha.asp
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 136c1d684a99b67a8ef459eaf38f09c7af41713d94f06701e460dcc3270ecea5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKdJflAMI9SCD5%2FObFJugAhF5W0FWtioIAxi%2BRBU4CZYF%2BLXEWRConNhPV2nKqFat4eIMnmFNlGDLmC5EA3YDyRTvUv6nLH3VYouMORwdwiOzmAXT70Y65ZZ8U6Tzb1qUtCe7s16WKo%2By8%2Bwt38YAzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/bmp
cache-control: no-cache
cf-ray: 6bb10483ec743763-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 09 Dec 2021 20:34:02 GMT

GET
H2 200 email-decode.min.js Show response
www.prosites.co.il/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 20ms
19ms Script
application/javascript 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prosites.co.il/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Dec 2021 10:46:12 GMT
server: cloudflare
etag: W/"61af3b74-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzvDkCpIplZhoViwzKCYxRWCPPlpnEH%2BRPQ45YBBSL4xiMLhzPgEN1B4N5d7LHYmfoZz6nLh%2FRC5FyO4tJngw7sVpdzTJYK2uAJARMihywtWesCtkdrcwdGjU04SqyyTmsHkGKTX6nI4DZENNso6nOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bb10483dc463763-MXP
vary: Accept-Encoding
expires: Sat, 11 Dec 2021 20:35:02 GMT

GET
H2 200 Pronagarim.png
www.prosites.co.il/images/ 12 KB
13 KB 213ms
205ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/images/Pronagarim.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e40a8e1fd6ee45f2974968505b66ab2a33ebeac27e754efeda95e0486c45e4b6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12476
last-modified: Tue, 03 Aug 2021 08:14:12 GMT
server: cloudflare
etag: "4d4bba8a3f88d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lWGz%2FcwotN%2FVxwUfsRO%2BLN6zlfqG7hfeUVRV%2FcgGDJP4cxvAYqtQCn5PhO94n7SQgcpkuBQ4OaUkp%2Fl4vzbPIUI1GWpUWm9FjyWhyAh6Hd3jU3I0jm9yEd%2FbtNJsTicdkCo%2FQMB54UGGQuGCTQ6FFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec763763-MXP

GET
H2 200 jobs.gif
www.prosites.co.il/images/ 17 KB
17 KB 198ms
190ms Image
image/gif 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/images/jobs.gif
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8ea48a430e1c86d3f6b12f37ec3ff2cc6d6d3a1c82fda2e4b15d19065d20c869

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17175
last-modified: Sun, 04 Jul 2021 20:54:33 GMT
server: cloudflare
etag: "ccdbeeca1671d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDxIkk6eV3oN%2BeHfEn%2FJgYxnR58v2Qk3eXaNYm7OjRcZxYMEgxiXw4byBJ6c9ha8BlDdFBOJj6kvICSK%2F3ekeoNUave5Gb1EkAJCkzs2W8oLpOiTQuJ2TzKpmaLjiA7OsO8Q%2BBHsl5lHgFzthL0vDhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec773763-MXP

GET
H2 200 21311518.png
www.prosites.co.il/images/ 19 KB
19 KB 250ms
243ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/images/21311518.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c78429a3018e7f8fdce7ae1c77f7ad006b49913f6da91e7a3e833d6abec7d1f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19078
last-modified: Wed, 08 Apr 2020 10:45:25 GMT
server: cloudflare
etag: "1fced8cf92dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB1j0yJvh29T0EQlbpMaptPLmqtpjKDKexqwm%2FEhtqmzzJcbf468zt4ieEai0TRn3mD74SBsHWNOFfZFZ9otzJoHTVPGNPrvwkGkS6hWQiN9rT2%2FI%2BaSMuvd%2F80LdeP54DU92lteU3IwVibG18wQvqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483ec783763-MXP

GET
H2 404 ProSites_11802.pdf
www.prosites.co.il/upload/ 0
266 B 146ms
139ms Image
text/plain 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11802.pdf
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cDhDSLogR4HEuAO2TTfzGuejcSmsJF2AdyOrj15HflFe1xiYV11%2Fu%2FUhgTtdtJmi%2FMtOPbIoxlItgOa71to3nzNgG%2BZmg8OI5GY8vKkijmPESSV0112B5oG2Lsf91l7z60Jp2jDvxukkv7JU97pYn0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 6bb10483ec793763-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H2 200 ProSites_11801.png
www.prosites.co.il/upload/ 29 KB
29 KB 240ms
233ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11801.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4d64aad7e0867b4bcb45afcc7e0359d84bc1c1de6f264a20abde8c3fa90d3a8d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29540
last-modified: Thu, 09 Dec 2021 10:45:46 GMT
server: cloudflare
etag: "bc2122ece9ecd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BoAM59yLL33RzQCbEhEhrgw297QreymNOUDHJunWJpcZb08HtJDGYXA4OJcpLcrYQP0FdAJB%2BDNu4PlvMCod4BW80iBvUGSylYq7VvXKPXiBSu3wHJCIPcrF3NZOMeTjHzeVFXFe9TDcPUPVLUKu14%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fc8d3763-MXP

GET
H2 200 ProSites_11799.png
www.prosites.co.il/upload/ 3 KB
4 KB 151ms
144ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11799.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 492ee2890f2dfbc36b15eb9451e99f69a92185638a1f9235565945ff2fb72f80

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3582
last-modified: Thu, 09 Dec 2021 10:25:24 GMT
server: cloudflare
etag: "28a89713e7ecd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbqCACSk4rlkcn2DZW%2BEmI4CC6Nj%2FWe2NYJIqkAu0TpniHjXd3qlmjhI8Y7kmEyr3O2gQqM%2Ba0zyHoDHfiiEOGa8ZyIO0yT8lFbrwRtn7ATWnD%2BZVjV3KD25R8FwJxnNWLztnhHYgGAoiddaNodIbhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fc923763-MXP

GET
H2 200 ProSites_11800.jpeg
www.prosites.co.il/upload/ 27 KB
28 KB 273ms
266ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11800.jpeg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 017f1beeac8c9d65fb38b7985a2f7d000676cd940e78aed7e981607a9614341f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27969
last-modified: Thu, 09 Dec 2021 10:33:10 GMT
server: cloudflare
etag: "3c50c029e8ecd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6TMxtO1EzUEmsbrr45F7tklN8IJIWOSpGiar6Kuwk3xIBpY%2BElhfs8BcNh6%2BKOMxfI32jFmSVC9j7Xo%2FZ53h5PAmagKp39qPJrf5%2F6qVbIzEvCS%2BIFXk%2BRylx8lAdGGHvh%2BYxDzvXYnXm7QAeEzPS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fc953763-MXP

GET
H2 200 ProSites_11797.png
www.prosites.co.il/upload/ 2 KB
2 KB 162ms
155ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11797.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 646ce2cf3229db75088a025bd0fc78e5beafb2948e772cad423acb73f6664de8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2134
last-modified: Thu, 09 Dec 2021 07:59:41 GMT
server: cloudflare
etag: "ea9667b8d2ecd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36cCF1JUCCrhoPVvuDfRjOFx5Oqxp4qobdkuKVoqM1vyV89oQRK6eMjHTyms4BMfqjtQF3gVV2U0WcQp9lw4Z4NPRJMvFu2KGJQ1coKqzFxLuSZZ%2FptT2i4H7FsR%2F%2BGWGEGYG%2F3nC5TcsvxNuthDIa0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fc993763-MXP

GET
H2 200 ProSites_11789.png
www.prosites.co.il/upload/ 276 KB
277 KB 350ms
344ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11789.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e75654afa743836f6ec8dc04403a681284ca6645517c356db2b738fae28b1afa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 282975
last-modified: Tue, 07 Dec 2021 16:07:37 GMT
server: cloudflare
etag: "f7ddbe8d84ebd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZMivFdtgYSwoT7%2F%2FHrmI1NF%2BSerXmMdsCgwWisBdtyRbVHeEhekoXisoGF3owWxc%2BXnDsgxK9vX1yxIVA3BLPMMwuJcYIdE%2BdytJQSRwL%2BNvIQbctbXrtLnRj%2Fn53OXpHFCQ3aNmVOfjUrQ9Z2ciHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fc9c3763-MXP

GET
H2 200 ProSites_11785.jpg
www.prosites.co.il/upload/ 30 KB
31 KB 266ms
259ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11785.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6d74ffd8391dadb236db08f6fb043894054f9f67211ed1e7da57865634db81f1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30900
last-modified: Tue, 07 Dec 2021 12:05:38 GMT
server: cloudflare
etag: "33877bbf62ebd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntdPnE3bi4INxYcf4HUa3monqJM6Isipr2LZBhJlKe18XPCNmOnqODCn65SA09o55Mqd%2FkcmlPx0cxXLtFUMfp3SWkRgU739iUAfZ9AwURjLJi02f3vi2sQ5N5RprQ%2FNGGz%2FL%2FNoNPtdshrj9ANaR74%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fc9f3763-MXP

GET
H2 200 ProSites_6212.jpg
www.prosites.co.il/upload/ 18 KB
18 KB 256ms
250ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_6212.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e421be0b7e4a49bda85e49f36ab6c3bd06257ece681a5788b8f0333a624afdd6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17970
last-modified: Wed, 08 Apr 2020 11:00:33 GMT
server: cloudflare
etag: "f3a41fed94dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPn5J9WPYZeydq%2F531JS%2FR14Psz5uaH%2Fc8brILgAzaGZjgUbH5pmkCCRaDFdHmD9R7GS7Bf7AR0BCnu%2B%2BGbsg8SWOcqYzxnEFeqS7h1%2FxQzWGsDyQW9S1MPP0jfAWI7Y2d9fQGkAiKtwAef5%2FdxvARI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fca23763-MXP

GET
H2 200 ProSites_11745.jpeg
www.prosites.co.il/upload/ 21 KB
21 KB 232ms
225ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11745.jpeg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ef6b8e0ee429a6aee81e22883238fba3d35ddddbbb42e76d8bb9283d26ce1151

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21479
last-modified: Mon, 29 Nov 2021 14:13:34 GMT
server: cloudflare
etag: "86d89d4b2be5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gTCzYwZnkuTa5bgrqlp3ibGfDhbEoayqFFG%2F7avfS4JOwGYejr6PEaecqHXjko19eGWwPoly11Ua2ZSAv6EmaEAiEqbzYxTdxMCOMugrHvPe66X7fQUTVOEoQXewKbEsn6Z%2BkjZXZTFWRdQHDgkT1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fca53763-MXP

GET
H2 200 ProSites_9601.jpg
www.prosites.co.il/upload/ 2 KB
2 KB 175ms
169ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_9601.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 437c3b265c5a907278db7bbc623859e799ab3ca114f4afc3031b85d8b8dd02d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2081
last-modified: Wed, 08 Apr 2020 11:05:49 GMT
server: cloudflare
etag: "dd39a995dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66Jh1NtWZMVjC79FD4oHRcFGFKwCHYK4VocWkB4At3TI690mHaGjNJR%2FJQsY%2BUwV4VEza9I1ANSSUnu%2FJHYR%2BuwNzC5uy3KGbkRzD3zvufmFt1AWj4tiWORzNUd7o0j7MZORTxg5UW22IhTe9zbFS0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fca63763-MXP

GET
H2 200 ProSites_11746.jpeg
www.prosites.co.il/upload/ 31 KB
31 KB 309ms
303ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11746.jpeg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0409eb1a99981123c7df2d4847d62a081a9b150f64d529cb8e851c8ed78c32b6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31755
last-modified: Mon, 29 Nov 2021 15:11:49 GMT
server: cloudflare
etag: "40157c6e33e5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr8Ah43n7DdrnWO8vzQICff5IB%2BlPv4x8%2B73J76YDfjDSHSO19Uyrk9Z0Uyl7uotTwHOozeUelgCs9gLxTlyqBS8BpFynV8igt3VghQ%2BmgCOEjXVl33elGFQYd0a0b4HWcH8i2%2BgnSLJpW8mCdsRvBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fca83763-MXP

GET
H2 200 ProSites_11747.jpeg
www.prosites.co.il/upload/ 15 KB
15 KB 220ms
214ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11747.jpeg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d155673e03e80aa76752c9716b6ca13df6d81351990bd880cf78c4e61ea0fa48

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14890
last-modified: Mon, 29 Nov 2021 15:28:10 GMT
server: cloudflare
etag: "e276adb735e5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8mzSVBaLdRefsbEBHgui%2Fpfn%2Bp5nLjysXMENMY6q7Arb%2FeUTEfkOpDKNny%2BGF%2F7%2BfDXQ2fEgEWXOEjtL1%2FkYo6rB527hcw5F7q58YCWXjE7jj0JsAajT8Ij9R5HMOMEa1EavMM%2Bg4uRNbdYLUkR3oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcaa3763-MXP

GET
H2 200 ProSites_11758.jpg
www.prosites.co.il/upload/ 46 KB
47 KB 328ms
323ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11758.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a9132cc06212d225a9d9f7ee175fe1143d16a5851eed097fd50b8a549a9eca02

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47525
last-modified: Tue, 30 Nov 2021 09:34:04 GMT
server: cloudflare
etag: "5e5f6f6acde5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP2IJwRab6hfJwh%2FEqzp6CVD0SRA4%2BlSt4hsL%2BPwOyQKDNbopFSVmHUYuZ4R4EQjRl7oYrKgtgC0A%2F8dKaCNS9vTkur7j4lEMNW5sQFhsOv9bT4PPNuNIk4lls4%2FzJCVbzIbmpc8ul0FOzmkK8eK1ZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcac3763-MXP

GET
H2 200 ProSites_11765.png
www.prosites.co.il/upload/ 29 KB
30 KB 263ms
257ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11765.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6ff42f847b4f32db3b53454d38a6d930e74dd3c0e6c619313ad048d2b208e52

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29862
last-modified: Tue, 30 Nov 2021 15:29:58 GMT
server: cloudflare
etag: "6af52d22ffe5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpGYBO8QNOuAJjW%2FDzU%2B3olJ30diQXgXLzWKwSSGC0svB%2B8rL5mdTemntjFXFlFgoWi1Df4J88md6DJkMKCA%2Fhg%2B2IOD4gGRG2XV2TUOvj7jP9RBb3ejziJet3BWQwlWvdd09T%2FVDdYcXAPDrv3z4cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcad3763-MXP

GET
H2 200 ProSites_11764.jpeg
www.prosites.co.il/upload/ 16 KB
17 KB 206ms
200ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11764.jpeg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e9f626b3059ef30b3e0b9cfd3aee010b2beb38b738003a350339ca2cc61d94d3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16890
last-modified: Tue, 30 Nov 2021 14:13:32 GMT
server: cloudflare
etag: "71c0775f4e5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ucx3HBxsMbYUVYO7f71xZoHamRhD%2FGX%2FoMX%2FZb08pq90XHC2WmOVXhlM8yQT4uOK%2BFBHRkIi2kjFTXCe5DegVW8EjoPgd5R81GihokIMBJXblK9aso1cRPpCH0KV4IT%2Fb8ipkYR9syV5I7NERbYrNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcb03763-MXP

GET
H2 200 ProSites_11389.jpg
www.prosites.co.il/upload/ 43 KB
43 KB 320ms
315ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11389.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2315fd30453223f85539420635ec365464dbb8049ec94c98ea365894d92788f0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44089
last-modified: Fri, 25 Jun 2021 11:14:44 GMT
server: cloudflare
etag: "b98f2e4db369d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwSnUN0gj64hisF9DCMI%2Fcy3%2F1LV0D1Sm%2Bv0laOVZZQDk3qtGYaAc%2FO0UbgRDnwOQxyp1e3RJ6QTAkxPJb7jt6hLIYE%2F3%2F7SZxosWEy2FQREisGsDuv7xsyHdneTet9%2FVJoGbqm%2Fsdc1waam7XARjxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcb23763-MXP

GET
H2 200 ProSites_11512.png
www.prosites.co.il/upload/ 5 KB
5 KB 150ms
145ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11512.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ee9b83c7c8c8dadc6f9203537a5849d91210c7563dad574d2ef9d373d99d7b5e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4800
last-modified: Mon, 23 Aug 2021 13:50:08 GMT
server: cloudflare
etag: "622cc3c82598d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FLCH%2BFZpu96Lz7ROUfHvDwLrZNfIQvNRC0JaXVR3YINqLCd3wxgk6MYaQ4TUw%2BPw7ChQ5NKIJHEryg2XJwt%2FoJFfdDxv4ODjyyE6kQ0UYf9eHmCyFAE6sRFLJEB5UPbMDqxxAwn%2FheLe%2FKfJfYdwp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcb33763-MXP

GET
H2 200 ProSites_11111.jpg
www.prosites.co.il/upload/ 8 KB
8 KB 216ms
211ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_11111.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9be1aa4d3a1d5c5ddcca82442a1bab4c46c39ca3ea52a05810491a810d3ffb1f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7813
last-modified: Mon, 23 Nov 2020 06:40:27 GMT
server: cloudflare
etag: "f9bce18763c1d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzAZZV9HpYZ7B7wF7bFk8ROZ0187DIwYOi6UwO%2B7ztumfmw6XKn8a0k1cupiSu9n3BK9pdzxvf9KXN6cjfh33m7CtviX11DEvc2lBleKxmWw1UcqzCim3WmdDoFc%2FTif7MXIXSf6YhxmyKf%2BE4bjI%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcb63763-MXP

GET
H2 200 ProSites_9899.png
www.prosites.co.il/upload/ 13 KB
13 KB 214ms
210ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_9899.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e16d63363a56c48985349e5b3a8b7d0b9557374ff1baf55f25c539e2d58d7dac

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12917
last-modified: Wed, 08 Apr 2020 11:06:28 GMT
server: cloudflare
etag: "397e84c095dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cZ6R%2BLvEjkkl4RMQLSaT63R6QRL4au2nGj6KGpj8bk7IZeA0%2BIRPMJVDD4ZaZPdAnMhn9Hqm0vQL2gq3%2Bml6mvH9LxhB%2F3fhk%2FYFIoByodOTAeR%2B%2Bq0rmxghmuJMb5G74SlyFdsVxw3IHLpuTdrF1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcb83763-MXP

GET
H2 200 ProSites_1335.png
www.prosites.co.il/upload/ 7 KB
8 KB 203ms
199ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_1335.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 67fc8bf4c4dabf51b9919c847460c810f0f95941a4e50314d5ba861c7f0991a3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7384
last-modified: Wed, 08 Apr 2020 10:51:29 GMT
server: cloudflare
etag: "6145a9a893dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmmHhWSnijSp9Dz1DsOqY62BJ6TQJIWJ74lM9MzoY8s1sT0qAiVfPM8WsO2UmgdUPIqBGs2KxS3fAHSNLHIzSL1%2FvWjGVlQODOe1ZrTT5awjXHNSwCWNBBZCQOVRTm81q78QlxUZavT2%2B2GBFh0SdCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcb93763-MXP

GET
H2 200 ProSites_9967.png
www.prosites.co.il/upload/ 8 KB
8 KB 220ms
215ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_9967.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cde425a9ef3360b619696ad262b1c9ba28e70b95eed33b490df2cadd0090f4ab

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8025
last-modified: Wed, 08 Apr 2020 11:06:36 GMT
server: cloudflare
etag: "c86c81c595dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zziio3u7bDyUGpy1UGMpW6%2Fgqa5XnueNVJl2NAjqRnS54wSOxyUuWmQ53cqpWLwu80UnIYbdLzxrjlQBUMZQZgRcTdUAMITCyKY%2FLzvKcu8fpv%2B0geXvg7fn17kexmR3V3e%2BCjziqPeMbM2g5kt5i%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcba3763-MXP

GET
H2 200 ProSites_215.jpg
www.prosites.co.il/upload/ 5 KB
6 KB 160ms
156ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_215.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ac22f6b64c6e72b6e9cb9c40e5b02c7414fc5e1540a576844818e2e030efff1d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5475
last-modified: Wed, 08 Apr 2020 10:52:42 GMT
server: cloudflare
etag: "358d61d493dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77osuNhGZ6QI7ykmSk7KzWnwzkZ35WaIhvqs%2BKf2zxAHywNFvwUZAmcXyOVqiWIe4qA3KdsnlVB6Ko1%2BhnjPtCLhcef8OETZMCyWj7h%2Fx%2B1W6s26Z2A2lUjfcefTpAcg5QnMr6GDjpa95XAFVeH1FTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcbb3763-MXP

GET
H2 200 ProSites_9712.jpg
www.prosites.co.il/upload/ 52 KB
52 KB 288ms
284ms Image
image/jpeg 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_9712.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7b9ea3aeeaf6d63799a48064cc11298fade91ab6fd689038c40b72534d881bca

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53032
last-modified: Wed, 08 Apr 2020 11:06:07 GMT
server: cloudflare
etag: "06b26b495dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9yQriuwIsd6skrplRtOlK1xIHkm0IVf7lV%2B61D4FfdHJ8yBa2LDwVeX3%2FjHOGvBz78JijAROdpN%2BTskMAa1DpZ5jUybbW3hHbIEIPtwRMo4ysygkgDnAabBbV5z0I4Sldmis7ey6hE5g7EhkEotg%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcbc3763-MXP

GET
H2 200 ProSites_9950.png
www.prosites.co.il/upload/ 2 KB
2 KB 463ms
460ms Image
image/png 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prosites.co.il/upload/ProSites_9950.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1239e7c499274555c93c549ffad5f63ab5754f159171e0e9aa985171ea7a9d65

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1722
last-modified: Wed, 08 Apr 2020 11:06:34 GMT
server: cloudflare
etag: "c2f137c495dd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08TAnJ%2FfppbBcYv3jvvE92ZcMeKYHZpli7YydAtxM4Z6IIBffyRDRK5HRzmUGgiEhgw3KGLp0IFNDq4H%2F649M8duEKGekVkqvD1zfyzD9yvakp0HmZmZewvVWZbKUtMHmp5Dpwjai99XXYVDT5mgXyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6bb10483fcbf3763-MXP

GET
H2 200 jquery-1.12.4.js Show response
code.jquery.com/ 287 KB
85 KB 66ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.js
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: "573f46fe-47a36"
vary: Accept-Encoding
x-hw: 1639082102.dop031.ml1.t,1639082102.cds204.ml1.hn,1639082102.cds217.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 87176

GET
H/1.1 200
OK accessibility_pro_group255.js Show response
www.negishim.com/accessibility/ 72 KB
16 KB 1051ms
343ms Script
application/javascript 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negishim.com/accessibility/accessibility_pro_group255.js
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f4023c992a4259315955385e68d89e776dab3ba8bada8a3eda9b43a890b44cca

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Aug 2018 06:17:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0f493aacd3dd41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 16363

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 113ms
39ms Script
application/javascript 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a315de85be407700530233bbc3da1ad76235c2189a88ba35e8149a48c41e362a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 09 Dec 2021 20:35:02 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
40 KB 128ms
51ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4BDVGF

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0757c3765fb0156cceafe32392c42bd73ebdc4c8053808125a8495882f21597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40685
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Dec 2021 20:35:02 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v118/ 117 KB
117 KB 113ms
36ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5750e404dee79ec463531c5b93847bbada31f7e3c6d88bfc48d8b09b8812f543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.prosites.co.il
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 21:19:55 GMT
x-content-type-options: nosniff
age: 170107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119540
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 20:45:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 21:19:55 GMT

GET
H2 200 global.css
www.prosites.co.il/GlobalInc/ 17 KB
4 KB 180ms
180ms Stylesheet
text/css 2606:4700:3036::6815:5e0e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prosites.co.il/GlobalInc/global.css
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 873ae2a0fca6aa9f493fae54125024e435655e00827f0652c569695575d330e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/recommendation.asp?ID=14035
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 10:04:34 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"fbde143251d5d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0heLB%2FrjAFbcgCmsv20Qp58%2FAiyBMfOtPR5RlYi4Fw62rYu9hq99eNDJMv4oGBgbaoV%2B9td%2B%2B8QkijJj7jMeDSJZ8wGWk4HNvM59aGx5E43mqNcqX%2Bhb%2FZgm5sh%2BCKEtGhu2efOcz3chd37EStzvLvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bb104840cc63763-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 273 KB
99 KB 95ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0245308634183202&plah=www.prosites.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d237070a199ad699c9a1618c97917dd1839584e71302b76bd612cb5fd78e98a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100878
x-xss-protection: 0
server: cafe
etag: 15631389727334882838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 20:35:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 5D00 11 KB
5 KB 279ms
26ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Dec 2021 18:36:45 GMT
expires: Thu, 23 Dec 2021 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 7097
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 105ms
26ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4BDVGF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5635
date: Thu, 09 Dec 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 21:01:07 GMT

GET
H3 200 css
fonts.googleapis.com/ 1008 B
416 B 90ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/GlobalInc/global.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 20:35:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 20:35:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 20:35:02 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
645 B 115ms
36ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.prosites.co.il&callback=_gfp_s_&client=ca-pub-0245308634183202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0245308634183202&plah=www.prosites.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a52523e397e997522f0f631945b5081879863bccd4ed5ce083865c8459231063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 139ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.prosites.co.il

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
39ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.prosites.co.il

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1850 154 KB
40 KB 507ms
433ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&adk=1812271804&adf=3025194257&lmt=1639082102&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102790&bpp=2&bdt=234&idt=171&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4218030820969&frm=20&pv=2&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=195

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d386b7f990a28973f56908bf6b473bf847bc2aa6c2e689be58f79f33d67e56b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Dec 2021 20:35:03 GMT
server: cafe
content-length: 40590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 20:35:03 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 61CC 430 B
374 B 705ms
649ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&h=100&slotname=6925030410&adk=3340179888&adf=2830734558&pi=t.ma~as.6925030410&w=320&lmt=1639082102&psa=0&format=320x100&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102792&bpp=2&bdt=236&idt=206&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4218030820969&frm=20&pv=1&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1262&ady=479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=o6Nkb2paGA&p=https%3A//www.prosites.co.il&dtd=211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6340648a975c8343d21568e71a89773b23cf259c6c820744ef5bf2954af1e66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Dec 2021 20:35:03 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 20:35:03 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51C9 430 B
377 B 503ms
456ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&h=180&slotname=7815071067&adk=1179630737&adf=1340884760&pi=t.ma~as.7815071067&w=280&lmt=1639082103&psa=0&format=280x180&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102794&bpp=1&bdt=238&idt=215&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100&nras=1&correlator=4218030820969&frm=20&pv=1&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1287&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DGhbvVwnmC&p=https%3A//www.prosites.co.il&dtd=218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f8d4914460d1423ff9ef14692eeb6eaa9475759593f647fe172c37ec934a9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Dec 2021 20:35:03 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 20:35:03 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A99 430 B
374 B 539ms
498ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0245308634183202&output=html&h=180&slotname=7815071067&adk=1179630737&adf=201668668&pi=t.ma~as.7815071067&w=280&lmt=1639082103&psa=0&format=280x180&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639082102795&bpp=1&bdt=240&idt=221&shv=r20211207&mjsv=m202112010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x100%2C280x180&nras=1&correlator=4218030820969&frm=20&pv=1&ga_vid=1946038394.1639082103&ga_sid=1639082103&ga_hid=1175489053&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1287&ady=3338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063859%2C31063911&oid=2&pvsid=2103625087505733&pem=661&tmod=929&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=nC2vIzg4wp&p=https%3A//www.prosites.co.il&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

221b988abede83cf3ed1afff9b2c1a5ba5ad89e3b34b5587ac42a64cb3808292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 09 Dec 2021 20:35:03 GMT
server: cafe
content-length: 207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 20:35:03 GMT
cache-control: private

GET
H3 200 2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
fonts.gstatic.com/s/assistant/v8/ 11 KB
11 KB 72ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v8/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5aecd2ce89702ca4f7f04c04e45dc63195c2aa23ba78c169d37885cb98388b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.prosites.co.il
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:00:57 GMT
x-content-type-options: nosniff
age: 174845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11188
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:35:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:00:57 GMT

GET
H3 200 2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGSV35Gu.woff2
fonts.gstatic.com/s/assistant/v8/ 3 KB
3 KB 71ms
45ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v8/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGSV35Gu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc1867f8895b5ba68359899f569e062a78a29545f8406a63c4f3a7d29c3255d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.prosites.co.il
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:56:59 GMT
x-content-type-options: nosniff
age: 207483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3384
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 17:36:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 10:56:59 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 70ms
34ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1175489053&t=pageview&_s=1&dl=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035&ul=en-us&de=windows-1255&dt=%D7%9E%D7%97%D7%99%D7%A8%D7%95%D7%9F%20%D7%94%D7%95%D7%91%D7%9C%D7%95%D7%AA%20-%20%D7%94%D7%95%D7%91%D7%9C%D7%95%D7%AA%20-%20David%20%7C%20%2C%20%D7%9B%D7%AA%D7%99%D7%91%D7%AA%20%D7%94%D7%9E%D7%9C%D7%A6%D7%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=582769521&gjid=981544251&cid=1946038394.1639082103&tid=UA-5951446-3&_gid=87706852.1639082103&_r=1&gtm=2wgc10M4BDVGF&z=877471385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prosites.co.il/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.prosites.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/ 148 KB
53 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112010101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7521bbacc794c3c41ca146692d289df5dacff25938f1602952592ca8955ec205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53774
x-xss-protection: 0
server: cafe
etag: 3930158555583933276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 71ms
37ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.prosites.co.il

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 86ms
40ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.prosites.co.il

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 9A9F 11 KB
5 KB 60ms
25ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Dec 2021 18:38:26 GMT
expires: Thu, 23 Dec 2021 18:38:26 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 6997
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame 22C6 11 KB
5 KB 52ms
28ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Dec 2021 18:38:26 GMT
expires: Thu, 23 Dec 2021 18:38:26 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 6997
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 9A9F 4 KB
634 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 20:34:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 20:35:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A9F 205 B
295 B 105ms
32ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 13:41:42 GMT
x-content-type-options: nosniff
age: 24801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 13:41:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A9F 604 B
1 KB 103ms
30ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:17:20 GMT
x-content-type-options: nosniff
age: 1063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 20:17:20 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 9A9F 19 KB
8 KB 109ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8346
x-xss-protection: 0
server: cafe
etag: 3177319193432224586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:32:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2A43 624 B
300 B 37ms
37ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhD6r-P_ARixoIa9ATAB&v=APEucNVknS0Ypzoli_HQRXeLv24xc6Mb7A_KMf8WbuopUk0HBKEJYQdiMiMV9FQDovLnyBhP6kPHiPLzYMTAx6qdwnlj--HX93knyHcrK8ht4N5exDCanwDhkr9oRCN2lOOFnOjlSVAjw1boxDNTPyZ0B2kd_zBW251lcXlLCBiOCGsjNb3OXlI

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 09 Dec 2021 20:35:03 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BCFC 24 KB
14 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOTLwzKJUG-CU822hlmcHRc-LDC59_8CjoaRRhY1JQboJtK3Vl0_bjgQIdGm7lvUW8OU2oc6f2EA79gcH_wo7yW4bIr13Kn8PFA0fxVnQfv2UGiodlnokr2q7LJjLhQqawSNRI8FFPFV9o6kyX-DhILt9Irg&cry=1&dbm_d=AKAmf-ABixjmONrq3q9jLVqct13D7LRJuAv2sltAtSg9WDqguPGsjZAZV2q5ETWVsbIATLs-TZ6uhG4fOLNAAsM_IvdaBaGtLCJ6UcLCZnMnwQxR-kTypMvBLEb4A9_d4pGVpZBtyP-ISuqwZu2mRygIsUKHnX41isUxyCs-BA9vFdp9sWutrIKkIk4hpytZfdArJ5HpDzwIfG6cBLsgwxjUmVsixn7w9yHFdAkKKf1QHRtnUtAVxv_pCVWT5BDTKkH-6CxvYcyRPI-gTmYrkW8_NQ5vjZQR4s2038mGIKfdunfbODB8HsOwIsFCOtKVAEOah8R-m1DvlfaesviEEbJTRUrD-Iord-Joy8u4JYGBOmsygAADM_9mU7R0BvS57bjXd8HB4xA3R1xPQLsa2z8VK7CmjIOa1NYNjeLFDMZqK4VBsVNMKE2ZgC1Zfj3THBYkEDf9nrsB6vDxsaUnxhg2vv1vmpqPK91JYhUJivb3XjhzUpgCtPiTbkV4aNyyrrNIy7LTXs5J_x5QlguOne_pgxXFbmmIvFNubpxT8HqnAVoU2_0o2ePVYUyoVQJDmnWwG45sn5h85twmK6WJfAH2FGnUMzMRGc_JHtgl80VCHwA-R1knz3BgFY_4hYbsh7BoPVAS3OvKd9CritBMAFYSwkdECc0R4a1bP6adxg9-4z6RPhFE9f_GZ2NS8Gm0_4t1XUh4nFaS6Mn5EnRBd63JIYzE5eStGDYaurOn6TxCzYAex9FKsExtoRhgjCxhOjioEZ_0uL4BO9XDRS5DgrDaKaKu05RoIKFVNurzAi80gC7y3Bhg1JfE7Poz_zI5870qJTzXTO4WMALjiV6FR68Q9Ss1-p-2kxoQ3eZc3fpLA0ZtjbmRJxp-LuL4H2IX91M0cBakhKbG2wOvEnu6s69OZigfXOz6pOnQywyMzJNatzPVUvJolJUs5d_XjTxwhezBYUsB7FExe_6xQxQhK18TqmswfwGNERRmuYF4FCgckVaL3NNStT31iVbRyNc_GGMNfhstKUoifrrq7ECkTXcpd9YoO9LCdRIQwoZqqtrUJKjbcSfRXVBhNvETQUKjIUEGVY2O4o-lDJw3ZqurblqA9oNcZyhjjQn412cQWch9vTMkMDXKsv6qVWgLlebTWhud3V0eM796GOzcqyl3237auLD4yTxAMpW8tfF6Q9q8kfczwzFmnUqsRDp4YFc243U8yNFpompkXuVdfGBE5V4PEqTzmQS-npvukzIMBqvUu9EMnP99dU5cdmvV3oqRe_kjuCfL7Kwg5S-KgAFaEPKMcHsGGPpELK6m1Kasi0FV_yASLHzlqcfXoG-2CYF-Utirw48EKUU6Q5GnereMI8UTq8H3zU86Pt6EtUJufqneG80PmbLoRm6Q35KS0cOjXULb5jreT5cwvsgo0kI3Hy8cJtkto6HI9Z-8qADpRt7OAYCBgIAVi02myn26cba9lOve4wehG5oq6nbIDQKG10uoIeyZbctlkZokS25azeDvWOS1kmYaAZCjzqMcUryzPaOyEKSO-wXWSaoRcBfZ_rsbiMF6-0MIT-q9PRgRt3J19Pos5ZPhOMKNoUV86nvrqmfqmygU039IA3mnIDtI8r2iTLNr5RjY_IKIDfzD4wiDRP2RUY5PvO88S4F6xUo1_W3hxAV91tIyb3W8jrKIJU5FygMYWqVaBMfjNDhlnTbmnwpXIlgSP5W8yAk1jLQiaD8UX57di6MHf9kVkM69WGyjQ8vNC8oqnu45d2a184mz8CWQSbZGlsY76MBVkOrNyAe7iWZb2OUrUzr0WnMdQMomp_D7rAe4MvcyfPyY4-JRzVLHtHSURSvuUbGdRNY8j667g_iFf5PF3uQTU4enJTLnzpaoCW7NLXqanUoDZttvos8L5J_BrA2xRgljwcsDx95CXkeCeB_ZKUQaomxtZ6HO3eUV-UMGsMwAlQEvE9W2TkyNm_wwaWSUmprR0YHpCPLmzGA3ef_xivYrrujm16zAleuwPia2iM7eGsq6F_Fy3kNNKxy-TieJmr5-64YOK5Xv5POrVJrI4vxsWzZc8y-IvpHzErLUUywXYjcMbUnorHPPF8MqCGxDHOPMBX66kJxIyGBTtQbIS46PiXt4IXbJfybimIu9nxfFw5NZmiEhenZGa_PReUY-59w8N2aZvuRXOv9ZyTEs9QXFApMOQ15b-lNz5Z25K7DbGQ4mv8KCZeyo0Jlvk_dl9lD-n4iHcp67CR0D7kEElIxXUAxMYlBFGI6GK_X4T8b2AhIkHuse6sFvL6gEhgZD18suz21EuqZQGQ0vsGfp6RhyXz4RTG3n1g2i4yrc1HzthPynRFqd6eq2kUFMH6oC-A9plmqZwAyvJf-Qqyw1tVWGA5tXumbGGCFD86nFjiL6QqTLVQZj09xdyIJFAaCV8XCCOHYMlT5IgOU4wTkz1OLC3ipZiBMqru9SuwVyyW1ab_aV-qdkIrQqdE6VhEYMBpOmggCaaf6OJIU3W4QYly4JXka3-sC5b-1t55_pL28vua4JpMusbPz14T9HUXpldOg598g4rbsOST_vBkxvvvVdvmRCmDzhIN7kceM3Te7Vyhq-2aqM_5yGm0zErtD-uvYI0ZW_LJp6ILbhfzxkGFTXsKPwSiiaSF06DT32MOzjemffLFvEFTj7Wm1y5yt5Tsc_EdYCvHOjn30glrw0U3jSKFD8UzaCVa-rAex8wdWML56Zyoij6xTzSeOPIK50MMnSVia39rb9BodOGUhXkAZ8qIFaQvqy4VAAuKLkQ6gBjkWe_MO80qzyEYM2qYcInljWHR14oVu3_XvBWV0XDzfOidyiQYyIQlthdEOK3GAbqefAx9m8xSQwaf2YlRBnpV7ayNc6dSJc_C4gmzwvyn5dNuRMTfbimuGzl8HWsqNp5os5fNfC-i2T_Ob6qZ0K-hLwzC86qW6mHRBVYZQp887ptSU-wr8CqsHCMsWWT5J_InMMd-m3TrqUZzUlDTmufwdTC2508kNftFk_vaU3N4vAz-wX7fXtcWh4MJ5ckg&cid=CAASBORobgE&rfl=2%2Chttps%253A%252F%252Fwww.prosites.co.il%252F%240

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

850e524615a11e2b51e1ac8345afd12707dc0b2aa9c4cda7c85f490ca695c80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/760547/58793513/ Frame BCFC 47 KB
12 KB 195ms
56ms Script
application/javascript 34.249.30.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/760547/58793513/skeleton.js?ias_dspID=3&ias_campId=15950141&ias_pubId=pub-0245308634183202&ias_chanId=1&ias_placementId=15451206156&bidurl=https://www.prosites.co.il/recommendation.asp&ias_dealId=
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.30.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-30-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4fd01e6598979d03d8b332a7888a60a84b407606a4cdd57af2230be29e61d918

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BCFC 2 KB
1 KB 97ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:30:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCFC 119 KB
37 KB 142ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BCFC 15 KB
7 KB 90ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:31:55 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BCFC 42 B
63 B 61ms
61ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ds9D6qDjtWCB9ZIrBfadKYrQmGY-hzFfuWfigAzsWKOqMS41BIzIig38GAJiE0kRwU7slazJHhFUA54sA3qNjzdQTcn9fRVzeI2v7nCLpO73_l-0o

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 146ms
29ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prosites.co.il/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5553
date: Thu, 09 Dec 2021 19:02:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 09 Dec 2021 21:02:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame BCFC 24 KB
9 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOTLwzKJUG-CU822hlmcHRc-LDC59_8CjoaRRhY1JQboJtK3Vl0_bjgQIdGm7lvUW8OU2oc6f2EA79gcH_wo7yW4bIr13Kn8PFA0fxVnQfv2UGiodlnokr2q7LJjLhQqawSNRI8FFPFV9o6kyX-DhILt9Irg&cry=1&dbm_d=AKAmf-ABixjmONrq3q9jLVqct13D7LRJuAv2sltAtSg9WDqguPGsjZAZV2q5ETWVsbIATLs-TZ6uhG4fOLNAAsM_IvdaBaGtLCJ6UcLCZnMnwQxR-kTypMvBLEb4A9_d4pGVpZBtyP-ISuqwZu2mRygIsUKHnX41isUxyCs-BA9vFdp9sWutrIKkIk4hpytZfdArJ5HpDzwIfG6cBLsgwxjUmVsixn7w9yHFdAkKKf1QHRtnUtAVxv_pCVWT5BDTKkH-6CxvYcyRPI-gTmYrkW8_NQ5vjZQR4s2038mGIKfdunfbODB8HsOwIsFCOtKVAEOah8R-m1DvlfaesviEEbJTRUrD-Iord-Joy8u4JYGBOmsygAADM_9mU7R0BvS57bjXd8HB4xA3R1xPQLsa2z8VK7CmjIOa1NYNjeLFDMZqK4VBsVNMKE2ZgC1Zfj3THBYkEDf9nrsB6vDxsaUnxhg2vv1vmpqPK91JYhUJivb3XjhzUpgCtPiTbkV4aNyyrrNIy7LTXs5J_x5QlguOne_pgxXFbmmIvFNubpxT8HqnAVoU2_0o2ePVYUyoVQJDmnWwG45sn5h85twmK6WJfAH2FGnUMzMRGc_JHtgl80VCHwA-R1knz3BgFY_4hYbsh7BoPVAS3OvKd9CritBMAFYSwkdECc0R4a1bP6adxg9-4z6RPhFE9f_GZ2NS8Gm0_4t1XUh4nFaS6Mn5EnRBd63JIYzE5eStGDYaurOn6TxCzYAex9FKsExtoRhgjCxhOjioEZ_0uL4BO9XDRS5DgrDaKaKu05RoIKFVNurzAi80gC7y3Bhg1JfE7Poz_zI5870qJTzXTO4WMALjiV6FR68Q9Ss1-p-2kxoQ3eZc3fpLA0ZtjbmRJxp-LuL4H2IX91M0cBakhKbG2wOvEnu6s69OZigfXOz6pOnQywyMzJNatzPVUvJolJUs5d_XjTxwhezBYUsB7FExe_6xQxQhK18TqmswfwGNERRmuYF4FCgckVaL3NNStT31iVbRyNc_GGMNfhstKUoifrrq7ECkTXcpd9YoO9LCdRIQwoZqqtrUJKjbcSfRXVBhNvETQUKjIUEGVY2O4o-lDJw3ZqurblqA9oNcZyhjjQn412cQWch9vTMkMDXKsv6qVWgLlebTWhud3V0eM796GOzcqyl3237auLD4yTxAMpW8tfF6Q9q8kfczwzFmnUqsRDp4YFc243U8yNFpompkXuVdfGBE5V4PEqTzmQS-npvukzIMBqvUu9EMnP99dU5cdmvV3oqRe_kjuCfL7Kwg5S-KgAFaEPKMcHsGGPpELK6m1Kasi0FV_yASLHzlqcfXoG-2CYF-Utirw48EKUU6Q5GnereMI8UTq8H3zU86Pt6EtUJufqneG80PmbLoRm6Q35KS0cOjXULb5jreT5cwvsgo0kI3Hy8cJtkto6HI9Z-8qADpRt7OAYCBgIAVi02myn26cba9lOve4wehG5oq6nbIDQKG10uoIeyZbctlkZokS25azeDvWOS1kmYaAZCjzqMcUryzPaOyEKSO-wXWSaoRcBfZ_rsbiMF6-0MIT-q9PRgRt3J19Pos5ZPhOMKNoUV86nvrqmfqmygU039IA3mnIDtI8r2iTLNr5RjY_IKIDfzD4wiDRP2RUY5PvO88S4F6xUo1_W3hxAV91tIyb3W8jrKIJU5FygMYWqVaBMfjNDhlnTbmnwpXIlgSP5W8yAk1jLQiaD8UX57di6MHf9kVkM69WGyjQ8vNC8oqnu45d2a184mz8CWQSbZGlsY76MBVkOrNyAe7iWZb2OUrUzr0WnMdQMomp_D7rAe4MvcyfPyY4-JRzVLHtHSURSvuUbGdRNY8j667g_iFf5PF3uQTU4enJTLnzpaoCW7NLXqanUoDZttvos8L5J_BrA2xRgljwcsDx95CXkeCeB_ZKUQaomxtZ6HO3eUV-UMGsMwAlQEvE9W2TkyNm_wwaWSUmprR0YHpCPLmzGA3ef_xivYrrujm16zAleuwPia2iM7eGsq6F_Fy3kNNKxy-TieJmr5-64YOK5Xv5POrVJrI4vxsWzZc8y-IvpHzErLUUywXYjcMbUnorHPPF8MqCGxDHOPMBX66kJxIyGBTtQbIS46PiXt4IXbJfybimIu9nxfFw5NZmiEhenZGa_PReUY-59w8N2aZvuRXOv9ZyTEs9QXFApMOQ15b-lNz5Z25K7DbGQ4mv8KCZeyo0Jlvk_dl9lD-n4iHcp67CR0D7kEElIxXUAxMYlBFGI6GK_X4T8b2AhIkHuse6sFvL6gEhgZD18suz21EuqZQGQ0vsGfp6RhyXz4RTG3n1g2i4yrc1HzthPynRFqd6eq2kUFMH6oC-A9plmqZwAyvJf-Qqyw1tVWGA5tXumbGGCFD86nFjiL6QqTLVQZj09xdyIJFAaCV8XCCOHYMlT5IgOU4wTkz1OLC3ipZiBMqru9SuwVyyW1ab_aV-qdkIrQqdE6VhEYMBpOmggCaaf6OJIU3W4QYly4JXka3-sC5b-1t55_pL28vua4JpMusbPz14T9HUXpldOg598g4rbsOST_vBkxvvvVdvmRCmDzhIN7kceM3Te7Vyhq-2aqM_5yGm0zErtD-uvYI0ZW_LJp6ILbhfzxkGFTXsKPwSiiaSF06DT32MOzjemffLFvEFTj7Wm1y5yt5Tsc_EdYCvHOjn30glrw0U3jSKFD8UzaCVa-rAex8wdWML56Zyoij6xTzSeOPIK50MMnSVia39rb9BodOGUhXkAZ8qIFaQvqy4VAAuKLkQ6gBjkWe_MO80qzyEYM2qYcInljWHR14oVu3_XvBWV0XDzfOidyiQYyIQlthdEOK3GAbqefAx9m8xSQwaf2YlRBnpV7ayNc6dSJc_C4gmzwvyn5dNuRMTfbimuGzl8HWsqNp5os5fNfC-i2T_Ob6qZ0K-hLwzC86qW6mHRBVYZQp887ptSU-wr8CqsHCMsWWT5J_InMMd-m3TrqUZzUlDTmufwdTC2508kNftFk_vaU3N4vAz-wX7fXtcWh4MJ5ckg&cid=CAASBORobgE&rfl=2%2Chttps%253A%252F%252Fwww.prosites.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:15:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BCFC 41 KB
15 KB 95ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 18:05:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 18:05:43 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2A43
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&C=1

43 B
1013 B

134ms
134ms

Image
image/gif

2.19.120.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhD6r-P_ARixoIa9ATAB&v=APEucNVknS0Ypzoli_HQRXeLv24xc6Mb7A_KMf8WbuopUk0HBKEJYQdiMiMV9FQDovLnyBhP6kPHiPLzYMTAx6qdwnlj--HX93knyHcrK8ht4N5exDCanwDhkr9oRCN2lOOFnOjlSVAjw1boxDNTPyZ0B2kd_zBW251lcXlLCBiOCGsjNb3OXlI
Protocol: HTTP/1.1
Server: 2.19.120.108 Skondal, Sweden, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-120-108.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 20:35:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 09 Dec 2021 20:35:04 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 20:35:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2A43
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbJod-2xoOrXOqmC.nIvtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&google_hm=2

43 B
892 B

86ms
86ms

Image
image/gif

2.19.120.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhD6r-P_ARixoIa9ATAB&v=APEucNVknS0Ypzoli_HQRXeLv24xc6Mb7A_KMf8WbuopUk0HBKEJYQdiMiMV9FQDovLnyBhP6kPHiPLzYMTAx6qdwnlj--HX93knyHcrK8ht4N5exDCanwDhkr9oRCN2lOOFnOjlSVAjw1boxDNTPyZ0B2kd_zBW251lcXlLCBiOCGsjNb3OXlI
Protocol: HTTP/1.1
Server: 2.19.120.108 Skondal, Sweden, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-120-108.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 20:35:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 09 Dec 2021 20:35:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG9ennAQ7DJ-LAz1jFwuNRs&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2A43
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA5KLhb8fsZ5pCfXfwaXwOs&google_cver=1

43 B
1002 B

35ms
34ms

Image
image/gif

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA5KLhb8fsZ5pCfXfwaXwOs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhD6r-P_ARixoIa9ATAB&v=APEucNVknS0Ypzoli_HQRXeLv24xc6Mb7A_KMf8WbuopUk0HBKEJYQdiMiMV9FQDovLnyBhP6kPHiPLzYMTAx6qdwnlj--HX93knyHcrK8ht4N5exDCanwDhkr9oRCN2lOOFnOjlSVAjw1boxDNTPyZ0B2kd_zBW251lcXlLCBiOCGsjNb3OXlI

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 20:35:03 GMT
X-Proxy-Origin: 82.102.26.68; 82.102.26.68; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 968141fd-4f87-4fab-80b2-f0025c2a07e9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA5KLhb8fsZ5pCfXfwaXwOs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A43
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyODQ0MzgzMzIzMzg2NTM5NA%3D%3D

170 B
188 B

76ms
40ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyODQ0MzgzMzIzMzg2NTM5NA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Dec 2021 20:35:03 GMT
X-Proxy-Origin: 82.102.26.68; 82.102.26.68; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 71d1c2d1-0fa4-4290-9e93-210f3855175f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyODQ0MzgzMzIzMzg2NTM5NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 51BC 4 KB
668 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CHeebo%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

018119d5efd35decf021d376894abc71a39a4185010e054240611762ff0f6de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 20:11:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 20:35:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 51BC 1 KB
880 B 86ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:22:40 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 51BC 19 KB
8 KB 66ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:32:54 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 51BC 2 KB
1 KB 71ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:30:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51BC 119 KB
36 KB 74ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Dec 2021 20:35:03 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 51BC 15 KB
6 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 20:29:09 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 51BC 27 KB
11 KB 61ms
29ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:06:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Mar 2022 19:06:41 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 66ms
33ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1651669229&utmhn=www.prosites.co.il&utmcs=windows-1255&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D7%9E%D7%97%D7%99%D7%A8%D7%95%D7%9F%20%D7%94%D7%95%D7%91%D7%9C%D7%95%D7%AA%20-%20%D7%94%D7%95%D7%91%D7%9C%D7%95%D7%AA%20-%20David%20%7C%20%2C%20%D7%9B%D7%AA%D7%99%D7%91%D7%AA%20%D7%94%D7%9E%D7%9C%D7%A6%D7%94&utmhid=1175489053&utmr=-&utmp=%2Frecommendation.asp%3FID%3D14035&utmht=1639082104068&utmac=UA-5951446-3&utmcc=__utma%3D262016588.1946038394.1639082103.1639082104.1639082103.1%3B%2B__utmz%3D262016588.1639082104.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1318671935&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQBAAAE~

Requested by

Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 167ms
54ms Script
application/x-javascript 2.17.169.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.169.171 Skondal, Sweden, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-169-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C4B8D6517893E829
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51033
accept-ranges: bytes
content-length: 948
x-amz-id-2: ryoFLX3he4rCsPaVXzURym8MOrreY3QyTPOJMo6odaymDMsa/e41AaPRhBIb94X/U70McYxtEjo=

GET
H/1.1 200
OK wheelchair.ashx
www.negishim.com/accessibility/ 306 B
610 B 111ms
111ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/wheelchair.ashx?is_pro=1&fps=550789127bfdf8b25032d2de576fca02&v=255&css_style=1&src=www.prosites.co.il&purl=https://www.prosites.co.il/recommendation.asp^ID=14035&ii=1639082104122
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5097c822a21c85df71171072a93e7f439de3c813e85f08ee44c60db1d3d06de5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Disposition: attachment; filename=wheelchair_18_black.png
Content-Length: 306

GET
H/1.1 200
OK menu_18_black.png
www.negishim.com/accessibility/ 237 B
483 B 221ms
109ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/menu_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 869ea62eaf5a43cebda3959180d48e30d83568d6dab66a1668797b3d2115a57e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Tue, 30 Aug 2016 15:50:47 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b0be4146d62d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 237

GET
H/1.1 200
OK font_size_18_black.png
www.negishim.com/accessibility/ 159 B
404 B 331ms
110ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/font_size_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9ce8fc1e991fd4e104de2bc58d3e069142e3c19ae35bd19c3759124b306a6fcc

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Tue, 30 Aug 2016 18:51:55 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "3d9e394ef2d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 159

GET
H/1.1 200
OK contrast_18_black.png
www.negishim.com/accessibility/ 285 B
531 B 343ms
114ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/contrast_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d5657761b83b78fd9e8db73283ad1cbf05aafbcd0774321f4097630da3b5cc2e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 285

GET
H/1.1 200
OK gray_images_18_black.png
www.negishim.com/accessibility/ 218 B
464 B 432ms
107ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/gray_images_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b5ae9008d4f723cbe585d776f9693d6c4b65a3cf757b0e189e9fdda38fb5483e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:42 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 218

GET
H/1.1 200
OK underline_18_black.png
www.negishim.com/accessibility/ 308 B
554 B 436ms
109ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/underline_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9402439af5da5d0507dd51c79c4a84ee8944152c2a34231df4410993fff2ea19

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:42 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 308

GET
H/1.1 200
OK eye_blocked_18_black.png
www.negishim.com/accessibility/ 341 B
587 B 326ms
109ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/eye_blocked_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c7bc017c71f72c012df4b09cb321091b4448b72f9174ac5d92b2ba45a82da964

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:42 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 341

GET
H/1.1 200
OK font_18_black.png
www.negishim.com/accessibility/ 292 B
538 B 184ms
108ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/font_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3ff5b32447f60a7aacdb99ff951585ba85809756f263b481f0a6cc9cd9966125

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 292

GET
H/1.1 200
OK close_18_black.png
www.negishim.com/accessibility/ 265 B
510 B 185ms
109ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/close_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e1bb0facbd5151b5ce31dd798a25624666a0e943c4bb57c9e0a8e88ea5e4aba9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Wed, 06 Sep 2017 12:17:58 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "63c3f2da27d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 265

GET
H/1.1 200
OK power_off_18_black.png
www.negishim.com/accessibility/ 303 B
549 B 188ms
110ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/power_off_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f32171a4d21f4fe45729e31d37257be9b75fbbf3f42ded3ad6c46c1bba7f1509

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 303

GET
H/1.1 200
OK info_18_black.png
www.negishim.com/accessibility/ 303 B
549 B 183ms
109ms Image
image/png 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.negishim.com/accessibility/info_18_black.png
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6bd9f3ab8929b5199116b3dcdc63c1a6dea5dd1a2e32f5c64cc362dd02dc3ec3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:41 GMT
Last-Modified: Sun, 17 Sep 2017 07:37:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "05b13dd872fd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 303

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5baa306bfab610b9/ 1 KB
746 B 288ms
287ms Script
application/javascript 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5baa306bfab610b9/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-188-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1fe8d7aaf080dd491c317317f5bcd07e254283c8b865247d6834c27541ac1423

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:04 GMT
content-encoding: gzip
etag: 772624928--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=55, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 571

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 166ms
165ms Script
application/javascript 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61b26878d29304f5&bkl=0&bl=1&pdt=345&sid=61b26878d29304f5&pub=ra-5baa306bfab610b9&rev=v8.28.8-wp&ln=he&pc=men&cb=0&ab=-&dp=www.prosites.co.il&fp=recommendation.asp%3FID%3D14035&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=windows-1255&mk=%D7%9E%D7%97%D7%99%D7%A8%D7%95%D7%9F%20%D7%94%D7%95%D7%91%D7%9C%D7%95%D7%AA%20-%20%D7%94%D7%95%D7%91%D7%9C%D7%95%D7%AA%20-%20David%2C%D7%A4%D7%A8%D7%A1%D7%95%D7%9D%20%D7%97%D7%99%D7%A0%D7%9D%2C%D7%91%D7%A0%D7%99%D7%99%D7%AA%20%D7%90%D7%AA%D7%A8%D7%99%D7%9D%2C%D7%9B%D7%A8%D7%98%D7%99%D7%A1%20%D7%A2%D7%A1%D7%A7%2C%D7%9B%D7%A8%D7%98%D7%99%D7%A1%20%D7%A2%D7%A1%D7%A7%20%D7%97%D7%99%D7%A0%D7%9E%D7%99%2C%D7%90%D7%99%D7%A0%D7%93%D7%A7%D7%A1%20%D7%A2%D7%A1%D7%A7%D7%99%D7%9D%2C%D7%A4%D7%95%D7%A8%D7%98%D7%9C%20%D7%A2%D7%A1%D7%A7%D7%99%D7%9D%2C%D7%9E%D7%9E%D7%9C%D7%99%D7%A6%D7%99%D7%9D&colc=1639082104159&jsl=33&uvs=61b26878fe37f597000&skipb=1&callback=addthis.cbs.jsonp__85524858154622870
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),
Reverse DNS: a84-53-188-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 936b9bd60f77638361da671036617500ea501049613b4b4cf10b4b86360d5858

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:03 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame DB75 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6D4A 71 KB
26 KB 47ms
46ms Document
text/html 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 09 Dec 2021 20:35:03 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.he.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 137ms
52ms XHR
application/json 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.he.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

f893d3ffe4a31043a86830dd67631d06247f6c73bade18e809e70a66f511fafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-101f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Thu, 09 Dec 2021 20:35:03 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1710

GET
H2 200 player Show response
realtime.clinch.co/video/player_v1/ Frame 58A5 13 KB
14 KB 423ms
196ms Document
text/html 34.196.196.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.196.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-196-242.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 4f74ecd9a7532b7361e318a8d6fbd78a31903599e02692f805c6eeb3ab68f1c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 09 Dec 2021 20:35:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: no-store
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 main.gr.19.8.270.js Show response
static.adsafeprotected.com/ Frame BCFC 187 KB
60 KB 105ms
32ms Script
application/javascript 2600:9000:223f:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.270.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/760547/58793513/skeleton.js?ias_dspID=3&ias_campId=15950141&ias_pubId=pub-0245308634183202&ias_chanId=1&ias_placementId=15451206156&bidurl=https://www.prosites.co.il/recommendation.asp&ias_dealId=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:19 GMT
content-encoding: gzip
age: 1464825
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 21:26:13 GMT
server: AmazonS3
etag: W/"97555862abc91b6f26be3ae590ed242e"
vary: Accept-Encoding
x-amz-version-id: SdE4MbHi75sePjhKKdXAKekDupsz0WTg
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: hwtnAYnzCHeoKJgmvMG56tl3BQfiG_6Cvn_D-TauFjSK1N3B5HLrwA==

GET
DATA 200
OK truncated
/ Frame BCFC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daeeeca91f41cc7d7aea51ca90024f6ba4f2df886570226c822b2b140c8d0df1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C68 143 B
163 B 26ms
25ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 09 Dec 2021 20:04:34 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 355B 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 09 Dec 2021 18:05:45 GMT
expires: Fri, 09 Dec 2022 18:05:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ls.ashx Show response
www.negishim.com/accessibility/ 0
257 B 112ms
111ms Script
application/json 199.203.20.98
NV-ASN CELLCOM ltd.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.negishim.com/accessibility/ls.ashx?ii=1639082104284&callback=jsonpCallback&_=1639082102843
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.203.20.98 Ness Ziona, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:39:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9C68
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

89ms
88ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 09 Dec 2021 20:35:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 09 Dec 2021 20:35:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 09 Dec 2021 20:35:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 355B 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 10:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 10:07:02 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame BCFC
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/760547/58793513/skeleton.js?ias_dspID=3&ias_campId=15950141&ias_pubId=pub-0245308634183202&ias_chanId=1&ias_placementId=15451206156&bidurl=https://www.prosi...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

26ms
26ms

Script
application/javascript

2600:9000:223f:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
age: 13435148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: A4y3XtoRbCJdl_XRrwxneefRteu04_d_5nq-xDj9ItrDZ_DR6hTd7A==

Redirect headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-server-name: app22.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 7F2B 80 KB
21 KB 28ms
27ms Script
application/javascript 2600:9000:223f:ac00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 08:08:31 GMT
content-encoding: gzip
age: 6006394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: v-gzhJmkJuyGdbcUvAmHfYLEYQrTfq_vEK6xt5z_LKC-n5Lmbz2McQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
215 B 615ms
201ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKGEA,pingTime:-3,time:213,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:188%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:214,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:188,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
216 B 608ms
197ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKGEC,pingTime:-6,time:215,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:188,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:www.prosites.co.il*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
215 B 587ms
198ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKGEZ,pingTime:-2,time:238,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:417,beZ:419,mfA:589,cmA:590,inA:590,inZ:594,prA:594,prZ:599,si:607,poA:608,poZ:623,cmZ:623,mfZ:623,loA:632,loZ:635,ltA:656,ltZ:656%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.94,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:188%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:238,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:188,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,sinceFw:47,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 39ms
39ms Script
application/javascript 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 09 Dec 2021 20:35:04 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 14.2dfb61b890959f78272d.js Show response
s7.addthis.com/static/ 397 B
544 B 39ms
39ms Script
application/javascript 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/14.2dfb61b890959f78272d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-18d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 09 Dec 2021 20:35:04 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 304

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 46ms
46ms Script
application/javascript 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 09 Dec 2021 20:35:04 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
279 B 400ms
385ms XHR
application/json 84.53.188.140
AKAMAI-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.prosites.co.il%2Frecommendation.asp%3FID%3D14035

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.53.188.140 , Netherlands, ASN34164 (AKAMAI-LON, NL),

Reverse DNS

a84-53-188-140.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.prosites.co.il/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://www.prosites.co.il/recommendation.asp?ID=14035
last-modified: Thu, 09 Dec 2021 20:00:00 GMT
server: nginx/1.15.8
date: Thu, 09 Dec 2021 20:35:04 GMT
content-type: application/json
access-control-allow-origin: https://www.prosites.co.il
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 355B 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By_n8d2iyYe_yGtfc7_UPkaa0uAkAAAAAOAHgBAI&bg=!NzSlNHDNAAZKWFskSlg7ACkAdvg8WhBeDErG5wlicrR_nXPARTv9X3T_-JcnEPuhS3K_gsDBEtIboQIAAAB2UgAAABhoAQeZAt0u0VLXj685_gwIXFMcY1szlxHfW2oT1ymWbqpTSgp81FLuhamO093cI1Dvue3vUK7SUNAl8gZeqqJjbR2k_1LI7WOHynB6DSUsh9kVNHxBtBADVLv-pQgavZuxb03tgtexLLNhIaXAKK4bjhNUnitk_r2dVPPYZe98IppP2ThgNtq2qyHHa6PJMmQJmeprQqdzTmIlHgGdMC-l4G4cJVyA-rnlFN-9SmCGUSzrpe9BvOq4lUPZIqeYblXtzd5Mm74BnsCcgDWJJxLd2iSKFL5xptCErtPIohLV1qBSY4gHzkl1T_nHv_uEqDc-ZXXrq9U6glsv-ivtZm8vIQO6onntdGyWQ7ftcFuOsNnM1jHhV6OpD1RBI-1LXetysJmlLFHmRZpZMfGStk1onpYqCDuy2S_kWYvKwNYCOr9Vsi382fHMSpVvzWBn9s-8TRJyZ4hIXjSVRnHv3BhZhBRF_O6eM3SzRfsdvLu7xexUdMuSzXRyfmTGQRzlwpGrNokvUWb_6LTfoHa0uPdZ1WuaBjQH7-MpwfnSNlgqwfZRLJ_kZ7_8075c5mH_q0CV5Z0Ftp0MeuE2sNq-67zrnaVjKpx1ZSu1bPE5m71t0mHzDAa4nc4hM64GjN3IpG-3iDiwLpZL4cM4LU4Rdsji8kAm9zH-bwMlH6_l19F5vzFr7Qi7VE7GOQ-st21bCvOeX0HIh_F49hgseKLSjJIGacgVdv5DyDc-90tG0DyGN1XzeqUFtVJFjgB3bSFRfAJqlZ_VMMiMSdelfy3WCQm5Cf4SjLOTW6yU13MRACqGcWJb8ZkRC9vBRoKI4EOpRFUZBtLZJvDqKUVxomeVhMbPOX2FXXVDUZa45BOrPAGyt8FsORaTAAsLXN4bYg8MU60FVRljEYCqngsO4zwS1xA5-C4G--xZkSTwmIzgbMCG0Z3M3b3bJi7wTTjTysCHfsmWz7mcPcl9nkQdTCUDckaGQEfi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK runtime_5_87.min.js Show response
cdn.clinch.co/a_js/dispad/ Frame 58A5 106 KB
41 KB 128ms
48ms Script
application/javascript 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clinch.co/a_js/dispad/runtime_5_87.min.js
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e256b656cda17c40acb11222a3c501c0989a10bd1fe17add8a8e30ba34329b70

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: XHQ28X1DGWTH7G69
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: bDLoquOPgxzOpEMFvkXpceCMSxXcw46P6IwDiupWl4A6EUrCk5JF20RREx4wbdPa88KySKb96fE=
Last-Modified: Sun, 24 Oct 2021 10:01:30 GMT
Server: AmazonS3
ETag: "2276d1a9d83ad2f9ad89c2ad376f9674"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=27527377
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Mon, 24 Oct 2022 11:04:41 GMT

GET
H/1.1 200
OK 728ax90_v8_u6_es.js Show response
cdn.clinch.co/a_styles/2540/js/ Frame 58A5 64 KB
46 KB 174ms
83ms Script
application/javascript 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clinch.co/a_styles/2540/js/728ax90_v8_u6_es.js
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc385d10d64929db54de78898502b69ab3de90d927da9307f565da5cd3e1a5f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: H8F5ENX1R7NWPPZX
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: oivcn2di3f6B/ikqDy+eA5b6IaFv7L23mJSuffx2vghKEixAPpsg2oxcIcxYeQFrb6PHln+6heQ=
Last-Modified: Thu, 16 Sep 2021 17:13:12 GMT
Server: AmazonS3
ETag: "5c59de35a528203063b15ecdaf2580d3"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813666
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:50 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
215 B 287ms
208ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKGJZ,pingTime:-10,time:548,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1639082104730%7C%7C8b7092cfc26b7c06a51f70c6197b47ea%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cc9b5efa87ccc0422e62488dc2ba782c1%7C%7C720e677d2c16552bc63c2460c37b4c4a%7C%7C832b46387ce6a618c88557329c4b4e48%7C%7C096530e67e116271a730fe0d634e44b9%7C%7C1b63f6cf80e3e688a61e5a4f965a70dc%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK Brand_brandmainlogo63767409168378.png
cdn.clinch.co/a_styles/2540/ Frame 58A5 3 KB
4 KB 82ms
28ms Image
image/png 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Brand_brandmainlogo63767409168378.png
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95e56495e6ff3a53fa095cee20f8dc8c0619b3bf0aaef0b55347a4ae0c43d3e6

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
x-amz-request-id: VPEKB0N04SM2QX2N
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 3040
x-amz-id-2: 2qVIRHNSMH1ZRxQvR6aVARIwW8QfCKqvRnfA/B7e0pdv9irQT9SU5P3RFSWUWP+8lJD3jTtSlTA=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "b4536120318cdfa54ac51d6e41d72776"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813667
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

GET
H/1.1 200
OK Background_bg563767409168534.jpg
cdn.clinch.co/a_styles/2540/ Frame 58A5 2 KB
2 KB 80ms
27ms Image
image/jpeg 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Background_bg563767409168534.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbc7ee7cb131f2f0f8e991d1a5d5b61e3f74a9520efdd055cddae32c7da6b197

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
x-amz-request-id: VPEGM12WWWEHPWYZ
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 1545
x-amz-id-2: FlWDsHqqWeuztdMEiPXt1XkIPNA6SlakrTLbDV/k7lrJ9aggQX+ZK6RTylljQV+r2NA9fTsJkvw=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "902a36b6017af1fd45e94be277f6c704"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813667
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

GET
H/1.1 200
OK Background_bg463767409168482.jpg
cdn.clinch.co/a_styles/2540/ Frame 58A5 12 KB
12 KB 83ms
31ms Image
image/jpeg 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Background_bg463767409168482.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5f7a38e28c064c3ff2dfcf0a8a36dc8212f612f086cec4763ecd89092b2d30b

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
x-amz-request-id: VPEZZ1AHY5QXY9CH
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 12070
x-amz-id-2: Wz/OriFhOMxuegNrsD4Y2KUOaqV8LH9HY3ZUT0PFxZRT2shnSoNlek7+FdllPx9o6hTvX6c0yRg=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "dfff1f2494e60e415cfde6f4ad1e65c7"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813667
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

GET
H/1.1 200
OK Background_bg363767409168550.jpg
cdn.clinch.co/a_styles/2540/ Frame 58A5 8 KB
9 KB 82ms
30ms Image
image/jpeg 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Background_bg363767409168550.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6dc241df46b8492e46eda8e311342131172be2cd9abd20c5c1d24bd6a429b9c

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
x-amz-request-id: VPEV4B3X82G7FD12
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 8644
x-amz-id-2: Y9oXCtt6qOYg1q7aw8crQFaUdTVD8E7xZUbRheqacc5feC7u1Hsf9NAk4T2WFcQjLEcKRpO/Ai8=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "8461ee6864bf98c95201996094a6676f"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813667
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

GET
H/1.1 200
OK Background_bg263767409168568.jpg
cdn.clinch.co/a_styles/2540/ Frame 58A5 20 KB
20 KB 94ms
42ms Image
image/jpeg 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Background_bg263767409168568.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8da6e3f582e95396036eaa25a4a85e32183a0ab7220482762c4dd1f44c1d33d8

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
x-amz-request-id: VPERF0A4V8R6A14H
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 20256
x-amz-id-2: HUYyGTLhRVhkGb2Mb7gxCfgA9zngufm5CsEvxquI+KTtKqmgZp6NrB1eE4ZcGfWtaMrRvGBkdQU=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "dc3a869e9cbfef805b5c6fcf016f4e67"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813667
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

GET
H/1.1 200
OK Background_bg163767409168578.jpg
cdn.clinch.co/a_styles/2540/ Frame 58A5 9 KB
9 KB 84ms
32ms Image
image/jpeg 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Background_bg163767409168578.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c61e0b0bf8cd72825cf22a9f7ade4a6ff7273deb6a789939271cdb232c128a69

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:04 GMT
x-amz-request-id: VPEPJ095W7SZQ6ZS
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 8751
x-amz-id-2: kXRIgrnIUAJn6h5U9UqAG3mi0RID39QoXpdWvvGh64zUgdxG2U8cDKtilA4lb76muG5Brm7lwHo=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "89450767aed4aee89f0e967cb52638bf"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813667
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

GET
DATA 200
OK truncated
/ Frame 58A5 14 KB
14 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 279a862a288afc52e7f1b92c9a4888b3d04ca9c770e7f8b5b2fb5c8e0962a2e8

Request headers

Referer
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 58A5 15 KB
15 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5c2d4e15fee685e6a2e49866e747c76e1589b52b916580eb0691162dcb89dbf

Request headers

Referer
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 58A5 14 KB
14 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25d8667caf71971337fba44d0e764097bd78f5db4dd099f822051d3425c041b5

Request headers

Referer
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 imp
trk.clinch.co/ Frame 58A5 43 B
219 B 349ms
114ms Image
image/gif 3.233.174.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.clinch.co/imp?cid=ugvn1W&caid=7209&frmt=728xbananax90&csid=20534&cfid=8312&dsp=dv360&plcid=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&iid=be78fce5-7c4e-4775-ba8d-9617e9e93b68&prd=Ecommerce&ids=Lancia_Italy_YpsilonGSE_December2021_Promo&isrc=topItems&issrc=YpsilonGSE_-_Active&feed=2391&tilid=4939&lpsrc=Placement&locsrc=Ip2LocDb&locsrcs=333333033&dspiid=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&dsp_caid=15451206156&dsp_pub_id=1&domain=www.prosites.co.il&dsp_insertion_order_id=15950141&dsp_crid=396464177&ct=IT&city=Rome&st=62&stName=Latium&zip=00155&isp=M247%20Ltd&tc=1,0000000000,00,,&a=1639082104840
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.174.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-174-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:04 GMT
cache-control: no-store
content-type: image/gif
server: Kestrel
x-robots-tag: none
content-length: 43
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3

200

B25131455.321914837;dc_pre=CMPn59TI1_QCFV3iuwgdJw0PMg;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_id)_%7B%7Bdsp_campaign_id%7D%7D_396464177$$;device=;ord=1639082104840;d...
ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/ Frame 58A5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/B25131455.321914837;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_id)_%7B%7Bdsp_campaign_id%7D%7D_396...
https://ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/B25131455.321914837;dc_pre=CMPn59TI1_QCFV3iuwgdJw0PMg;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_i...

42 B
63 B

113ms
63ms

Image
image/gif

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/B25131455.321914837;dc_pre=CMPn59TI1_QCFV3iuwgdJw0PMg;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_id)_%7B%7Bdsp_campaign_id%7D%7D_396464177$$;device=;ord=1639082104840;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=

Protocol

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N718661.3424460LANCIA-DV360IT/B25131455.321914837;dc_pre=CMPn59TI1_QCFV3iuwgdJw0PMg;dc_trk_aid=514570975;dc_trk_cid=152186068;u=$$%7B%7Bdsp_insertion_order_id)_%7B%7Bdsp_campaign_id%7D%7D_396464177$$;device=;ord=1639082104840;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

impression_pixel
t.myvisualiq.net/ul_cb/ Frame 58A5
Redirect Chain

https://t.myvisualiq.net/impression_pixel?r=1639082104840&et=i&ago=212&ao=693&aca=25131455&si=6328519&ci=152186068&pi=321914837&ad=514570975&advt=8121039&chnl=-7&vndr=115&sz=10092&u=$${{dsp_inserti...
https://t.myvisualiq.net/ul_cb/impression_pixel?r=1639082104840&et=i&ago=212&ao=693&aca=25131455&si=6328519&ci=152186068&pi=321914837&ad=514570975&advt=8121039&chnl=-7&vndr=115&sz=10092&u=$${{dsp_i...

43 B
573 B

27ms
27ms

Image
image/gif

18.196.164.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/impression_pixel?r=1639082104840&et=i&ago=212&ao=693&aca=25131455&si=6328519&ci=152186068&pi=321914837&ad=514570975&advt=8121039&chnl=-7&vndr=115&sz=10092&u=$${{dsp_insertion_order_id)_{{dsp_campaign_id}}_396464177$$&pt=i
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=ugvn1W&caid=7209&format=_728ax90a&clkUrl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCpQnBdmiyYbWGLc-41fAPu-2y4Ajm-Yv4Zryksp7hDvrgv6DUARABIPnznQpg_YqihNQSoAGWk4qiAsgBCakCOpThv1Hvsj6oAwGqBOkBT9A7Ul_0KFXvENQCePocnEPVOE5usM6Mw7q2KrgpIOEk1iPnJ5hKnUm6YhQRpIMtogpMkRyhMPY_ONoACo0qa4S7NIr0VFQv3bG93WuIPOkuaRscp7j6rGfaA3h5DN_A6LCiRDsigpNi9YUg-jRnZm8lhmQjQ8Wk7P8ccYOHA6reVhbX6hNRieIGyKk2m3gfkCO-F6EKMm7Jfyayh0GaaJmG9lHPiWotBDA4Wyq7DiL_NQuiNhYBr7ozu5PWfxh_Fvxd9pfdT4PdhiDCyW3qKyuUjfjpKUBKr3sQAbcCirJTugf2WJelMDrABPnGmKDkA-AEA5AGAaAGTYAH0uz13QGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE-jEvQ3QEwDYEwqIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASBORobgE%26sig%3DAOD64_0fpugYRnkgbXCVvIbmNPcdWNj0iQ%26client%3Dca-pub-0245308634183202%26dbm_c%3DAKAmf-D8_3ayXH6mhhPo-zQZqzzq0PyMt-lV1T5XZ0G_DwwTVby_DyTDuqRkiJaQF1_0PfaCfzxGRK-rRXSItrNVUTNaarmRy975aLyBNHnHzzh2hjykDUPwMMpsUQwuqOTePP8YGbj0o0E2z5qT8O5_EBlmjREI9Q%26cry%3D1%26dbm_d%3DAKAmf-DMC5RURSMe8itrF8JyOOmtEqCddLaVCVLsUBPwUmUm4g1BvG34CkbMYk1WSSMmy_5QSOqL0EHsrKgrngeRc_JNFT5NmAMVJXz1sFV-MwQJVzxr0b8I10Fy1QWDaPLek8ywVxCaCt_8cEWrKSnHZaYEGamOdQF6qHQOokaeGgzOV5xkTtSuDaHeZ-sTKftpRkp3LxuTR4jpITmg3GGrRswf78er1BWQSQIFajN_DL0aN_4aqB8XOdEm2f5iuz8hzTPUtYTCWwE-EeBBKitmxwT74cFJzRr7e6Z_N38IozRpLbgUImSwdQm3uOUBADKngm3mwwDaPu5FhDnj3jfcCvwiAwpmJtB9AI--hOkTBRElJRlTLL_LG9hT7q2FE4vkww_GbdaM5V2Y7UhgSBl6Bjtj1thrsrGidMIcLI3z3FP8pP_NOxW2qF1G6JaX7XjvprmYOJwBWwJZvNZlLyBK0SaP_pga3NRZK1sp7sed58U6r2vkQyU%26adurl%3D&dsp=dv360&plcId=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&dsp_impression_id=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&site_url=https://www.prosites.co.il/recommendation.asp&dsp_pub_id=1&site_id=0&dsp_insertion_order_id=15950141&dsp_caid=15451206156&dsp_crid=396464177&dc_dbm_token=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIjOTaxzmoAvqv4_8BsAK9ws0HQAHSAioYACITCLWZ99PI1_QCFU9cFQgdu7YMjCgBMAE4vKSynuEOQAJIAViZgSAQsaCGvQHldAEo8DypLPFjYywEElsH&rnd=1639082102738101&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Server: 18.196.164.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-164-201.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 09 Dec 2021 20:35:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/impression_pixel?r=1639082104840&et=i&ago=212&ao=693&aca=25131455&si=6328519&ci=152186068&pi=321914837&ad=514570975&advt=8121039&chnl=-7&vndr=115&sz=10092&u=$${{dsp_insertion_order_id)_{{dsp_campaign_id}}_396464177$$&pt=i
Date: Thu, 09 Dec 2021 20:35:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
215 B 264ms
263ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKGMZ,time:734,type:e,im:%7Bpci:%7Btdr:507%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:734,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:188,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B561~0%5D,as:%5B561~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:04 GMT
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 81ms
44ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

210a6382dee28d6e1ce9e2381301222d612faf1d98fa0c37056c7a917f8bd550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 09 Dec 2021 20:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8567
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 288ms
287ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Thu, 09 Dec 2021 20:35:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C7A 13 KB
5 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 09 Dec 2021 18:58:54 GMT
expires: Fri, 09 Dec 2022 18:58:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET aframe
www.google.com/recaptcha/api2/ Frame 1AEF 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BCFC 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgQ2agsL46slu1pFbPOuZsap4a3_k7vauGhbzlWmUj10JYW7VjjpIK4h4eYOCtAYFxJLwuD38jRbUfpfZ630xKks4k_THkYqKX4aJaZxXK6NH6RvQ9Jg&sai=AMfl-YS0wp097T95rJf2kJ9d2WDzSS5-m2eJKNx-QGBqTyPSwM2u7QK2El3JgXYPBpylhqb9ow4fRsZxm9xM&sig=Cg0ArKJSzHn2h-_KmB1VEAE&cid=CAASBORobgE&id=lidar2&mcvt=1008&p=0,0,94,728&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639082103766&rpt=828&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C7A 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 10:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 10:07:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 66ms
66ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2103625087505733&bg=!p6SlpODNAAZKWFskSlg7ACkAdvg8WnuXj7CCFhd9j5_4WeAKe6wkv35sJxwFuvFJ-10S5EP7hmiFywIAAABuUgAAAAhoAQcKAOU-okUQeMiVhbl54uwIPeRwmz2uSNXbSEL3E39H_XU3g5KOLdoTr1Mi7f4zO8Vd-utCgCW5hs4vRDpuZ2aFY7SCJnSnsvQBkPDV8nJwhm6xte7UtgxXM2eZgAcOKMpS3PJ241iode313SWbOX6LDnVPrUGxsFFmkb58EApVSUXvMjODSIrVB8OykpdQBnY9SEsRig-z-eB5lO6fsYuk_rKw6ACrn3JnfGd-67lDV6ZYzC0DxdbprFjhMX1wzHDSjOjTLA-eX9rEy0vbavwzJFL1gQE7V5io9xl3lre8dDdHhPxUvwkfmQJ6OvtcavVMDVwzk24JLFMKi6Z3fo6Og89Ps-MoD0T4eUKmGbzGqXSXeLZEOxrdEC6Bg-T3c2bKTL8-QIubOwYs9wgveJMCeGAE4F8AXMY-G8dTYkRvwrVpAWecWwwvgMpQuwn_3jEipDbqyfT5Ufn38FOcDYhFc4HgA-VTFpAPW_YW1Ffb7eTvIHO-tLHBv7hFOjexeB3npqohdw5Zw6VakkKpMZ762oAxj90TfPz-zbwgJlTK49niwDUNLA_5A0URhIG1t8zkUhYQJP0vG1D3ICno9yyaeZVNBDZNKYed_AueCf_DXTvzoksW7PtExilHamCO1tkM8750-UOO3OZuAzGHmC1SwnlRoqb53217Xlhgzpq05ITMqg5rZFN-JmxWMfqfgqiSTBtih_03rIdTDwUPX10wfb1ALrZHm32jcjjJMQ-ONu3LTxRk7X7Pp3Skrz_NrvCPBOG07TqaBfff8T8A-rmSJCnqcOMjaRPKAcW_FWJi9hfECPy5f85k6L3QP52Vb6SjkK46kniikKhQ-c8nrI2lPMxBxbOd18oD7QdK498t0q8jgDCsBYuUkzvBBFmT2rVa1eSwRo9o-ZVQ98VU00LbDZtwTbJhXnPmDHlAZ_wYGXNJ4oHaGX1uU1-oYmeUrDf8iJeVKMgjYi4A_T0arXj7zfCNKCg9E4aEzlTSWIF0t09OLKvM_q8tbVTfAHIbegliPlaxkeHLujpmmaWPVaTdc8BIwDu8lo3tWgscnhoCVPUXmUF0eLCJYdXfyoTnUmM-80Jnc0mERauQ6wZbsWY_sHDMdwsMXykar44KwZpSlO5x93cOizRav0Q4iMmpRIKQZKTUxg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.prosites.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view_y
trk.clinch.co/ Frame 58A5 43 B
218 B 110ms
110ms Image
image/gif 3.233.174.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.clinch.co/view_y?cid=ugvn1W&caid=7209&frmt=728xbananax90&csid=20534&cfid=8312&dsp=dv360&plcid=Lancia_IT_Programmatic_DV360_YpsilonGSE_728x90_Suspect&iid=be78fce5-7c4e-4775-ba8d-9617e9e93b68&prd=Ecommerce&ids=Lancia_Italy_YpsilonGSE_December2021_Promo&isrc=topItems&issrc=YpsilonGSE_-_Active&feed=2391&tilid=4939&lpsrc=Placement&locsrc=Ip2LocDb&locsrcs=333333033&dspiid=ABAjH0gmuMUv3AlB9gu5nBd2xEh3&dsp_caid=15451206156&dsp_pub_id=1&domain=www.prosites.co.il&dsp_insertion_order_id=15950141&dsp_crid=396464177&ct=IT&city=Rome&st=62&stName=Latium&zip=00155&isp=M247%20Ltd&tc=1,0000000000,00,,&a=1639082105850
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.174.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-174-10.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 20:35:05 GMT
cache-control: no-store
content-type: image/gif
server: Kestrel
x-robots-tag: none
content-length: 43
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
215 B 197ms
195ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKHfs,pingTime:1,time:2499,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:188%7D,%7Bpiv:100,vs:i,r:,t:1498%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:188,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1324~0,0~100%5D,as:%5B1324~728.90%5D%7D%7D,%7Bsl:i,t:1498,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:270,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:06 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BCFC 43 B
215 B 198ms
198ms Image
image/gif 54.149.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=760547&asId=69c0f6ca-ce06-bad0-f427-5f1c44b2c6f5&tv=%7Bc:wkKHfu,pingTime:1,time:2501,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:188%7D,%7Bpiv:100,vs:i,r:,t:1498%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:188,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1324~0,0~100%5D,as:%5B1324~728.90%5D%7D%7D,%7Bsl:i,t:1498,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:270,fm:sR89t9Z+11%7C12%7C13%7C14%7C15%7C1611%7C171*.760547-58793513%7C1711%7C1712%7C1713%7C18,idMap:171*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.196.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-196-103.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 20:35:06 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK Background_bg263767409168568.jpg
cdn.clinch.co/a_styles/2540/ Frame 58A5 20 KB
20 KB 95ms
94ms Image
image/jpeg 2a02:26f0:6c00::210:bb1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_styles/2540/Background_bg263767409168568.jpg
Requested by: Host: www.prosites.co.il
URL: https://www.prosites.co.il/recommendation.asp?ID=14035
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:bb1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8da6e3f582e95396036eaa25a4a85e32183a0ab7220482762c4dd1f44c1d33d8

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 09 Dec 2021 20:35:08 GMT
x-amz-request-id: VPERF0A4V8R6A14H
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 20256
x-amz-id-2: HUYyGTLhRVhkGb2Mb7gxCfgA9zngufm5CsEvxquI+KTtKqmgZp6NrB1eE4ZcGfWtaMrRvGBkdQU=
Last-Modified: Thu, 16 Sep 2021 17:12:50 GMT
Server: AmazonS3
ETag: "dc3a869e9cbfef805b5c6fcf016f4e67"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=25813663
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Tue, 04 Oct 2022 15:02:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.prosites.co.il/	1969-12-31 23:59:59	Name: ASPSESSIONIDSSTTQDDB Value: FCEHEOGABMPAOPKEOEFEOJMM
.prosites.co.il/	1970-01-20 16:49:14	Name: _ga Value: GA1.3.1946038394.1639082103
.prosites.co.il/	1970-01-19 23:19:28	Name: _gid Value: GA1.3.87706852.1639082103
.prosites.co.il/	1970-01-19 23:18:02	Name: _gat_UA-5951446-3 Value: 1
.prosites.co.il/	1970-01-20 08:39:38	Name: __gads Value: ID=e8a4201778470ff9-22dc43e602cd006b:T=1639082102:RT=1639082102:S=ALNI_Ma07oF9yrbQoRaJLQ9I3UtFUEZ20A
.doubleclick.net/	1970-01-20 08:39:38	Name: IDE Value: AHWqTUkIIHHG-P5W2ulaWlsZnPKtDYW0dZIiwKcFvdR8WzdVY8IPQb83U9ckY4MfCfY
.prosites.co.il/	1969-12-31 23:59:59	Name: __utmc Value: 262016588
.prosites.co.il/	1970-01-20 03:40:50	Name: __utmz Value: 262016588.1639082104.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.prosites.co.il/	1970-01-19 23:18:02	Name: __utmt Value: 1
.prosites.co.il/	1970-01-20 16:49:14	Name: __utma Value: 262016588.1946038394.1639082103.1639082104.1639082103.1
.prosites.co.il/	1970-01-19 23:18:03	Name: __utmb Value: 262016588.1.10.1639082104
.adnxs.com/	1970-01-20 01:27:38	Name: uuid2 Value: 3528443833233865394
www.prosites.co.il/	1970-01-20 08:48:16	Name: __atuvc Value: 1%7C49
www.prosites.co.il/	1970-01-19 23:18:03	Name: __atuvs Value: 61b26878fe37f597000
.adnxs.com/	1970-01-20 01:27:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlknX2_W!]tbPl1M>e)ZlrFUfJ+tGXxp:[SK^rT!wTtTaKanB!zTBDVVgZ_/%+E0`]QqbpRzqF1`b_8y5RxR
.addthis.com/	1970-01-20 08:48:16	Name: uvc Value: 1%7C49
.casalemedia.com/	1970-01-20 01:27:38	Name: CMPS Value: 302
.addthis.com/	1970-01-20 08:48:16	Name: loc Value: MDAwMDBFVUlUUk0yMjE5MTkyNTAwMDAwMDBDSA==
.casalemedia.com/	1970-01-19 23:19:28	Name: CMST Value: YbJoeGGyaHgA
.casalemedia.com/	1970-01-20 08:03:38	Name: CMRUM3 Value: 2d61b268782760CAESEG9ennAQ7DJ-LAz1jFwuNRs
.doubleclick.net/	1970-01-19 23:18:05	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 08:03:38	Name: CMID Value: YbJod-2xoOrXOqmC.nIvtQAA
.casalemedia.com/	1970-01-20 01:27:38	Name: CMPRO Value: 665
.clinch.co/	1970-01-20 16:49:14	Name: clinch-sid Value: 364a95dc-72ab-46ea-ad3e-cec7ef664f9d
.myvisualiq.net/	1970-01-20 16:49:14	Name: tuuid Value: 6818357e-fbe2-4904-9fa3-b0d564dc8dcd
.myvisualiq.net/	1970-01-20 16:49:14	Name: c Value: 1639082104
.myvisualiq.net/	1970-01-20 16:49:14	Name: tuuid_lu Value: 1639082104

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.prosites.co.il/upload/ProSites_11802.pdf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://www.prosites.co.il/recommendation.asp?ID=14035(Line 571) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.prosites.co.il/recommendation.asp?ID=14035(Line 571) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.it
api-public.addthis.com
cdn.clinch.co
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
realtime.clinch.co
s7.addthis.com
ssl.google-analytics.com
static.adsafeprotected.com
t.myvisualiq.net
tpc.googlesyndication.com
trk.clinch.co
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.negishim.com
www.prosites.co.il
z.moatads.com
s7.addthis.com
www.google.com
142.250.184.194
142.250.186.166
142.250.186.98
18.196.164.201
199.203.20.98
2.17.169.171
2.19.120.108
2001:4de0:ac18::1:a:3b
2600:9000:223f:ac00:8:48e:53c0:93a1
2606:4700:3036::6815:5e0e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a02:26f0:6c00::210:bb1a
3.233.174.10
34.196.196.242
34.249.30.33
37.252.172.38
54.149.196.103
84.53.188.140
017f1beeac8c9d65fb38b7985a2f7d000676cd940e78aed7e981607a9614341f
018119d5efd35decf021d376894abc71a39a4185010e054240611762ff0f6de9
0409eb1a99981123c7df2d4847d62a081a9b150f64d529cb8e851c8ed78c32b6
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1239e7c499274555c93c549ffad5f63ab5754f159171e0e9aa985171ea7a9d65
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
136c1d684a99b67a8ef459eaf38f09c7af41713d94f06701e460dcc3270ecea5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fe8d7aaf080dd491c317317f5bcd07e254283c8b865247d6834c27541ac1423
210a6382dee28d6e1ce9e2381301222d612faf1d98fa0c37056c7a917f8bd550
221b988abede83cf3ed1afff9b2c1a5ba5ad89e3b34b5587ac42a64cb3808292
2315fd30453223f85539420635ec365464dbb8049ec94c98ea365894d92788f0
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
255d7536bc23ccf8c9daaffa1e8985fad893b4a6e879989d4a743cef3a14a234
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d8667caf71971337fba44d0e764097bd78f5db4dd099f822051d3425c041b5
279a862a288afc52e7f1b92c9a4888b3d04ca9c770e7f8b5b2fb5c8e0962a2e8
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3c78429a3018e7f8fdce7ae1c77f7ad006b49913f6da91e7a3e833d6abec7d1f
3d3dd3f2ae67fafc69c39c62001b35f427b1130681f070d64792115f80856409
3ff5b32447f60a7aacdb99ff951585ba85809756f263b481f0a6cc9cd9966125
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
437c3b265c5a907278db7bbc623859e799ab3ca114f4afc3031b85d8b8dd02d3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
492ee2890f2dfbc36b15eb9451e99f69a92185638a1f9235565945ff2fb72f80
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d64aad7e0867b4bcb45afcc7e0359d84bc1c1de6f264a20abde8c3fa90d3a8d
4f74ecd9a7532b7361e318a8d6fbd78a31903599e02692f805c6eeb3ab68f1c3
4fd01e6598979d03d8b332a7888a60a84b407606a4cdd57af2230be29e61d918
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5097c822a21c85df71171072a93e7f439de3c813e85f08ee44c60db1d3d06de5
5279dad9e2cbb87abd63e5bbb44f7b431e7b9807acde699de85940c905c1d55a
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5750e404dee79ec463531c5b93847bbada31f7e3c6d88bfc48d8b09b8812f543
5aecd2ce89702ca4f7f04c04e45dc63195c2aa23ba78c169d37885cb98388b87
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f8d4914460d1423ff9ef14692eeb6eaa9475759593f647fe172c37ec934a9cc
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6340648a975c8343d21568e71a89773b23cf259c6c820744ef5bf2954af1e66f
646ce2cf3229db75088a025bd0fc78e5beafb2948e772cad423acb73f6664de8
67fc8bf4c4dabf51b9919c847460c810f0f95941a4e50314d5ba861c7f0991a3
6a7e89545d76648565b32f99c4275de332fd9bb8d1ec0f16e2b2b5a6d5212479
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd9f3ab8929b5199116b3dcdc63c1a6dea5dd1a2e32f5c64cc362dd02dc3ec3
6d74ffd8391dadb236db08f6fb043894054f9f67211ed1e7da57865634db81f1
7521bbacc794c3c41ca146692d289df5dacff25938f1602952592ca8955ec205
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b9ea3aeeaf6d63799a48064cc11298fade91ab6fd689038c40b72534d881bca
813c3c6588dbf51a522f9ac5c82e804c0c7790f04fff37adffb4f8d62d02b189
81887d68712a6087c7ead33afe49f5ff83218e85790176cc653049f3656c5c2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850e524615a11e2b51e1ac8345afd12707dc0b2aa9c4cda7c85f490ca695c80a
869ea62eaf5a43cebda3959180d48e30d83568d6dab66a1668797b3d2115a57e
873ae2a0fca6aa9f493fae54125024e435655e00827f0652c569695575d330e5
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88616800b0cb7be79f08dfbf17bd0c80f0dc771926c745c11d437dab47af60e6
8da6e3f582e95396036eaa25a4a85e32183a0ab7220482762c4dd1f44c1d33d8
8ea48a430e1c86d3f6b12f37ec3ff2cc6d6d3a1c82fda2e4b15d19065d20c869
936b9bd60f77638361da671036617500ea501049613b4b4cf10b4b86360d5858
939ff291b2a65c5d3bf20fde9c101d03a272ecf6b3c7b029531c35ee2f7161c3
9402439af5da5d0507dd51c79c4a84ee8944152c2a34231df4410993fff2ea19
95e56495e6ff3a53fa095cee20f8dc8c0619b3bf0aaef0b55347a4ae0c43d3e6
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c1697bfc05f8e00314bc2aa32c60b123b311965e94e91801d3876d86d72fdd
9be1aa4d3a1d5c5ddcca82442a1bab4c46c39ca3ea52a05810491a810d3ffb1f
9ce8fc1e991fd4e104de2bc58d3e069142e3c19ae35bd19c3759124b306a6fcc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a315de85be407700530233bbc3da1ad76235c2189a88ba35e8149a48c41e362a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52523e397e997522f0f631945b5081879863bccd4ed5ce083865c8459231063
a5c2d4e15fee685e6a2e49866e747c76e1589b52b916580eb0691162dcb89dbf
a9132cc06212d225a9d9f7ee175fe1143d16a5851eed097fd50b8a549a9eca02
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac22f6b64c6e72b6e9cb9c40e5b02c7414fc5e1540a576844818e2e030efff1d
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5ae9008d4f723cbe585d776f9693d6c4b65a3cf757b0e189e9fdda38fb5483e
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0757c3765fb0156cceafe32392c42bd73ebdc4c8053808125a8495882f21597
c5f7a38e28c064c3ff2dfcf0a8a36dc8212f612f086cec4763ecd89092b2d30b
c61e0b0bf8cd72825cf22a9f7ade4a6ff7273deb6a789939271cdb232c128a69
c6dc241df46b8492e46eda8e311342131172be2cd9abd20c5c1d24bd6a429b9c
c7bc017c71f72c012df4b09cb321091b4448b72f9174ac5d92b2ba45a82da964
cbc7ee7cb131f2f0f8e991d1a5d5b61e3f74a9520efdd055cddae32c7da6b197
cde425a9ef3360b619696ad262b1c9ba28e70b95eed33b490df2cadd0090f4ab
d155673e03e80aa76752c9716b6ca13df6d81351990bd880cf78c4e61ea0fa48
d237070a199ad699c9a1618c97917dd1839584e71302b76bd612cb5fd78e98a7
d386b7f990a28973f56908bf6b473bf847bc2aa6c2e689be58f79f33d67e56b4
d5657761b83b78fd9e8db73283ad1cbf05aafbcd0774321f4097630da3b5cc2e
d6ff42f847b4f32db3b53454d38a6d930e74dd3c0e6c619313ad048d2b208e52
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
daeeeca91f41cc7d7aea51ca90024f6ba4f2df886570226c822b2b140c8d0df1
dc1867f8895b5ba68359899f569e062a78a29545f8406a63c4f3a7d29c3255d8
e16d63363a56c48985349e5b3a8b7d0b9557374ff1baf55f25c539e2d58d7dac
e1bb0facbd5151b5ce31dd798a25624666a0e943c4bb57c9e0a8e88ea5e4aba9
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e256b656cda17c40acb11222a3c501c0989a10bd1fe17add8a8e30ba34329b70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40a8e1fd6ee45f2974968505b66ab2a33ebeac27e754efeda95e0486c45e4b6
e421be0b7e4a49bda85e49f36ab6c3bd06257ece681a5788b8f0333a624afdd6
e75654afa743836f6ec8dc04403a681284ca6645517c356db2b738fae28b1afa
e9f626b3059ef30b3e0b9cfd3aee010b2beb38b738003a350339ca2cc61d94d3
edc385d10d64929db54de78898502b69ab3de90d927da9307f565da5cd3e1a5f
ee9b83c7c8c8dadc6f9203537a5849d91210c7563dad574d2ef9d373d99d7b5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b8e0ee429a6aee81e22883238fba3d35ddddbbb42e76d8bb9283d26ce1151
f32171a4d21f4fe45729e31d37257be9b75fbbf3f42ded3ad6c46c1bba7f1509
f4023c992a4259315955385e68d89e776dab3ba8bada8a3eda9b43a890b44cca
f893d3ffe4a31043a86830dd67631d06247f6c73bade18e809e70a66f511fafa
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.prosites.co.il Open in urlscan Pro 2606:4700:3036::6815:5e0e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

145 Requests

94 %HTTPS

57 %IPv6

21 Domains

33 Subdomains

30 IPs

6 Countries

2142 kBTransfer

4180 kBSize

27 Cookies

25 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.prosites.co.il Open in urlscan Pro
2606:4700:3036::6815:5e0e Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

94 %
HTTPS

57 %
IPv6

21
Domains

33
Subdomains

30
IPs

6
Countries

2142 kB
Transfer

4180 kB
Size

27
Cookies

145 HTTP transactions
4 data transactions