www.jpost.com Open in urlscan Pro
2600:9000:211e:9800:4:69bf:5d00:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jpost.com/
Effective URL:
https://www.jpost.com/
Submission: On August 05 via manual (August 5th 2021, 10:24:15 pm UTC) from US

Summary HTTP 312 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 65 IPs in 7 countries across 42 domains to perform 312 HTTP transactions. The main IP is 2600:9000:211e:9800:4:69bf:5d00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.jpost.com.
TLS certificate: Issued by Amazon on June 23rd 2021. Valid for: a year.

This is the only time www.jpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2600:9000:215... 2600:9000:2156:800:4:69bf:5d00:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:211... 2600:9000:211e:9800:4:69bf:5d00:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2600:9000:219... 2600:9000:2190:800:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.78.253.158 54.78.253.158	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3030::6815:631	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
35	2600:9000:205... 2600:9000:2057:2400:13:930:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:829::2013	15169 (GOOGLE) (GOOGLE)
4	13.224.90.44 13.224.90.44	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	104.85.1.87 104.85.1.87	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
22	104.85.5.185 104.85.5.185	16625 (AKAMAI-AS) (AKAMAI-AS)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3035::6815:4ba6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	34.95.123.171 34.95.123.171	15169 (GOOGLE) (GOOGLE)
1	34.120.218.58 34.120.218.58	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2014	15169 (GOOGLE) (GOOGLE)
1 3	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 9	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	3.225.114.95 3.225.114.95	14618 (AMAZON-AES) (AMAZON-AES)
8	18.233.227.25 18.233.227.25	14618 (AMAZON-AES) (AMAZON-AES)
9	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
1	23.20.146.126 23.20.146.126	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
1 3	13.224.96.53 13.224.96.53	16509 (AMAZON-02) (AMAZON-02)
44	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	13.224.96.61 13.224.96.61	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f14:b4f... 2600:1f14:b4f:4b01:e698:1526:af7:7e1	16509 (AMAZON-02) (AMAZON-02)
1	100.25.91.152 100.25.91.152	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	104.85.0.246 104.85.0.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	37.157.4.41 37.157.4.41	198622 (ADFORM) (ADFORM)
3	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
1	104.85.0.200 104.85.0.200	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
312	65

2 2600:9000:2156:800:4:69bf:5d00:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

jpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:211e:9800:4:69bf:5d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.jpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2190:800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:631 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2600:9000:2057:2400:13:930:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.jpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

stag-core.tfla.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.90.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-90-44.zrh50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

revboostprocdnadsprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.85.1.87 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-1-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.85.5.185 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-5-185.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.valuad.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4ba6 (United States)

ASN13335 (CLOUDFLARENET, US)

95662602.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.123.171 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 171.123.95.34.bc.googleusercontent.com

static.adoric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.218.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.218.120.34.bc.googleusercontent.com

app.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

valuad.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.114.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-114-95.compute-1.amazonaws.com

q.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.233.227.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-227-25.compute-1.amazonaws.com

protect.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.146.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-146-126.compute-1.amazonaws.com

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.96.53 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-53.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-61.zrh50.r.cloudfront.net

pix.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:b4f:4b01:e698:1526:af7:7e1 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ipv6.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.91.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-91-152.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.85.0.246 (Amsterdam, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.0.200 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-0-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	327 KB
43	jpost.com 2 redirects jpost.com www.jpost.com images.jpost.com	315 KB
34	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	252 KB
23	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	591 KB
17	geoedge.be rumcdn.geoedge.be protect.geoedge.be	6 KB
16	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	164 KB
12	google.com 2 redirects adservice.google.com www.google.com	1 KB
11	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com	213 KB
11	gstatic.com fonts.gstatic.com	163 KB
11	twitter.com 1 redirects platform.twitter.com syndication.twitter.com analytics.twitter.com	214 KB
9	cookielaw.org cdn.cookielaw.org	185 KB
8	googletagservices.com www.googletagservices.com	276 KB
7	adform.net track.adform.net s1.adform.net	113 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	adrta.com q.adrta.com pix.adrta.com ipv6.adrta.com adrta.com	13 KB
5	google.de adservice.google.de www.google.de	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	appspot.com valuad.appspot.com	122 B
4	amazon-adsystem.com c.amazon-adsystem.com	36 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	2mdn.net s0.2mdn.net	94 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	facebook.com www.facebook.com	266 B
3	google-analytics.com www.google-analytics.com	19 KB
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	14 KB
2	adoric-om.com 95662602.adoric-om.com app.adoric-om.com	42 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	6 KB
2	facebook.net connect.facebook.net	97 KB
2	ip-api.com pro.ip-api.com	378 B
2	escalated.io tag.escalated.io	63 KB
1	trackcmp.net trackcmp.net	271 B
1	adoric.com static.adoric.com	13 KB
1	t.co t.co	165 B
1	onetrust.com geolocation.onetrust.com	373 B
1	valuad.cloud cdn.valuad.cloud	114 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	azureedge.net revboostprocdnadsprod.azureedge.net	155 B
1	tfla.xyz stag-core.tfla.xyz	2 KB
1	googletagmanager.com www.googletagmanager.com	57 KB
1	adapex.io cdn.adapex.io	120 KB
312	42

	Domain	Requested by
39	tpc.googlesyndication.com	www.jpost.com tpc.googlesyndication.com cdn.ampproject.org rumcdn.geoedge.be
35	images.jpost.com	www.jpost.com
21	images.outbrainimg.com	www.jpost.com
19	securepubads.g.doubleclick.net	www.jpost.com www.googletagservices.com securepubads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.jpost.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
11	www.google.com	2 redirects www.jpost.com rumcdn.geoedge.be
11	fonts.gstatic.com	www.jpost.com fonts.googleapis.com
9	cdn.cookielaw.org	rumcdn.geoedge.be cdn.cookielaw.org
9	widgets.outbrain.com	www.jpost.com rumcdn.geoedge.be widgets.outbrain.com
9	rumcdn.geoedge.be	www.jpost.com rumcdn.geoedge.be
8	pbs.twimg.com	www.jpost.com platform.twitter.com
8	protect.geoedge.be	rumcdn.geoedge.be
8	www.googletagservices.com	www.jpost.com securepubads.g.doubleclick.net
7	googleads.g.doubleclick.net	rumcdn.geoedge.be www.jpost.com cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
7	platform.twitter.com	www.jpost.com rumcdn.geoedge.be platform.twitter.com
6	www.jpost.com	www.jpost.com
5	cdn.ampproject.org	www.jpost.com
5	cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
4	track.adform.net	www.jpost.com s1.adform.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	valuad.appspot.com	cdn.valuad.cloud
4	www.google.de	www.jpost.com
4	c.amazon-adsystem.com	www.jpost.com c.amazon-adsystem.com
3	s1.adform.net	track.adform.net s1.adform.net cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
3	fonts.googleapis.com	tpc.googlesyndication.com www.jpost.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	s0.2mdn.net	www.jpost.com tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects widgets.outbrain.com
3	mcdp-nydc1.outbrain.com	widgets.outbrain.com
3	syndication.twitter.com	1 redirects platform.twitter.com www.jpost.com
3	www.facebook.com	www.jpost.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads4.g.doubleclick.net	www.jpost.com
2	ton.twimg.com	platform.twitter.com
2	q.adrta.com	www.jpost.com q.adrta.com
2	odb.outbrain.com	rumcdn.geoedge.be
2	stats.g.doubleclick.net	www.google-analytics.com
2	connect.facebook.net	www.jpost.com connect.facebook.net
2	pro.ip-api.com	www.jpost.com
2	tag.escalated.io	www.jpost.com tag.escalated.io
2	jpost.com	2 redirects
1	analytics.twitter.com	rumcdn.geoedge.be
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
1	adrta.com	pix.adrta.com
1	ipv6.adrta.com	pix.adrta.com
1	pix.adrta.com	q.adrta.com
1	mv.outbrain.com	rumcdn.geoedge.be
1	trackcmp.net	rumcdn.geoedge.be
1	cdn.syndication.twimg.com	rumcdn.geoedge.be
1	prism.app-us1.com	rumcdn.geoedge.be
1	app.adoric-om.com	95662602.adoric-om.com
1	static.adoric.com	rumcdn.geoedge.be
1	t.co	www.jpost.com
1	adservice.google.com	rumcdn.geoedge.be
1	adservice.google.de	rumcdn.geoedge.be
1	geolocation.onetrust.com	rumcdn.geoedge.be
1	log.outbrainimg.com	widgets.outbrain.com
1	95662602.adoric-om.com	www.jpost.com
1	cdn.valuad.cloud	www.jpost.com
1	widget-pixels.outbrain.com	www.jpost.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	diffuser-cdn.app-us1.com	www.jpost.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	revboostprocdnadsprod.azureedge.net	www.jpost.com
1	stag-core.tfla.xyz	www.jpost.com
1	www.googletagmanager.com	www.jpost.com
1	cdn.adapex.io	www.jpost.com
312	70

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
uae-israel-business-summit.web.app
www.israeldefense.co.il
realestate.jpost.com
www.bankhapoalim.com
www.ivritalk.com
www.jpostlite.co.il
www.dhgate.com
www2.energyatanyage.com
mysearchonline.org
15719d.llsdzktnxwnnr.com
www.top5datingsider.dk
historydaily.org
www.outbrain.com
www.postfun.com
www.stadiumtalk.com
money-hero-tracking.org
www.workandmoney.com
www.farandwide.com
domainlive.org
rfvtgb.crowdyfan.com
www.youtube.com
conferences.jpost.com
marchoftheliving.jpost.com
congress.jpost.com
landingpage.jpost.com
www.maariv.co.il
payments.jpost.com
members.jpost.com
jbstv.org
www.danhotels.com
www.kkl.org.il
www.danielchen.co.il
cookiepedia.co.uk
tcf.cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
jpost.com Amazon	`2021-06-23` - `2022-07-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
gw.geoedge.be Amazon	`2020-11-12` - `2021-12-11`	a year	crt.sh
*.escalated.io Go Daddy Secure Certificate Authority - G2	`2021-01-03` - `2022-02-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-05` - `2021-11-04`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
stag-core.tfla.xyz GTS CA 1D4	`2021-06-11` - `2021-09-09`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.azureedge.net DigiCert SHA2 Secure Server CA	`2020-11-21` - `2021-11-30`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
valuad.cloud R3	`2021-07-07` - `2021-10-05`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.adoric.com R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
*.adoric-om.com R3	`2021-06-15` - `2021-09-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.adrta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-10` - `2022-06-10`	a year	crt.sh
protect.geoedge.be Sectigo ECC Domain Validation Secure Server CA	`2020-01-29` - `2022-01-28`	2 years	crt.sh
*.trackcmp.net Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.jpost.com/
Frame ID: 52A951875C1526F2A393A20825D05E04
Requests: 174 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.jpost.com
Frame ID: 3023FEA5593FDE4DCAE5BE169C572849
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 647C5091B3E6AA7EDE2A5400C16A326A
Requests: 2 HTTP requests in this frame

Frame: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BD10FA31A8F35FDDAD4987F923B5CE0A
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Frame ID: 611099427C2CD441A1E5F9CF8AB20865
Requests: 11 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Frame ID: B8C7356CAC1B9236D01CFB3850FB5A25
Requests: 8 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1421007522203324421/IzQv2xsg?format=jpg&name=600x314
Frame ID: CF49F2CBA30661A885739666E3D98A15
Requests: 14 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 05623072BECF4408E574A7EB49C01695
Requests: 3 HTTP requests in this frame

Frame: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 93B430BCD4E93033700DF55855718CAB
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 3876B90C9DCD3EE420863F6D3D07D9F9
Requests: 1 HTTP requests in this frame

Frame: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4AB5026A6BD6B38B5ED8CC5DABC3BFDF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN64OhC80e2-AhiAsZCwATAB&v=APEucNXsdJhDQ60ZHhwbhEE9KOtgB0nYkAeFDvqVZQXJi8ZNAzWqf4MNlOWuXIsnPUHsZ-A7xPGMT0myMTAaYA1D1I0sBrQkE77gwa5j8nGxqTSrFzLzXVKI_e_XjLsXKn3a4V2wnAwvS_1H5NyQ_FIcbGR6G9B0W-wITRfLs26sribSMfQrzn8
Frame ID: 5D0469C0712A9473D758782D2B9B2058
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html
Frame ID: 6B437723331B4E472766FD6B02D81EC1
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18753A76F08DE40760C095ACEA703E3D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 21D15E09BF14B6199CCCF47489715453
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Frame ID: FCBC297DC509DD5B14AF1BFC10D39EFE
Requests: 18 HTTP requests in this frame

Frame: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 97387E8138920C9D5959BFBADD04CD24
Requests: 9 HTTP requests in this frame

Frame: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE4D24EA3FF8A4CBCE54B5536D6C22D2
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html
Frame ID: 98DF8AB8D5A54DDFFE383AF9A676EF6F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A3CDEEB131938BEE433A022F34A7494E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EDB9B1D207A66A0C9A4C2D4D3D52A5A6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6C89E81A71AB880E6C73926508E58324
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D56CD48C66F6E2FE9BFD074B8B0A68FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://jpost.com/ HTTP 301
https://jpost.com/ HTTP 301
https://www.jpost.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

312
Requests

100 %
HTTPS

55 %
IPv6

42
Domains

70
Subdomains

65
IPs

7
Countries

3636 kB
Transfer

8626 kB
Size

17
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/Jerusalem_Post
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheJerusalemPost
Title:

Search URL Search Domain Scan URL

URL: https://uae-israel-business-summit.web.app/
Title: Global Investment Forum

Search URL Search Domain Scan URL

URL: https://www.israeldefense.co.il/en/%D7%A7%D7%98%D7%92%D7%95%D7%A8%D7%99%D7%95%D7%AA/%D7%A1%D7%99%D7%99%D7%91%D7%A8%D7%98%D7%A7
Title:

Search URL Search Domain Scan URL

URL: https://realestate.jpost.com/
Title: Israel Real Estate

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watch/thejerusalempost/421073555903545
Title: JPOST ZOOMCAST

Search URL Search Domain Scan URL

URL: http://www.bankhapoalim.com/
Title: BANK HAPOALIM GATEWAY

Search URL Search Domain Scan URL

URL: https://www.ivritalk.com/?aff=jposticon
Title: IVRIT TALK

Search URL Search Domain Scan URL

URL: https://www.jpostlite.co.il/?utm_source=jpost%20buttons&utm_campaign=jpost%20lite%20sidebar&utm_medium=sidebar-vertical
Title: JPOST LITE

Search URL Search Domain Scan URL

URL: https://www.dhgate.com/
Title: DHGATE

Search URL Search Domain Scan URL

URL: https://www2.energyatanyage.com/cid/7013w000001vMrWAAU?subid1=$ob_click_id$&utm_term=campaign_id_003cee96367caeef71d3e2fbe6867b6a37_site_source_$publisher_name$_&subid2=$publisher_name$_$section_name$&subid4=$req_id$-002f5af68fe08c18dd1383e748d903118f&obOrigUrl=true
Title: Constant Fatigue Might Be A Warning Sign – Watch This energyatanyage.com

Search URL Search Domain Scan URL

URL: https://mysearchonline.org/view/dlEqB9xpbNAEVzO380sULpmC2DuZFyqSkBcBevqZmDVUag?c=37121&pid=4443&tid=$ob_click_id$&ob_marketer=BP_Web&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=007fa8d973ee9b4ebc61cd07b50514fcac&ob_timestamp=$time_stamp$&ob_platform=WEB&ob_campaign_id=00db0bbe15297e1fba296bf40ddceb36b1&ob_doc_title=Top+Doctors+Now+Recommend+New+CBD+Drops+For+Amazing+Relief+That%E2%80%99s+100%25&site=CBDMultiWeb30.1tr_$publisher_name$_$section_name$_007fa8d973ee9b4ebc61cd07b50514fcac&mavcid=MANAGERCAMPAIGNID&ob_marketer_id=00f5d457b2d6ad1e8084e2e65f4e55c1f1&obOrigUrl=true
Title: Doctors Baffled: Simple Tip Relieves Years of Joint Pain and Arthritis (Try Tonight) Health Today

Search URL Search Domain Scan URL

URL: https://15719d.llsdzktnxwnnr.com/?subid1=$section_name$&adtitle=Hvor+meget+koster+det+at+renovere+et+badev%C3%A6relse%3F+Priserne+vil+m%C3%A5ske+o&subid3=$section_id$&site=$publisher_name$_$section_name$&network=outbrain&OutbrainClickId=$ob_click_id$&subid4=ar-dk-a-bath9dk-52782-a0707-ob-sm&kw1=Renovering+Af+Lille+Badev%C3%A6relse&kw2=Renovering+Badev%C3%A6relse&kw3=Renovering+badev%C3%A6relse+pris&kw4=Badev%C3%A6relse+Inspiration+2021&kw5=Billig+makeover+badev%C3%A6relse&backfill=0&obOrigUrl=true
Title: Hvor meget koster det at renovere et badeværelse? Priserne vil måske overraske dig Ombygning af badeværelse | Søgeannoncer

Search URL Search Domain Scan URL

URL: https://www.top5datingsider.dk/?utm_source=22&tmplt=1.1&zoneid=$section_id$&zonename=$section_name$&adid=00352a3f470af1ece7190b608d542e289b&adname=5+datingsider+der+%C3%A6ndrer+spillet+i+2021&cmpgid=00423f8a0684feeb5acb232c75fb2e2591&adacc=outb1&srcclkid=$ob_click_id$&obOrigUrl=true
Title: 5 datingsider der ændrer spillet i 2021 Top 5 Danske Datingsider

Search URL Search Domain Scan URL

URL: http://historydaily.org/60-crazy-medical-practices-doctors-thought-made-sense?utm_subid=1164856&utm_campaign=NORDIC_357849&utm_source=outbrain_tc&utm_medium=tc&utm_term=$publisher_name$_$section_name$&utm_content=001e8ae64ce91dd9b46c07af86cdb5c1c2&obOrigUrl=true
Title: 60 Cruel Medical Practices Doctors Thought Worked History Daily

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.postfun.com/celebrity/photo-albums-highlight-key-differences-between-the-british-royal-family-weddings/?utm_campaign=oyt-d-n1-u-0-0-210611-pu-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=00ec12c00af36083a22fadf6d81cf94e38&utm_cpc=$cpc$&obOrigUrl=true
Title: Wedding Photos Might Help Explain Why Meghan Left The Royals Post Fun

Search URL Search Domain Scan URL

URL: https://www.stadiumtalk.com/s/best-soccer-goalkeepers-world-e6f9640e01b44611?utm_campaign=soccergoalkeepers-2c478b4db5c34419&utm_medium=cpc&utm_source=out&aid=003844947a775b74259ba29ff4730569c0&utm_term=$publisher_name$&obOrigUrl=true
Title: Ranking the Best Goalkeepers in the World Stadium Talk

Search URL Search Domain Scan URL

URL: https://money-hero-tracking.org/click?trvid=10900&OutbrainClickId=$ob_click_id$&campid=008a2102df8fdbad02223680a9294460ba&creaid=003a6d290c4bae264a3d500fcd5f2e6ce8&atitle=Most+Computer+Owners+Don%27t+Know+This+Trick+%28Do+It+Now%29&dtitle=%283%29+Incredible+New+Security+Tool+Goes+Viral+For+2021.+Here%27s+What+You+&pubidx=$section_name$&ts=outb&pubid=$publisher_id$&secid=$section_id$&obOrigUrl=true
Title: Most Computer Owners Don't Know This Trick (Do It Now) TotalAV

Search URL Search Domain Scan URL

URL: https://www.workandmoney.com/s/wealthiest-countries-world-d4026086e01e4ac9?utm_campaign=wealthiestcountries-3fec1ec2000a45fa&utm_medium=cpc&utm_source=out&aid=00bcd867dc03f5a83b9d1fcf30e756840b&utm_term=$publisher_name$&obOrigUrl=true
Title: Richest Countries in the World, Ranked Work + Money

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/cool-maps-europe-11a66f6c5ec04106?utm_campaign=cooleuropemaps-72a105105f574db7&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: These Maps Show Europe In A New Light Far & Wide

Search URL Search Domain Scan URL

URL: https://domainlive.org/view/AGqpTep6lOiSyatsULpiLF2FL2eqa4mGiGXxUpIXQfd7ZM?c=36863&pid=4443&tid=$ob_click_id$&ob_marketer=Fresquito_US&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=0029a2dea006d1ae5a254353865736754e&ob_timestamp=$time_stamp$&ob_platform=WEB&ob_campaign_id=00a513b32b8525f0db1497d4cd80420d14&ob_doc_title=Top+Doctors+Now+Recommend+New+CBD+Drops+For+Amazing+Relief+That%E2%80%99s+100%25&site=CBDMultiWeb30tr_$publisher_name$_$section_name$_0029a2dea006d1ae5a254353865736754e&mavcid=MANAGERCAMPAIGNID&ob_marketer_id=00328220254c505f3ac72764d325069cb5&obOrigUrl=true
Title: Doctors Baffled: Simple Tip Relieves Years of Joint Pain (Try Tonight) Health Today

Search URL Search Domain Scan URL

URL: https://rfvtgb.crowdyfan.com/worldwide/recommended-cars?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=cf-uglycar-nord-des-ia-yy-04021d&utm_term=$section_name$&obOrigUrl=true
Title: [Pics] 15+ Ugliest Cars Ever Made Crowdyfan

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/europes-most-livable-cities-71985994306c4df6?utm_campaign=europelivable-0135f6a6683542c3&utm_medium=cpc&utm_source=out&utm_term=$publisher_name$&obOrigUrl=true
Title: 15 European Cities with Highest Quality of Life Far & Wide

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCLLLdCANnMAdMyrXdYbSlxg
Title:

Search URL Search Domain Scan URL

URL: https://conferences.jpost.com/conference/newyorkconference2020/home
Title: JPost NY Conference

Search URL Search Domain Scan URL

URL: https://conferences.jpost.com/conference/diplomatic2019/2019-11-21/about
Title: Diplomatic Conference

Search URL Search Domain Scan URL

URL: https://www.ivritalk.com/?aff=JPostIcon
Title: IvritTalk- Free trial lesson

Search URL Search Domain Scan URL

URL: http://www.jpostlite.co.il/
Title: Jerusalem Post Lite

Search URL Search Domain Scan URL

URL: http://marchoftheliving.jpost.com/
Title: March of the living

Search URL Search Domain Scan URL

URL: https://congress.jpost.com/global-kabbalat-shabbat/
Title: Kabbalat Shabbat

Search URL Search Domain Scan URL

URL: https://landingpage.jpost.com/genesis/genesis.aspx
Title: Shapers of Israel

Search URL Search Domain Scan URL

URL: https://www.maariv.co.il/
Title: Maariv Online

Search URL Search Domain Scan URL

URL: https://www.maariv.co.il/news
Title: Maariv News

Search URL Search Domain Scan URL

URL: https://payments.jpost.com/paywall/paywallpersonaldetails
Title: JPost Premium

Search URL Search Domain Scan URL

URL: https://members.jpost.com/ulpanonline/ulpanonlinehome.aspx
Title: Ulpan Online

Search URL Search Domain Scan URL

URL: https://members.jpost.com/LandedPages/hebrew.aspx
Title: Learn Hebrew

Search URL Search Domain Scan URL

URL: http://jbstv.org/
Title: Jewish Broadcasting Service

Search URL Search Domain Scan URL

URL: http://www.danhotels.com/JerusalemHotels/?utm_source=jpost&utm_medium=referral&utm_content=footer&utm_campaign=jpost-dan
Title: Jerusalem Hotels

Search URL Search Domain Scan URL

URL: http://www.kkl.org.il/eng/
Title: KKL-JNF

Search URL Search Domain Scan URL

URL: http://www.bankhapoalim.com/?refferer=Jpost&subject=hp
Title: Poalim Online

Search URL Search Domain Scan URL

URL: https://www.danielchen.co.il/

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new window

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jpost.com/ HTTP 301
https://jpost.com/ HTTP 301
https://www.jpost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 169

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 175

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=90&cs_ucfr=1&ns__t=1628202232179&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D90%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDK&c9=https%3A%2F%2Fwww.jpost.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=90&cs_ucfr=1&ns__t=1628202232179&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D90%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDK&c9=https%3A%2F%2Fwww.jpost.com%2F

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1

Request Chain 235

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQxk.K-nMgdPaBJhONyDxwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1&google_hm=2

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELYad9ITi7cDxoUjaUnVIsU&google_cver=1

Request Chain 237

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjUwNjY1NTcxMTA4Mzk2

Request Chain 252

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 294

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

312 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.jpost.com/
Redirect Chain

http://jpost.com/
https://jpost.com/
https://www.jpost.com/

145 KB
146 KB

56ms
16ms

Document
text/html

2600:9000:211e:9800:4:69bf:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:9800:4:69bf:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9486a0b751e14c3cd650b31cab37593285a4f63ed3bf578979c02fd71e115709

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: www.jpost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
cache-control: public, max-age=150
server: Microsoft-IIS/10.0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
date: Thu, 05 Aug 2021 22:22:08 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cloudfront-is-desktop-viewer: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: RZFLoyM-PzwZaXxzPrxkrHtWZogfuqu_tlIAVSuGdv6K1k09REldDQ==

Redirect headers

server: CloudFront
date: Thu, 05 Aug 2021 22:23:50 GMT
content-length: 0
location: https://www.jpost.com/
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CXK1v9xUcyAc9-VKd8hSAlBgpQ0b16ERhV0_-M_L2HwIrSOlh_pWdg==

GET
H2 200 css_1280.min.css
www.jpost.com/css/ 27 KB
5 KB 21ms
20ms Stylesheet
text/css 2600:9000:211e:9800:4:69bf:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jpost.com/css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:9800:4:69bf:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b68e9f9a553084f70b0b50e054987515e63d918c7d03ca7a396854394be5bc4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:path: /css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jpost.com
referer: https://www.jpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 08:43:25 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
x-powered-by: ASP.NET
etag: W/"1d782c3768e19a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
date: Sun, 01 Aug 2021 21:44:07 GMT
cloudfront-is-desktop-viewer: true
x-amz-cf-id: lDIpshvNdOT9TXU-XpUhJK9IQXvmnXet6lz9T13VZteKxjLWF0i3wA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c235c01da59796d898a6cec03be70d348db98dc9428d3552ba0e2bfac231b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "950 / 212 of 1000 / last-modified: 1628201278"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24885
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:50 GMT

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/ 11 KB
5 KB 48ms
11ms Script
application/javascript 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:15:12 GMT
content-encoding: br
last-modified: Sun, 20 Jun 2021 12:01:44 GMT
server: AmazonS3
age: 519
etag: W/"1f2e2e253216d7dc0988459b5390d3aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: .srghp8c0Upd2n45VUnL3YB0yg5PLR.a
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
cache-control: public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: TBBNtK3OyS47wBUKXo22g1vKPDp8rx63-R87UhFvp4aLZ-u34BU5cw==

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 209 KB
63 KB 248ms
63ms Script
text/javascript 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/?i=Lq17fOU6DK5fYHg

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

5aae1c32cf5bc4aed85d56579ce12da4034baa28f1cbbeff95804154afe2d2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 17 Jun 2021 19:22:11 GMT
Server: Apache
ETag: "343f4-5c4fb1fafbec0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache, max-age=0
Transfer-Encoding: chunked
Connection: close
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block

GET
H2 200 aaw.jpost.js Show response
cdn.adapex.io/hb/ 444 KB
120 KB 62ms
27ms Script
application/javascript 2606:4700:3030::6815:631
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.jpost.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:631 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bcecfe7a1a6c6947b031db7a954aac392bad5c961bc99f4724c277f4ded254a

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34657
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 03 Aug 2021 05:01:11 GMT
server: cloudflare
etag: W/"6108cd97-6ee48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVFvoykII0v3ol8NEawcgDMJQXfmycoQHdATbFw6sMwTm62awVtIe21abrPdbE1VcJSvzxb%2BNfYcW3u1xH9dUmIWfQAkB6msFRUu%2Fs5lZU%2BvD%2B%2F88J07G4PJEvTXNyBciAUsqXv%2B9ZhWkARp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 67a36ea70f3342ee-FRA
expires: Fri, 06 Aug 2021 12:46:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
24 KB 225ms
107ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f16eb51eb8a930f21ab9c708601848e2c523d5eba3f7fa32c509901f804a935f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "950 / 227 of 1000 / last-modified: 1628201278"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24886
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:50 GMT

GET
H2 200 mail-header.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 344 B
991 B 68ms
15ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/mail-header.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a5840112fa69da34584506241c378b4e34b12f12334a851fdac17b820dfc24e4

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 342331794557322760317579350739782196859,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="mail-header.webp"
content-length: 344
x-served-by: cache-wdc5524-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 22 Sep 2019 07:50:48 GMT
server: cloudinary
x-timer: S1627457292.634671,VS0,VE1
etag: "b653a0704d12945945143e3841a15f73"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: DQaUZmZP284AC5klLxo4xxWoSX5jumrU61DuDZI1PNAwE_5w1zQi4A==
x-cache-hits: 1

GET
H2 200 twitter-header.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 330 B
979 B 68ms
15ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/twitter-header.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: cddcc52dfaa4cf024a2dc9dac7bfd6a78a95f1945f32f4201a404e61e6fe2822

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 459910646738990734339489780735970029592,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="twitter-header.webp"
content-length: 330
x-served-by: cache-wdc5581-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 22 Sep 2019 07:50:48 GMT
server: cloudinary
x-timer: S1627457292.625800,VS0,VE1
etag: "ce76cc2d344ab31689ad1a6b38ad08c9"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 4cptmFKBb8LZUn8IDOU5PowBaFLzgvROQlDEyTHLFXHdp0m1dZICTg==
x-cache-hits: 1

GET
H2 200 facebook-header.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 284 B
933 B 68ms
16ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/facebook-header.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c0b017ea77c2fbe00c8d6acd7a1295bc106f85efc88c7b9af91bd8d1c2443e4f

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 577882282471628523326966349103845333501,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="facebook-header.webp"
content-length: 284
x-served-by: cache-wdc5569-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 22 Sep 2019 07:50:48 GMT
server: cloudinary
x-timer: S1627457292.618849,VS0,VE1
etag: "0f4e0c02797e12a8d9e5e47bdd34e1b7"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 399SynH56iSB0kj1pcDGGec7jGjtyQGNgkNhyBGvp2TWZnir4QQldQ==
x-cache-hits: 1

GET
H2 200 446494
images.jpost.com/image/upload/f_auto,fl_lossy/ 192 B
835 B 68ms
16ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/446494
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a06d70fe8da62483acc7a4cc3636c7965644b2b2d779e9ea3c2c490f24ca40af

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 296763893825290490486451663893198332347,370794265990519824081192790279000863797,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="446494.webp"
content-length: 192
x-served-by: cache-wdc5551-WDC
x-cache: Hit from cloudfront
last-modified: Mon, 23 Sep 2019 09:41:40 GMT
server: cloudinary
x-timer: S1627457292.589718,VS0,VE1
etag: "a04e2bb04d1cdb8d20bc490f3d762d34"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: jFjPYmcDEzk5_QlxY06FbSbedcIQgG4-rVnvzUHEOLENI5U2uvMK6A==
x-cache-hits: 1

GET
H2 200 Top-Icon.png
images.jpost.com/image/upload/v1609846281/Icons/ 2 KB
2 KB 71ms
19ms Image
image/png 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1609846281/Icons/Top-Icon.png
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2a47755a3341a60972aa173ed45390aa93ed609ed5c82ba583be9bb2a3a6a2c0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 367576938582499389847080499943789582587,66c5dca4b3f8582d0d602bcb8174b79b
x-cache: Hit from cloudfront
content-length: 1683
x-served-by: cache-wdc5525-WDC
last-modified: Tue, 05 Jan 2021 11:31:22 GMT
server: cloudinary
x-timer: S1627457292.610931,VS0,VE1
etag: "11474b9c54bec75a1bb44c635904a795"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 8uMzu1tT5i5BJVhH3EHNh04bqF9XmenqpUD_z9gR9BbJv3Oa7eWdiw==
x-cache-hits: 1

GET
H2 200 profile-user.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 428 B
1 KB 61ms
20ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/profile-user.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7435b1cc1e69ad04a3626a452f964b0adfa0980fa319590929683eac7f58b688

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 259998183192229216107139294816099462907,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="profile-user.webp"
content-length: 428
x-served-by: cache-wdc5551-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 26 Sep 2019 11:27:58 GMT
server: cloudinary
x-timer: S1627457292.588271,VS0,VE1
etag: "b22afa03fe32a7490982cc2805812345"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: QinPVUEL7CN7RpEpEZofgr2wfk9MzCDuM5R4rV2lGgrLd3gO4A8hnw==
x-cache-hits: 1

GET
H2 200 445964
images.jpost.com/image/upload/ 8 KB
9 KB 41ms
15ms Image
image/png 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/445964
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4a0e307f58197b5568cec9a9498f024a7bacf3e1f2109c08cafaa67e7506e657

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 576361847577601868912720716683675608161,383916431502909843384027972104933148157,66c5dca4b3f8582d0d602bcb8174b79b
x-cache: Hit from cloudfront
content-length: 8655
x-served-by: cache-wdc5583-WDC
last-modified: Mon, 09 Sep 2019 11:15:32 GMT
server: cloudinary
x-timer: S1627457292.631642,VS0,VE1
etag: "218ecdc6f72214aba565072102a1ea42"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: tRbvxyuZHAjqWHaBoB0YtytSW6924w5ot7ngTwYgn1uJqz2JsjJXhg==
x-cache-hits: 1

GET
H2 200 458911
images.jpost.com/image/upload/ 9 KB
10 KB 30ms
29ms Image
image/png 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/458911
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 932a86a68031021f339685be7a0e99ca8e78c08021960b548625ca997dff0292

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 299100965387078419734342782223037626370,383916431502909843384027972104933148157,66c5dca4b3f8582d0d602bcb8174b79b
x-cache: Hit from cloudfront
content-length: 9492
x-served-by: cache-wdc5528-WDC
last-modified: Mon, 08 Jun 2020 13:11:12 GMT
server: cloudinary
x-timer: S1627457292.633475,VS0,VE1
etag: "6a5a299a5321cfe82a4157fde17312dd"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: cjmrjn9ktLpyHIfaM2SeKdbb2BOp6_Uav_ElEXqiIOhIqVN9_JicSQ==
x-cache-hits: 1

GET
H2 200 474208
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStoryLargeImageFaceDetect/ 14 KB
15 KB 24ms
23ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStoryLargeImageFaceDetect/474208
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 350d0116d7f955aae767548ed3f45ddefa4666c060a6ec23ed6756328682ccdd

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 12:40:30 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 121400
edge-cache-tag: 393281549053129738758186577875094552178,518439762337588399941348075886382133116,66c5dca4b3f8582d0d602bcb8174b79b
status: 200 OK
content-disposition: inline; filename="474208.webp"
content-length: 14716
x-request-id: 83c6d93575a1d895b52e7a726e023b7a
x-served-by: cache-wdc5579-WDC
x-cache: Hit from cloudfront
last-modified: Wed, 04 Aug 2021 12:40:29 GMT
server: cloudinary
x-timer: S1628080830.277796,VS0,VE0
etag: "0dd5950f0c7d307e4ca55188da52cd6e"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: YoWcBhTtDpB6A1GwlSHowTvdwIDbho2x4VBB3nDQXLvYLEZHz961aQ==
x-cache-hits: 1

GET
H2 200 478321
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStorySmallImageFaceDetect/ 7 KB
8 KB 24ms
23ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStorySmallImageFaceDetect/478321
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2ef8dbb9b45985bbe0fb9f939664389c566febbd09d8446c5cd104d269ebb528

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 16:28:31 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 366919
edge-cache-tag: 563708518054821224057739059583408338149,481095182455803861808455063142272120833,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="478321.webp"
content-length: 7244
x-served-by: cache-wdc5524-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 20 Jun 2021 17:53:34 GMT
server: cloudinary
x-timer: S1627835311.405618,VS0,VE1
etag: "a0af5db4eb7efa7948d39a2b23fd9fa0"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: RJpQ6Gr2sSBnXuAiF7Zon8UPEkxUztSkkeJ-ntz6pJC2jVrOrwNEYQ==
x-cache-hits: 1

GET
H2 200 477204
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStorySmallImageFaceDetect/ 7 KB
8 KB 25ms
24ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStorySmallImageFaceDetect/477204
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 823fc62093519436a87dde00f879d35b3fd6523e8621f0489afe4f4f33efa285

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 15:33:20 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 24630
edge-cache-tag: 353432384734732574628034707078494879044,481095182455803861808455063142272120833,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="477204.webp"
content-length: 7480
x-served-by: cache-wdc5565-WDC
x-cache: Hit from cloudfront
last-modified: Sat, 29 May 2021 17:39:59 GMT
server: cloudinary
x-timer: S1628177600.422391,VS0,VE1
etag: "9254cbb47f0a9f41ea6ee5f456d2f78a"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: wLN4z7ygMgtHW5SYk2IvJk7Vp7DqdWYqhzVQjHKGJR0nb7MKFjRhiw==
x-cache-hits: 1

GET
H2 200 477853
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStorySmallImageFaceDetect/ 7 KB
8 KB 27ms
26ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_TopStorySmallImageFaceDetect/477853
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5d48bb6f0899203043a845cf13e4d48fbf112e724806bba09a35fbc002e1221b

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:20:02 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 228
edge-cache-tag: 250455554454734488516420945370552131424,481095182455803861808455063142272120833,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="477853.webp"
content-length: 7084
x-served-by: cache-wdc5556-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 10 Jun 2021 20:57:35 GMT
server: cloudinary
x-timer: S1628202002.010282,VS0,VE1
etag: "c4e27171b46ca4665be6b9929ff0ce74"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GXv6lvutDojx9_L0tWqkvTYENZLD1kNJ3p_XC8ABchdyGOVV5_637w==
x-cache-hits: 1

GET
H2 200 446510
images.jpost.com/image/upload/f_auto,fl_lossy/ 244 B
887 B 27ms
26ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/446510
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 899694b4b21e8b1b79bc71898023d2ee2e3d684c14c9dbd3bfd1f604ada82713

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 310084951817179336598236254836453441680,370794265990519824081192790279000863797,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="446510.webp"
content-length: 244
x-served-by: cache-wdc5555-WDC
x-cache: Hit from cloudfront
last-modified: Mon, 23 Sep 2019 09:41:39 GMT
server: cloudinary
x-timer: S1627457292.614037,VS0,VE1
etag: "88dcc5b8f49a15f8cc78593f1f0861de"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: XsgewVEVoQETnx4VYy8fsDJBnOB9hjDL6wcsw1ALvrjxmwblx5eFQw==
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
57 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4BJGTM

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12357a91880129b920ab8186c638c4e599150f6cc330475dfbd403e76edcbd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57932
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 21:09:56 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Aug 2021 22:23:50 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 34 B
189 B 124ms
39ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode,region
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: f56f843284945e0ecc9414d1499d7a199062fa6abcbe1a8a2b788844162cd640

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Aug 2021 22:23:50 GMT
Content-Length: 34
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 34 B
189 B 124ms
39ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode,region
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: f56f843284945e0ecc9414d1499d7a199062fa6abcbe1a8a2b788844162cd640

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Aug 2021 22:23:50 GMT
Content-Length: 34
Content-Type: application/json; charset=utf-8

GET
H2 200 css_1024.min.css
www.jpost.com/css/ 27 KB
4 KB 18ms
14ms Stylesheet
text/css 2600:9000:211e:9800:4:69bf:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jpost.com/css/css_1024.min.css?v=UazEY0B9lId4VD2iuZK0nAJzpDWgPmr_KwdQOvoDOyo

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:9800:4:69bf:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

51acc463407d948778543da2b992b49c0273a435a03e6aff2b07503afa033b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:path: /css/css_1024.min.css?v=UazEY0B9lId4VD2iuZK0nAJzpDWgPmr_KwdQOvoDOyo
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.jpost.com
referer: https://www.jpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
last-modified: Tue, 27 Jul 2021 08:43:25 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
x-powered-by: ASP.NET
etag: W/"1d782c3768e1ea5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
date: Wed, 28 Jul 2021 12:51:22 GMT
cloudfront-is-desktop-viewer: true
x-amz-cf-id: 5Qxy1No0MYRR1tYlLL355S8BL9RjdglM25l5eOAd0YfjM1DkVUe__w==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 31ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:50 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/67F3)
Age: 1470
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 mail-footer.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 432 B
1 KB 27ms
26ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/mail-footer.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 292c75919ea21accc272b0ab64b17c0d93b0420455c3b6b84dbe43cbb26711e7

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 259789315463114058984403172621910376039,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="mail-footer.webp"
content-length: 432
x-served-by: cache-wdc5543-WDC
x-cache: Hit from cloudfront
last-modified: Wed, 23 Oct 2019 10:30:58 GMT
server: cloudinary
x-timer: S1627457292.623165,VS0,VE1
etag: "6a8294e3f581a961ee28bf62d1cfbbc8"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0PRNhnlAWeAzHH5HBmEzgyP-PGnH-T8Zmlpv23DOVeaIDpBmhpdA5g==
x-cache-hits: 1

GET
H2 200 twitter-footer.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 430 B
1 KB 28ms
27ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/twitter-footer.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2d2ece7738a34510712fa98224c3f0af58629bce2bc31f071a4a209e220f5895

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 542100210931365540668064800060503956955,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="twitter-footer.webp"
content-length: 430
x-served-by: cache-wdc5576-WDC
x-cache: Hit from cloudfront
last-modified: Wed, 23 Oct 2019 10:31:00 GMT
server: cloudinary
x-timer: S1627457292.616407,VS0,VE1
etag: "5c6d77b093436c0f05e19a4e63ae1c84"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ThiQVFAkJGdszkX6ENLEzZoJcXv__f_pvMkiUqMnglQ2tdiWqGN73w==
x-cache-hits: 1

GET
H2 200 facebook-footer.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 364 B
1013 B 28ms
27ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/facebook-footer.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7eed350931e2f17f1ba34dd410696e096fc8dc1bc9a025d65b6a175e16c307bb

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 471350981452047515681803908838563040958,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="facebook-footer.webp"
content-length: 364
x-served-by: cache-wdc5577-WDC
x-cache: Hit from cloudfront
last-modified: Wed, 23 Oct 2019 10:31:04 GMT
server: cloudinary
x-timer: S1627457292.603105,VS0,VE2
etag: "78a4a1015b47185962116197a3168d39"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: RHD0jvwxnCPD6v0kE_LEj7cF87Phbnm7qXQjKQe4Io7Yob8ywu1h0g==
x-cache-hits: 1

GET
H2 200 youtube-footer.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 404 B
1 KB 28ms
28ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/youtube-footer.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6002dfc67ce01be8722df27414eeb77160aceb6a179fb772e07d9cf6acd14248

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 283640783543382001162667161528245861999,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="youtube-footer.webp"
content-length: 404
x-served-by: cache-wdc5568-WDC
x-cache: Hit from cloudfront
last-modified: Wed, 23 Oct 2019 10:31:05 GMT
server: cloudinary
x-timer: S1627457292.598162,VS0,VE1
etag: "55167fc152365fd505d5d3d29000cc23"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Vz2Jju3UVQ67d2AHqsu-mDya5826BJ4NDNEYNli_8YRTJsW3q6K5Dw==
x-cache-hits: 1

GET
H2 200 jquery.min.js Show response
www.jpost.com/lib/jquery/dist/ 87 KB
31 KB 15ms
14ms Script
application/javascript 2600:9000:211e:9800:4:69bf:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jpost.com/lib/jquery/dist/jquery.min.js?v=9_aliU8dGd2tb6OSsuzixeV4y_faTqgFtohetphbbj0

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:9800:4:69bf:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:path: /lib/jquery/dist/jquery.min.js?v=9_aliU8dGd2tb6OSsuzixeV4y_faTqgFtohetphbbj0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jpost.com
referer: https://www.jpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 06:48:55 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
x-powered-by: ASP.NET
etag: W/"1d6b6646451f804"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
date: Wed, 28 Jul 2021 12:51:33 GMT
cloudfront-is-desktop-viewer: true
x-amz-cf-id: zo9RdbmyYAZGfHl9SiLSh9bKrIFh8k96YhcFHEWn37pmvibBahT61g==

GET
H2 200 site.min.js Show response
www.jpost.com/js/ 12 KB
5 KB 25ms
13ms Script
application/javascript 2600:9000:211e:9800:4:69bf:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jpost.com/js/site.min.js?v=f9eCAJyQWY6aWqXA3Jju1fw_TiIzXuhFc2hA-nrqUOE

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:9800:4:69bf:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7fd782009c90598e9a5aa5c0dc98eed5fc3f4e22335ee845736840fa7aea50e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:path: /js/site.min.js?v=f9eCAJyQWY6aWqXA3Jju1fw_TiIzXuhFc2hA-nrqUOE
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jpost.com
referer: https://www.jpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
last-modified: Tue, 06 Jul 2021 11:13:13 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
x-powered-by: ASP.NET
etag: W/"1d77257e92584b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
date: Wed, 28 Jul 2021 12:51:33 GMT
cloudfront-is-desktop-viewer: true
x-amz-cf-id: eXbdv_rg2oeTCrYNXAf6BAsnyPQq4tZ34CCAy0oIULJP0nF8Ci0-Bg==

GET
H2 200 homejs.min.js Show response
www.jpost.com/js/ 32 B
455 B 25ms
13ms Script
application/javascript 2600:9000:211e:9800:4:69bf:5d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jpost.com/js/homejs.min.js?v=HvbtDvcOc96XKNlrJXREJO9sBPMPXMLGLJywRonTIOk

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:9800:4:69bf:5d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1ef6ed0ef70e73de9728d96b25744424ef6c04f30f5cc2c62c9cb04689d320e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:path: /js/homejs.min.js?v=HvbtDvcOc96XKNlrJXREJO9sBPMPXMLGLJywRonTIOk
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.jpost.com
referer: https://www.jpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
etag: "1d6ef35cc114fa0"
last-modified: Wed, 20 Jan 2021 14:08:59 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: FRA56-C2
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
date: Wed, 28 Jul 2021 13:08:14 GMT
cloudfront-is-desktop-viewer: true
accept-ranges: bytes
content-length: 32
x-amz-cf-id: gWb-1eJ3J2I6qQ0Ka5ZdtgWd45DuGEzsenScgBeaw_gmIJhrTwxBQg==

GET
H2 200 serve_onetag Show response
stag-core.tfla.xyz/ 7 KB
2 KB 132ms
106ms Script
text/javascript 2a00:1450:4001:829::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stag-core.tfla.xyz/serve_onetag?pub_id=34&domain=www.jpost.com&rand=4
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 7b1bff77779d96c841b4bf9574db5bb0700a414a63afaf221dd9ac0a6becccda

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
x-cloud-trace-context: ccf8cb5b24d5fc95c260af9172881874
cache-control: private
content-length: 2249

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 138ms
49ms Script
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding: gzip
server: Server
age: 39
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Thu, 05 Aug 2021 22:23:11 GMT
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QLT4P67M3eCrsmwTdNAzkKE9tFbn7AI8esgwHyakiSX_kaZ2tycMSw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: nSH685IT+gfo0gvhkByt3q7/uN+6ESSnbESRpZ1ftcZ2JZ7e834lIyxaGzQnPGxVc5mr5M0dGCgpB2k5nkQLcg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 05 Aug 2021 22:23:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 min.js Show response
revboostprocdnadsprod.azureedge.net/scripts/latest/ 0
155 B 24ms
6ms Script
application/x-javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://revboostprocdnadsprod.azureedge.net/scripts/latest/min.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
last-modified: Tue, 13 Jul 2021 11:01:18 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "ac3a2368d677d71:0"
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 183 KB
61 KB 110ms
35ms Script
application/x-javascript 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e5bfda5a932e1f5355df678dfe8a53160267943ccf4648fd123cdba6c829950

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 08:56:23 GMT
etag: W/"2da60-Ga50L/Oi94tijl2E0n0nJ/z23jI"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 3afc635775734c6652511b444f37d87c
timing-allow-origin: *, *
content-length: 62008
expires: Fri, 06 Aug 2021 02:23:50 GMT

GET
H2 200 OpNCnoEOns3V7GcOrg4.woff2
fonts.gstatic.com/s/khula/v7/ 11 KB
11 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/khula/v7/OpNCnoEOns3V7GcOrg4.woff2

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0e2d6ef1822ed8e5258624a51096c7748a1759a78e09b85fd23220a7e9c1d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:28:22 GMT
x-content-type-options: nosniff
age: 222928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10880
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:28:22 GMT

GET
H2 200 OpNPnoEOns3V7G-1ixvTpi8.woff2
fonts.gstatic.com/s/khula/v7/ 10 KB
10 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/khula/v7/OpNPnoEOns3V7G-1ixvTpi8.woff2

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04acece9298cec6f93681376ae02d469cd62cb51b3d6d670d0919ad5350375ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 13:52:17 GMT
x-content-type-options: nosniff
age: 203493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10556
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 13:52:17 GMT

GET
H2 200 search.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 398 B
1 KB 29ms
28ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/search.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 88c0fef3091671cceed733723fe33338255a8e66c0c5772a830a3d000d5b8d10

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 271685536641292622261308134797326713299,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="search.webp"
content-length: 398
x-served-by: cache-wdc5572-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 22 Sep 2019 07:50:48 GMT
server: cloudinary
x-timer: S1627457292.618103,VS0,VE1
etag: "2fe06c063dd1fdff327b305dc5693ede"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: awaapLXrLXbSW5hLuu0iQssdd7PahfnShVWhXNDhyPKdBmXwJm2I8w==
x-cache-hits: 1

GET
H2 200 pubads_impl_2021080201.js Show response
securepubads.g.doubleclick.net/gpt/ 328 KB
115 KB 126ms
62ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f19ec923daf7d72e5f2f155ba6229ffde0afd953ce121b44c1ad55e332db58f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 08:47:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116893
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 488 B
859 B 164ms
58ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.jpost.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

acb10f47a41afcb5b883793b7b442219071ae6b97b4f94d17324d25693696977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:51 GMT

GET
H3-29 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 00:35:58 GMT
x-content-type-options: nosniff
age: 251272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19900
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:50:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 00:35:58 GMT

GET
H3-29 200 1730128020581377 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1730128020581377?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc14419d3193a259312aaa121c090ff9207c65db769c7dfc19ccac8a08981c9c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73505
x-xss-protection: 0
pragma: public
x-fb-debug: VbsmOS1za5ObZkSZAgMtjBFMg4avbymsUFAQ+ZpZ9l+ADU5pVraEk6u8VtlFWMmaUGfizr6qvJVuROMw5LcRig==
x-frame-options: DENY
date: Thu, 05 Aug 2021 22:23:50 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Podcast.svg
images.jpost.com/image/upload/v1616314142/Icons/ 1 KB
1 KB 16ms
12ms Image
image/svg+xml 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1616314142/Icons/Podcast.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 18ff1e3421b1f1e290998e62486ebe08904d3b2180956b72a2de91a22b362abb

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 353963219270830759733715325142995332032,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: attachment; filename="Podcast.svg"
content-encoding: gzip
x-served-by: cache-wdc5582-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 21 Mar 2021 08:09:04 GMT
server: cloudinary
x-timer: S1627457292.612972,VS0,VE1
etag: W/"a9cf64e027c82d02f03a37e083a557b9"
vary: Accept-Encoding,Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GSBzwt5ZK0KSzAD9zAJK5sAc3qQNpBiV93jRNN7Ly-zENaEkiM98Jw==
x-cache-hits: 1

GET
H2 200 Zoomcast.svg
images.jpost.com/image/upload/v1616314915/Icons/ 719 B
1 KB 18ms
15ms Image
image/svg+xml 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1616314915/Icons/Zoomcast.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 476bcd9b9748bf4f352cd33af4b8289dbac96ec6f857ae5001c7e4775a8a48d3

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744939
edge-cache-tag: 416379443809707106841733349458303354389,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: attachment; filename="Zoomcast.svg"
content-length: 719
x-served-by: cache-wdc5537-WDC
x-cache: Hit from cloudfront
last-modified: Sun, 21 Mar 2021 08:51:14 GMT
server: cloudinary
x-timer: S1627457292.624024,VS0,VE1
etag: "9cf2378ac2d73a51109d11e6ae5f4fed"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: cgB22QEcTIj3CTcLSxHXB_UIZOWcvWI8RHvZv4kFS62FzE_3ewuFTA==
x-cache-hits: 1

GET
H2 200 UAECONF.svg
images.jpost.com/image/upload/v1609755439/Icons/ 4 KB
2 KB 18ms
15ms Image
image/svg+xml 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1609755439/Icons/UAECONF.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5a047a2807134fcc33829a7773f2c02bd2339b1587a0dce07b6e00454ca8f0af

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
content-encoding: gzip
age: 744939
edge-cache-tag: 374506496026139910202132255861593596958,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: attachment; filename="UAECONF.svg"
content-length: 1300
x-served-by: cache-wdc5523-WDC
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 04 Jan 2021 10:34:45 GMT
server: cloudinary
x-timer: S1627457292.628089,VS0,VE1
etag: W/"06bd0104c29b2240131a20630552c7a4"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: JYJSIh9Kw6Sw7pgueQxcqKIjTO1THJjtYWjxp29EE1Z5eqkfJIszUg==
x-cache-hits: 1

GET
H2 200 RE.svg
images.jpost.com/image/upload/v1594286134/Icons/ 1 KB
1 KB 18ms
15ms Image
image/svg+xml 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1594286134/Icons/RE.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 460f100ec22b40760bce4a22eb508f461a922a1c0e1ef1292d48acaf4ed59d6c

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744940
edge-cache-tag: 515969955873236504886074262086322138665,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: attachment; filename="RE.svg"
content-encoding: gzip
x-served-by: cache-wdc5563-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 09 Jul 2020 09:15:37 GMT
server: cloudinary
x-timer: S1627457292.631985,VS0,VE1
etag: W/"869fb6103a1c1797c52d4f20bf03be94"
vary: Accept-Encoding,Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: zX-v_OfmrudAG1t7fZdhGx-GHfipxJE9iFDaIucGl61I7kJZEEKCrA==
x-cache-hits: 1

GET
H2 200 hapoalim.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 326 B
971 B 18ms
16ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/hapoalim.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2c04d3fca9ce4e503aa208e7f64da442098801421b81f63b9e1f1594a9fd36e8

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744940
edge-cache-tag: 336779157833232991948696309346827183050,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="hapoalim.webp"
content-length: 326
x-served-by: cache-wdc5528-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 19 Sep 2019 12:12:38 GMT
server: cloudinary
x-timer: S1627457292.658592,VS0,VE1
etag: "4573d698d65a871b8084a58809ee55cc"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: gVy9-ZpVYuXIF3_24fxB6g0WL2WEF5oCgHobo_L4ZBxiGnbNu1MbQA==
x-cache-hits: 1

GET
H2 200 jp.svg
images.jpost.com/image/upload/v1590063645/Icons/ 428 B
1 KB 18ms
16ms Image
image/svg+xml 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1590063645/Icons/jp.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2346f48d5ac0f767a761cd0bbc9e35d4e9ad1c4a40351b6ba48074b037ad083e

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744940
edge-cache-tag: 495119071654193843423075705587848998486,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: attachment; filename="jp-grey.svg"
content-length: 428
x-served-by: cache-wdc5523-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 21 May 2020 12:23:59 GMT
server: cloudinary
x-timer: S1627457292.637362,VS0,VE1
etag: "ffcc2d8fb65c103d9086028a5ac6f7a7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: gzO2hq8sbIRrYzsS8WHrmq2ilzzc90l_JYKrkgUORNZf769dVA9e2w==
x-cache-hits: 1

GET
H2 200 ivrit-talk.svg
images.jpost.com/image/upload/v1575362764/Icons/ 3 KB
2 KB 19ms
17ms Image
image/svg+xml 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/v1575362764/Icons/ivrit-talk.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 92422896736057cd5f54a3281b97ce0c7cffe3d3f11240b63992086fe44dd9da

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
content-encoding: gzip
age: 744940
edge-cache-tag: 453392244673871780829717385263751731748,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: attachment; filename="ivrit-talk.svg"
content-length: 1362
x-served-by: cache-wdc5582-WDC
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 03 Dec 2019 08:46:06 GMT
server: cloudinary
x-timer: S1627457292.627059,VS0,VE1
etag: W/"3eb75d67b87edd122837cfd36eb90165"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fhU43CGWJN_GjewC1fIduz4MKwT3NzdMHQDht2_5nx3CWHR9cfkKjg==
x-cache-hits: 1

GET
H2 200 lite.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 668 B
1 KB 18ms
16ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/lite.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9c373faeb019ebc0fed954a4f33d9a39ce09ba61942a9c75a41d7044dc03b781

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744940
edge-cache-tag: 414529265660719222037455427217743876520,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="lite.webp"
content-length: 668
x-served-by: cache-wdc5560-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 19 Sep 2019 12:12:41 GMT
server: cloudinary
x-timer: S1627457292.831275,VS0,VE1
etag: "d372c445375c82ec0bf738426607dc06"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: bOlybTJTrpDlMqaUsTtgj90rPjsdMzqjFUJ8okdJbgdzmYLHrFfAvQ==
x-cache-hits: 1

GET
H2 200 dhgate.svg
images.jpost.com/image/upload/f_auto,fl_lossy/Icons/ 424 B
1 KB 18ms
17ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/Icons/dhgate.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c496fde18101e6d34a26af958ef5eaec33cc11028e5c7464b97de92ad810601f

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:11 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744940
edge-cache-tag: 389929283868264489929228255173336176819,496365465308833469358746783171549985560,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="dhgate.webp"
content-length: 424
x-served-by: cache-wdc5569-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 19 Sep 2019 12:12:46 GMT
server: cloudinary
x-timer: S1627457292.842584,VS0,VE1
etag: "e8ce10d0de9acebd13998443535329c1"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: xYJgey_Hly1quX6LMFyKH8Wb4LsAyOOPFLg410w8QTTdaq1Y1nGcrA==
x-cache-hits: 1

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ 0
0 398ms
398ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 34ms
20ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 6961
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a3ffdd84-601e-0142-57e9-88b5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36ea829334e0d-FRA

GET
H3-29 200 j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2
fonts.gstatic.com/s/frankruhllibre/v6/ 20 KB
20 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v6/j8_36_fAw7jrcalD7oKYNX0QfAnPUwvA9JfGhA.woff2

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b6f15515bef3de20931fea83223e07e078174a93b1d677002fb20c7aca2494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:37:49 GMT
x-content-type-options: nosniff
age: 207962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20288
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:56:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:37:49 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 34ms
34ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BJGTM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 21:25:31 GMT
age: 80198
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1628202231.134540,VS0,VE0
x-served-by: cache-fra19152-FRA

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 166ms
60ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BJGTM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13910
x-xss-protection: 0
server: cafe
etag: 8154934153164151798
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 22:23:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4BJGTM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4210
date: Thu, 05 Aug 2021 21:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 05 Aug 2021 23:13:41 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 53ms
30ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 57
x-cache: Hit from cloudfront
last-modified: Mon, 22 Feb 2021 18:41:52 GMT
server: cloudflare
etag: W/"1e16152334c325a4abb81f1a8ee52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 95c9d51ed7176777d7ac8ca8cb233697.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: VIE50-C2
cf-ray: 67a36ea8aa72dfbb-FRA
x-amz-cf-id: xw7uoISyHdF1tjzcvvt7rOztpwCypfdaa5iBJiZNDwFLN_6DG34EoQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1730128020581377&ev=PageView&dl=https%3A%2F%2Fwww.jpost.com%2F&rl=&if=false&ts=1628202231139&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1628202231138.1151251941&it=1628202230981&coo=false&rqm=GET

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 05 Aug 2021 22:23:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1730128020581377&ev=ViewContent&dl=https%3A%2F%2Fwww.jpost.com%2F&rl=&if=false&ts=1628202231142&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1628202231138.1151251941&it=1628202230981&coo=false&rqm=GET

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 05 Aug 2021 22:23:51 GMT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame 3023 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.jpost.com
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D5) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.jpost.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10473
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Aug 2021 22:23:51 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 647C 416 B
798 B 36ms
35ms Document
text/html 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1628144053.711188"
last-modified: Wed, 04 Aug 2021 08:56:02 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Thu, 05 Aug 2021 22:23:51 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1628202231~rv=20~id=552f48714a9e1903cfee086cf93bd0c0; path=/; Expires=Thu, 05 Aug 2021 22:23:51 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3Lmpwb3N0LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 109ms
36ms XHR
application/json 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmpwb3N0LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=35273
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 3d864ed4517e053f0b419256becd0516
Content-Length: 16
Expires: Fri, 06 Aug 2021 08:11:44 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 37ms
35ms Image
image/gif 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=2.5998024546950997
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 04 Sep 2021 22:23:51 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 73ms
72ms XHR
text/plain 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.jpost.com%2F&pubid=e106c355-e3d9-47e5-969a-8493743303a6
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 19:39:40 GMT
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
server: Server
age: 9851
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.jpost.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2CGm1VGGewfy66ZCPQEbTrzccZlAPDZ0eWxLej1cTBAAovphytqATg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 133ms
44ms XHR
application/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 30678
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Thu, 05 Aug 2021 15:41:58 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: Nr5NTlhUDQgHm5ybpJR61HkoGQ-fvjidgd7GINe-zjfJDbUZvVzsMA==

GET
H/1.1 200
OK pxb-jpost-prod.js Show response
cdn.valuad.cloud/pxb/ 446 KB
114 KB 144ms
33ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/pxb/pxb-jpost-prod.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/lib/jquery/dist/jquery.min.js?v=9_aliU8dGd2tb6OSsuzixeV4y_faTqgFtohetphbbj0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

93a1125a3c3ef80e004e551fff07c6eb8db56cf72185862e83e25161ab625aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000449b346-00610c1992-153a4853-fra1a
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
Connection: Keep-Alive
Content-Length: 116390
Last-Modified: Sun, 24 Jan 2021 07:14:43 GMT
x-amz-meta-s3cmd-attrs: atime:1611472480/ctime:1611472478/gid:20/gname:staff/md5:bfb4cc8d3b51414c6c386229c4811251/mode:33188/mtime:1611472478/uid:501/uname:yosidahan
etag: "bfb4cc8d3b51414c6c386229c4811251"
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-HW: 1628202231.dop016.sk1.t,1628202231.cds013.sk1.shn,1628202231.cds013.sk1.c
Content-Type: application/javascript
cache-control: public, max-age=84600, s-maxage=86400
Accept-Ranges: bytes

GET
H2 200 adoric.js Show response
95662602.adoric-om.com/ 141 KB
40 KB 50ms
25ms Script
text/javascript 2606:4700:3035::6815:4ba6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://95662602.adoric-om.com/adoric.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:4ba6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc6b7e38b62557d233334e959867ef5e5dde2eeafe9b565ec35f13446a296d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153
x-dns-prefetch-control: off
content-range: bytes 50-10000/*
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-ray: 67a36ea958362bb9-FRA
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2327c-JKITpKkvCgYUVqkbmBy0oPfwCoo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8y%2FujE0Hoxa%2BJMUXDN4dTfuyzGxSEy9srSiVXEgO2SnXvH0vbsIM7zl%2FrRvCyoNEyexjJyE4UTNpL98YI0yop1YTNTl1O5HYzObWITFeUfRIh25xE1MX8I6pPvTGqRXaOI003LdPRVQ9y0e0WOMiW%2BuvwyG"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: movetogcp2020.com
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: *
content-type: text/javascript; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 86ms
86ms XHR
text/javascript 13.224.90.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.jpost.com%2F&pid=B4elKwOJuSHq4&cb=0&ws=1600x1200&v=7.67.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_300x250_1_Top%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x350%22%2C%22728x90%22%2C%22970x180%22%2C%22970x250%22%2C%22728x180%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_970x250_1_Top%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_728x90_1_Middle%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_728x90_6_Bottom%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_300x250_1_Top%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_300x250_2_Middle%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22120x600%22%2C%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F6943%2FJPost_2017%2FDesktop%2FAll_Regular_Ad_Units%2FHP_300x600_Sidebar_1%22%7D%5D&cfgv=0&pubid=e106c355-e3d9-47e5-969a-8493743303a6&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.90.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-90-44.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.jpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: GO2ILbaby7c06hr7Zg3Z1Ccv3go60yQhVGbem37xOiI-garSaLQB3w==

GET
H2 200 477853
images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticleFaceDetect/ 12 KB
13 KB 14ms
13ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticleFaceDetect/477853
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 6e2e6bf8f6626636cda58faf3800d799ab2a6a211bebf6c5208fee369ca42fda

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 19:01:50 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 12121
edge-cache-tag: 250455554454734488516420945370552131424,472596617555934028344393596413695527320,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="477853.webp"
content-length: 12164
x-served-by: cache-wdc5567-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 10 Jun 2021 18:56:04 GMT
server: cloudinary
x-timer: S1628190111.574563,VS0,VE1
etag: "e327939f0ad34186172cbd53c7263102"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: GEBtrQg68xlHFSmQjhtvwa1W2i5oBpARRHHvNQXQ91aQNzloHaOeCA==
x-cache-hits: 1

GET
H2 200 480836
images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticlesBFaceDetect/ 4 KB
4 KB 16ms
15ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticlesBFaceDetect/480836
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f25c6a2980d4e1f7dd8d2a56228540ec83f16b2e683737b63b3eb45947e2d470

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 08:46:54 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 49017
edge-cache-tag: 249326004474758261668892568679832915229,480077565874095069091328105048297921030,66c5dca4b3f8582d0d602bcb8174b79b
status: 200 OK
content-disposition: inline; filename="480836.webp"
content-length: 3860
x-request-id: 4abef70e064a5900a6ad9f8b8f7cce03
x-served-by: cache-wdc5582-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 05 Aug 2021 08:45:06 GMT
server: cloudinary
x-timer: S1628153214.293275,VS0,VE1
etag: "c89f0d006319b738184d17c892b70e4b"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: mwHHWB3rtBgrRgm0CJmfzsA6wrOr2DnhGWWWLB11DelJlJrQIe81mQ==
x-cache-hits: 1

GET
H2 200 477204
images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticlesBFaceDetect/ 6 KB
7 KB 16ms
15ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticlesBFaceDetect/477204
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a0449c2b5e9424f40effc03b397a558d5a91afb27e61283f1e50a8899db184cb

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 11:24:49 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 39542
edge-cache-tag: 353432384734732574628034707078494879044,480077565874095069091328105048297921030,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="477204.webp"
content-length: 6454
x-served-by: cache-wdc5538-WDC
x-cache: Hit from cloudfront
last-modified: Sat, 29 May 2021 13:15:44 GMT
server: cloudinary
x-timer: S1628162689.193467,VS0,VE1
etag: "0fc9e74b709a5bfed514e99614a83ecd"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: cmGq8ZLbWMcFx42YkyGkdc4ZyK0_4eKMyyvtBsBSCpB0QSS5FKqiMQ==
x-cache-hits: 1

GET
H2 200 480741
images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticlesBFaceDetect/ 4 KB
5 KB 17ms
16ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_CategoryFiveArticlesBFaceDetect/480741
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d3d82d487d29c77b2391b2c81976f672a9f2e50624bb7aef2b92c5361622ac5a

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 12:37:41 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 35170
edge-cache-tag: 481576970143328384331149511410584059285,480077565874095069091328105048297921030,66c5dca4b3f8582d0d602bcb8174b79b
status: 200 OK
content-disposition: inline; filename="480741.webp"
content-length: 4504
x-request-id: 32b6baca632b56a5468a52b815a5a004
x-served-by: cache-wdc5551-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 05 Aug 2021 12:33:18 GMT
server: cloudinary
x-timer: S1628167061.225595,VS0,VE1
etag: "ab7840bd677b0c04c573647e2a0a9c58"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: dgs8dNKq7mQR-qbmkqQlGEgeuBUfIXHJQVYtc09oOzuIdkL6xzW6-g==
x-cache-hits: 1

GET
H2 200 254834
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/ 4 KB
5 KB 18ms
17ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/254834
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2678d8e52f00bfaca4d36890b4458fcd08694ab9850c8f41e0863882cb737b33

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:28:15 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744936
edge-cache-tag: 334063536148660490361168073257634772716,520179705477228596171374133686373596254,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="254834.webp"
content-length: 4196
x-served-by: cache-wdc5574-WDC
x-cache: Hit from cloudfront
last-modified: Mon, 07 Jun 2021 08:49:22 GMT
server: cloudinary
x-timer: S1627457296.931395,VS0,VE1
etag: "f81444b575cf9e8b89d2171e84eb52df"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: yO7oXu4e3kkznKs35egMZYC0FjJteL_4VA_DPUXikC4FSJzSmDF7GA==
x-cache-hits: 1

GET
H2 200 448983
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/ 526 B
1 KB 17ms
16ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/448983
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ecc1573d382bfc56a2e6654cdff5c7ad35f0ce7884bd858a9e0c7a823ad6308a

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 07:39:48 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 744243
edge-cache-tag: 278503868267488038964285566745166399669,520179705477228596171374133686373596254,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="448983.webp"
content-length: 526
x-served-by: cache-wdc5549-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 14 Nov 2019 20:34:11 GMT
server: cloudinary
x-timer: S1627457988.245633,VS0,VE1
etag: "b6cb905f79baf1e8bbde678014bc8505"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 7XPTkyBa1KHb3TEZkerUnKQ8blsCJLpHpSdGcVvVak0w71l8KT5wdg==
x-cache-hits: 1

GET
H2 200 255424
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/ 4 KB
4 KB 18ms
17ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/255424
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f45af631d0b2d223e6768a421e6dbcdf60599f7183fc902cd824f996ba0f0bc8

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 08:06:38 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 915433
edge-cache-tag: 296251414864848458965450609967614858016,520179705477228596171374133686373596254,66c5dca4b3f8582d0d602bcb8174b79b
content-disposition: inline; filename="255424.webp"
content-length: 3828
x-served-by: cache-wdc5535-WDC
x-cache: Hit from cloudfront
last-modified: Thu, 10 Jun 2021 19:05:07 GMT
server: cloudinary
x-timer: S1627286799.860427,VS0,VE1
etag: "c40d887e8e9a4e7c23417e0796b6261d"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: zOHDdLwIFeIuxv3bp8HGSYNqcROtltcVQT47sx_rhwpJat90HqZ-9g==
x-cache-hits: 1

GET
H2 200 370546
images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/ 1 KB
2 KB 18ms
17ms Image
image/webp 2600:9000:2057:2400:13:930:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.jpost.com/image/upload/f_auto,fl_lossy/t_JD_HotOpinionFaceDetect/370546
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2400:13:930:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ace6ce2e04aeedffd653ffbdce2cd99d457797e349a4152c26d79952520f8009

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 14:40:20 GMT
via: 1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
age: 114211
edge-cache-tag: 426884048464746591156861546961605208670,520179705477228596171374133686373596254,66c5dca4b3f8582d0d602bcb8174b79b
status: 200 OK
content-disposition: inline; filename="370546.webp"
content-length: 1048
x-request-id: a8fc218521a55352a9e2522c18d9f049
x-served-by: cache-wdc5558-WDC
x-cache: Hit from cloudfront
last-modified: Wed, 04 Aug 2021 14:40:19 GMT
server: cloudinary
x-timer: S1628088021.627412,VS0,VE1
etag: "fcef9998784d6732c878d36a853c12e0"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: MdOeM9BHYKaM34d5kH3YlKHZ1j-j9rSY4w9XccWpRP5h7V8W5LtPZg==
x-cache-hits: 1

GET
H2 200 698d81e3-0509-48c7-a961-e0a9d16db8a2.json Show response
cdn.cookielaw.org/consent/698d81e3-0509-48c7-a961-e0a9d16db8a2/ 3 KB
2 KB 14ms
13ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/698d81e3-0509-48c7-a961-e0a9d16db8a2/698d81e3-0509-48c7-a961-e0a9d16db8a2.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec3c71c550b183178fc6cdd8579b544f60193f3203f640f0bdf89578eede1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6pbCjIZSTHokHUyaAmgclw==
age: 6663
vary: Accept-Encoding
content-length: 1344
x-ms-lease-status: unlocked
last-modified: Mon, 15 Mar 2021 14:05:18 GMT
server: cloudflare
etag: 0x8D8E7BB5D702492
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 70605add-301e-005e-17ff-372be5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36ea9ae6d1e47-FRA

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=661687915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jpost.com%2F&ul=en-us&de=UTF-8&dt=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1798431217&gjid=582351070&cid=710882465.1628202231&tid=UA-4780630-1&_gid=948910697.1628202231&_r=1&gtm=2wg840T4BJGTM&z=1104259683

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=661687915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.jpost.com%2F&ul=en-us&de=UTF-8&dt=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1349657952&gjid=1223707899&cid=710882465.1628202231&tid=UA-3326248-22&_gid=948910697.1628202231&_r=1&gtm=2wg840T4BJGTM&cd1=NA&cd2=NA&cd3=NA&z=1578792631

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 456ms
114ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628202231353&sessionId=e15393ea-e6e5-3119-a971-1e8b880041a8&url=www.jpost.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 22:23:51 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: eb6807735341071db38c4b4c424e0fe0
Content-Length: 4
Expires: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
373 B 29ms
15ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 67a36eaa0a1a4e3d-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.jpost.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 34ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.jpost.com

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 484 B
293 B 353ms
295ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_300x250_1_Top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231387&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=1111&adys=2352&adks=611852974&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x301&msz=300x-1&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7e984fa0ce5bd8d57c02c75a34ce9eefd9c63a590586d67857724624fce13870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD10 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 05 Aug 2021 22:23:51 GMT
expires: Fri, 05 Aug 2022 22:23:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 1155ms
1099ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_970x250_1_Top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x350%7C728x90%7C970x180%7C970x250%7C728x180&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231392&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=188&adys=250&adks=4210319044&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1225x38&msz=1225x0&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

c9c0a08f10658a3b07e203d22f823ff98edd8f6eb88617c02da86da42e9a5883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11939
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
6 KB 1646ms
1591ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_728x90_1_Middle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231394&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=188&adys=1599&adks=3513464724&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1225x38&msz=1225x0&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

c91f8a3b1fd7af72e4841537d882cda365c60155e03b01c72110fc4913bd2eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 174293
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6088
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 453271
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 232ms
177ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_728x90_6_Bottom&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231395&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=4077&adks=2726770169&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1225x128&msz=728x-1&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

21622af2c58c14def3e24af70aa0e9663e064eb44268730b9b873c11ab51c615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8341
x-xss-protection: 0
google-lineitem-id: 4374204943
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138312670268
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
23 KB 625ms
571ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_300x250_1_Top&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231397&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=1111&adys=664&adks=272190999&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x14&msz=300x0&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e6a06986392a2d6394f9960f760429740194003cafdd1bc293203329ec8cbbdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23666
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
27 KB 1427ms
1372ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_300x250_2_Middle&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231398&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=1111&adys=2954&adks=2831901028&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x38&msz=300x0&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

d6da4c7c1d8d69489e4ce9a8a4a9096951cbe0ccdba460a35085b8aac5fef03f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXCw_31mvICFVuXdwodtyIMGA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15806883097412532549/300x250-branding/index_300x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXCw_31mvICFVuXdwodtyIMGA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15806883097412532549/300x250-branding/index_300x250.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27297
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 05 Aug 2021 22:23:52 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
27 KB 935ms
881ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=6943%2CJPost_2017%2CDesktop%2CAll_Regular_Ad_Units%2CHP_300x600_Sidebar_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=120x600%7C160x600%7C300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231400&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=1111&adys=4383&adks=847229337&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x14&msz=300x0&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f3b4c5f964996652028f637735530c2cfbc301cf445d259cce0564032ffb0f46

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrio_31mvICFXSFgwcdiHsNIQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/17320945616208394082/160x600-branding/index_160x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJrio_31mvICFXSFgwcdiHsNIQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/17320945616208394082/160x600-branding/index_160x600.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27123
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 05 Aug 2021 22:23:52 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 137ms
84ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1558036351847043&correlator=997430264450146&output=ldjh&impl=fif&eid=31061160%2C31061422%2C31061199%2C31061424%2C20211866%2C31060033&vrg=2021080201&ptt=17&sc=1&sfv=1-0-38&ecs=20210805&iu_parts=430837318%2CTOTAL_TAS%2CJpost&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=tmDmn%3Djpost.com%26tmClnt%3DJpost&eri=1&cust_params=urlType%3Dhttps%253A%252F%252Fwww.jpost.com%252F%26IsDev%3Dfalse%26catName%3Djpost_Home%2520Page%26wrapversion%3D3%26gpt_l%3D200%26wrap_l%3D400%26ccp%3Dunknown%26sesDepth%3D1%26page_r%3D100%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1628202231&dt=1628202231402&dlt=1628202230812&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=2361661932&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.jpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x9166&msz=1600x-1&ga_vid=710882465.1628202231&ga_sid=1628202231&ga_hid=661687915&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a9f17709a5b5fb8ed9d85f4b85359161c4ae8681d9dbaac1029b3fbe34b8fba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4523
x-xss-protection: 0
google-lineitem-id: 5740024483
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138355934645
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
165 B 167ms
166ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2fw7&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.jpost.com%2F

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 05 Aug 2021 22:23:51 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4590fb560a1087958d9495a00e67ac75a8d1e190696ed20b40473b9dc93a7034
x-transaction: a7f3a360d1d47355
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4780630-1&cid=710882465.1628202231&jid=1798431217&gjid=582351070&_gid=948910697.1628202231&_u=YEBAAEAAAAAAAC~&z=86042265

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 Aug 2021 22:23:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adoric.v6.2.min.css
static.adoric.com/ 164 KB
13 KB 107ms
33ms Stylesheet
text/css 34.95.123.171
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adoric.com/adoric.v6.2.min.css
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.123.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 171.123.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2637b9c5800f28d4a0b31eebb21725f4399635a3392846f3f82cdbea34b0abe

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:03:18 GMT
content-encoding: gzip
age: 1233
x-guploader-uploadid: ADPycdukn2LXiUYEHOGCNshcc4gVQ5X18783OZlZoNT5C2jXugCxvwZtASI-eelPgz1LWhz0H9T3CXcH001AY5ikSdGFd5NI_A
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12485
x-goog-meta-
last-modified: Fri, 28 May 2021 13:25:34 GMT
server: UploadServer
etag: "8e5a608f91a4b0c85b8e068bc5b7e51d"
vary: Accept-Encoding
x-goog-hash: crc32c=wY1zNw==, md5=jlpgj5GksMhbjgaLxbflHQ==
x-goog-generation: 1622208334170398
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 12485
accept-ranges: bytes
content-type: text/css
expires: Thu, 05 Aug 2021 23:03:18 GMT

GET
H2 200 / Show response
app.adoric-om.com/v1/campaigns/ 10 KB
2 KB 229ms
165ms XHR
application/json 34.120.218.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/campaigns/?u=9cc40a7455aa779b8031bd738f77ccf1&l=en&cc=0&b=notIdentified&os=win&h=https%3A%2F%2Fwww.jpost.com%2F&d=desktop&lsps=0&pd=N&nv=true&tz=-120&cIds=%5B%5D

Requested by

Host: 95662602.adoric-om.com
URL: https://95662602.adoric-om.com/adoric.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.218.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.218.120.34.bc.googleusercontent.com

Software

Resource Hash

0f177cd55dd8ac72aeafc3a308de43412b4b7c382537d9ed751922ed00c6d54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-dns-prefetch-control: off
date: Thu, 05 Aug 2021 22:23:51 GMT
alt-svc: clear
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: W/"2874-lkRdlsxYQMjL+Va0ED3Wl8BVpXw"
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 google
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-3326248-22&cid=710882465.1628202231&jid=1349657952&gjid=1223707899&_gid=948910697.1628202231&_u=YEDAAEABAAAAAC~&z=1169407674

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 Aug 2021 22:23:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.jpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 246 B
365 B 427ms
425ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=25900740&u=https%3A%2F%2Fwww.jpost.com%2F
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 96d0d669abd3f84e7c537ad74cbff8b971c05b56ddb59518375e6bbccc81713c

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, private
cf-ray: 67a36eaa7c71dfbb-FRA

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 647C 610 B
991 B 36ms
35ms Document
text/html 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1628144054.413065"
last-modified: Wed, 04 Aug 2021 08:56:02 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Thu, 05 Aug 2021 22:23:51 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1628202231~rv=58~id=e5aac9719f6861ce6ae6a13439c92f4b; path=/; Expires=Thu, 05 Aug 2021 22:23:51 GMT; Secure; SameSite=None

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/609718428/ 2 KB
2 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609718428/?random=1628202231440&cv=9&fst=1628202231440&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg840&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.jpost.com%2F&tiba=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2331402bcc3460ee186654cc0af4841e1ca3e5c543953ab8c68a04ce59ec7899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/609786613/ 2 KB
1 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/609786613/?random=1628202231442&cv=9&fst=1628202231442&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg840&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.jpost.com%2F&tiba=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b654337ee4ef3701d838d179a25c7191a75eee0275b4ca60542ddb91e8b9ea21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4780630-1&cid=710882465.1628202231&jid=1798431217&_u=YEBAAEAAAAAAAC~&z=1696209028

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4780630-1&cid=710882465.1628202231&jid=1798431217&_u=YEBAAEAAAAAAAC~&z=1696209028

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-3326248-22&cid=710882465.1628202231&jid=1349657952&_u=YEDAAEABAAAAAC~&z=1082642331

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-3326248-22&cid=710882465.1628202231&jid=1349657952&_u=YEDAAEABAAAAAC~&z=1082642331

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.14.0/ 369 KB
82 KB 23ms
23ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bk+c/8JAdlTEAluR1Sm6dw==
age: 11755668
vary: Accept-Encoding
content-length: 83472
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:15 GMT
server: cloudflare
etag: 0x8D8D8E82BC311EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a7aaa36c-101e-0164-705d-1f2e13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eaa8cbc4e0d-FRA
expires: Fri, 13 Aug 2021 22:23:51 GMT

OPTIONS
H2 200 init
valuad.appspot.com/v2/ Frame 0
0 136ms
103ms Preflight
text/html 2a00:1450:4001:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://valuad.appspot.com/v2/init
Protocol: H2
Server: 2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Origin: https://www.jpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.jpost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: content-type,x-request-id,x-vad-version
x-request-id: undefined
x-cloud-trace-context: ae60eb24b6a284b0a1987b95adce19ed
date: Thu, 05 Aug 2021 22:23:51 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 init Show response
valuad.appspot.com/v2/ 38 B
87 B 117ms
104ms Fetch
application/json 2a00:1450:4001:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://valuad.appspot.com/v2/init
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/pxb/pxb-jpost-prod.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept: application/json
Referer: https://www.jpost.com/
x-request-id: 845e6e59-441b-4409-b530-948c9e258a2e-1628202231466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-vad-version: 2021-01-24T07:14:25.115Z
Content-Type: application/json

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.jpost.com
x-cloud-trace-context: 914c45343d337f876147bc1a0cc652d5
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3023 232 B
431 B 242ms
155ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=074601a467427fd79afab43d1e4dea12d55104d6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.jpost.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 22:23:51 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 988c155be7aa29f2d8a5da3b15e56ceb11e52a61029d4777749e0ab9617de020
content-length: 166

GET
H2 200 get Show response
odb.outbrain.com/utils/ 34 KB
12 KB 311ms
241ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.jpost.com%2F%2F&idx=0&rand=17677&key=NANOWDGT01&widgetJSId=HPC_3&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=187&py=6076&vpd=4876&cw=900&settings=true&recs=true&version=2000403&sig=zTqhJxpu&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8bc63dc058592ccfad7b75f3003d8ec25b03d040666b3ddd2c4c5e47927924f0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.41
x-cache-hits: 0, 0
x-traceid: 39118d9e4da5b1aee0d378c15f12a69c
content-encoding: gzip
content-length: 11991
x-served-by: cache-lga21941-LGA, cache-fra19154-FRA
x-timer: S1628202232.618359,VS0,VE207
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/698d81e3-0509-48c7-a961-e0a9d16db8a2/21bd6839-6dfd-4b44-9942-6f9add75bfe0/ 164 KB
27 KB 12ms
12ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/698d81e3-0509-48c7-a961-e0a9d16db8a2/21bd6839-6dfd-4b44-9942-6f9add75bfe0/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e295a599a00ebbb6d15ff65b162dfadfc54ec214b5ea8fcde441037cff809747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ijTLu/PeohZtobb9TMyAtg==
age: 6662
vary: Accept-Encoding
content-length: 27339
x-ms-lease-status: unlocked
last-modified: Mon, 15 Mar 2021 14:05:28 GMT
server: cloudflare
etag: 0x8D8E7BB6399C898
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fa8b5e49-401e-00d2-2a8a-7f66be000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eab18bf1e47-FRA

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 258 KB
36 KB 13ms
13ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd4f22793acd88e9c94d2ba7fc2a5979aa82f6bed64131f4837db72c9440e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 49DfMzIK/2yC2k5Y1uQjiA==
age: 14099
vary: Accept-Encoding
content-length: 36488
x-ms-lease-status: unlocked
last-modified: Thu, 05 Aug 2021 14:58:30 GMT
server: cloudflare
etag: 0x8D958217CDF1EB4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b14c5baf-401e-011a-3727-8ab1dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eab18c01e47-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.14.0/ 67 KB
15 KB 12ms
11ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/otTCF.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QpNXwunMaSR9NwzUfpg/MQ==
age: 11755667
vary: Accept-Encoding
content-length: 14815
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:13 GMT
server: cloudflare
etag: 0x8D8D8E82ADA5B30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 583ba998-e01e-017a-435d-1ff4fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eab1d8f4e0d-FRA
expires: Fri, 13 Aug 2021 22:23:51 GMT

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 21 B
449 B 243ms
73ms Fetch
application/json 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=Lq17fOU6DK5fYHg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

556ee8a8380b60437747eab7c0dc7a25da85cfb45c687ea33ca5e90651ca7ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: close
Access-Control-Allow-Headers: content-type
Content-Length: 41
X-XSS-Protection: 1; mode=block

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/609718428/ 42 B
64 B 30ms
28ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/609718428/?random=1628202231440&cv=9&fst=1628200800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg840&sendb=1&frm=0&url=https%3A%2F%2Fwww.jpost.com%2F&tiba=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&async=1&fmt=3&is_vtc=1&random=2067693834&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/609718428/ 42 B
64 B 25ms
23ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/609718428/?random=1628202231440&cv=9&fst=1628200800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg840&sendb=1&frm=0&url=https%3A%2F%2Fwww.jpost.com%2F&tiba=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&async=1&fmt=3&is_vtc=1&random=2067693834&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/609786613/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/609786613/?random=1628202231442&cv=9&fst=1628200800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg840&sendb=1&frm=0&url=https%3A%2F%2Fwww.jpost.com%2F&tiba=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&async=1&fmt=3&is_vtc=1&random=3610253287&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/609786613/ 42 B
64 B 26ms
24ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/609786613/?random=1628202231442&cv=9&fst=1628200800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg840&sendb=1&frm=0&url=https%3A%2F%2Fwww.jpost.com%2F&tiba=The%20Jerusalem%20Post%3A%20Breaking%20News%2C%20Israel%20News&async=1&fmt=3&is_vtc=1&random=3610253287&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame 6110 0
0 111ms
111ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076391864921"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27992
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:51 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/ 12 KB
3 KB 16ms
15ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BkZngIV1hzEthgbkouRUbA==
age: 10483242
vary: Accept-Encoding
content-length: 2832
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:04 GMT
server: cloudflare
etag: 0x8D8D8E825563082
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0a22de11-401e-0037-29f0-2a7449000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eabc98c1e47-FRA
expires: Fri, 13 Aug 2021 22:23:51 GMT

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/ 47 KB
12 KB 13ms
13ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8jNYupXcL2bcdab+1R7CAg==
age: 10483242
vary: Accept-Encoding
content-length: 11511
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:07 GMT
server: cloudflare
etag: 0x8D8D8E827001198
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6dee26d2-501e-0141-4af0-2ab6a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eabc98d1e47-FRA
expires: Fri, 13 Aug 2021 22:23:51 GMT

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.14.0/assets/ 5 KB
2 KB 19ms
19ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.14.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.14.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d12329e0fd65159a22a6e3070ece0bc79825bdcda1357baf388818dc1756a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W4e7wAC/mX+UZRF6VSXQ5A==
age: 1180812
vary: Accept-Encoding
content-length: 2180
x-ms-lease-status: unlocked
last-modified: Wed, 24 Feb 2021 17:18:06 GMT
server: cloudflare
etag: 0x8D8D8E826A3FDAD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6da80d77-001e-0091-278b-7f4c57000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 67a36eabc98e1e47-FRA
expires: Fri, 13 Aug 2021 22:23:51 GMT

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame B8C7 0
0 388ms
388ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 /
www.facebook.com/tr/ 0
18 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzXtKKQvitYkm0HNd

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 05 Aug 2021 22:23:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.jpost.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 OpNPnoEOns3V7G_RihvTpi8.woff2
fonts.gstatic.com/s/khula/v7/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/khula/v7/OpNPnoEOns3V7G_RihvTpi8.woff2

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/css/css_1280.min.css?v=to6fmlUwhPcLC1DgVJh1FeY9kYx9A8p6OWhUOUvlvEs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f5b9ce35e198160e8ef29bb8cc12a398bce9ab0518ea53b9ce959d96088c031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 08:12:15 GMT
x-content-type-options: nosniff
age: 223896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10720
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:00:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 08:12:15 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6110 0
0 86ms
86ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwP1iEk9Ta_BFZ1ssAkynqk3tY5PDx25VrMVoCmCPJcJ3FEgA4wwOmZe7hRP5zo_H4zO0NzoTEgnxfeTQ0Z3MALdfbw3QkWs0pS_vwwQwP5LHmUUEKBEugfqzS21ava9KodB8UIz3z1PtZ10PhQvgczSSKI0fevHq5mOvu_opsPLVCLHE7ZqGjPu_AhLRMTFA41s25j80ba_ygQ54Y7rrXMqib3lpaS_rlVuIB-uJUZzIGVTG-5eU8hH94MC9UA5IzmS67xJh4nrb9zTJJZ2qv622F73KTAuxmEwsTvA4duh50WJQryr11gpsZP3iv3-5Z2qMCj7Po-w&sai=AMfl-YQj1dkAI31uMeI7Gn0OiuHLC38GrtrF70A33iokGRowvtuvzZRnqMm3Z6SN6aL8VP17oz9lZe9VuXChg5RKNa-FgeX4VX3n4ej9yEnPClk_LdVMVXJOVnCEhLo29yw&sig=Cg0ArKJSzNVWxTO6i9yREAE&urlfix=1&adurl=

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 05 Aug 2021 22:23:51 GMT

GET
H2 200 aa.js Show response
q.adrta.com/s/tm/ Frame 6110 881 B
1 KB 367ms
123ms Script
application/javascript 3.225.114.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/tm/aa.js?cb=55534993
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.114.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-114-95.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a3c93825b7a947566f8db10fcecec92a2e6806df5a302f0d54233103ba4fda14

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.18.0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 881
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6110 124 KB
37 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:51 GMT

POST
H2 200 event
protect.geoedge.be/api/ 0
104 B 366ms
124ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

OPTIONS
H3-29 200 block
valuad.appspot.com/ Frame 0
0 114ms
101ms Preflight
text/html 2a00:1450:4001:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://valuad.appspot.com/block
Protocol: H3-29
Server: 2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Origin: https://www.jpost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.jpost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: content-type,x-request-id,x-vad-version
x-request-id: undefined
x-cloud-trace-context: 7c257df0be7dcad53b8811c3533b10a5
date: Thu, 05 Aug 2021 22:23:51 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 block Show response
valuad.appspot.com/ 16 B
35 B 102ms
102ms Fetch
application/json 2a00:1450:4001:80f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://valuad.appspot.com/block
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/pxb/pxb-jpost-prod.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://www.jpost.com/
x-request-id: 5668a307-bdb1-4597-a057-8e3e1e833372-1628202231770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-vad-version: 2021-01-24T07:14:25.115Z
Content-Type: application/json

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.jpost.com
x-cloud-trace-context: a0af469056f3c0f1c37dfaa19a4b23ee
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H/1.1 200
OK moment~timeline.6955291becca2212c21a83a5b7ccff16.js Show response
platform.twitter.com/js/ 25 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.6955291becca2212c21a83a5b7ccff16.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash: 0da8b681b5b73ff645ff5d1312a7a6e7db5f568d6ee68ad10ce77b142d5b7735

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:40 GMT
Server: ECS (frb/674C)
Age: 10474
Etag: "6a28849a29acd0e1df291c75b82e9101+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8015

GET
H/1.1 200
OK timeline.f0018d9150722c67abdd0e6bbab13587.js Show response
platform.twitter.com/js/ 20 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f0018d9150722c67abdd0e6bbab13587.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:40 GMT
Server: ECS (frb/67F3)
Age: 10474
Etag: "b6a9074027bd2a446a397ba65736afc5+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6444

GET
H2 200 list Show response
cdn.syndication.twimg.com/timeline/ 19 KB
4 KB 32ms
6ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/list?callback=__twttr.callbacks.tl_i3_list_Jerusalem_Post_jpost_tweets_old&dnt=false&domain=www.jpost.com&lang=en&list_slug=jpost-tweets&screen_name=Jerusalem_Post&suppress_response_codes=true&t=1809113&tweet_limit=3&tz=GMT%2B0200

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

440d987faf41f10a43f77879d723d49dfa76f0553692c53a67a4fb74e39fa2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 3739
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 22:23:10 GMT
server: ECS (frb/6763)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Thu, 05 Aug 2021 22:28:51 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 18c65ba759a92b742c712e48313e8d53cf02bf17a61788bbdf68f079cbaa1777
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 719168e733e3536f
access-contol-allow-origin: platform.twitter.com

GET
H2 200 IzQv2xsg
pbs.twimg.com/card_img/1421007522203324421/ Frame CF49 22 KB
22 KB 14ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1421007522203324421/IzQv2xsg?format=jpg&name=600x314

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

8b78cf3845251970d576b2be775aa379766f287d7c98e73ca300ac940df7274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
age: 93103
x-cache: HIT
content-length: 22257
surrogate-key: card_img card_img/bucket/3 card_img/1421007522203324421
last-modified: Fri, 30 Jul 2021 07:17:28 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b54d8349d61b19f25c8d766e01c60828ab981a99d69a5c536ed3c2d1d154b9df
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 y97ly3M2
pbs.twimg.com/card_img/1420834298853269508/ Frame CF49 29 KB
29 KB 15ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1420834298853269508/y97ly3M2?format=jpg&name=600x314

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

7b76853e5b92c0b1c689679d29c12e49d204ce8127d4f7d89f955ca379779347

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
age: 7394
x-cache: HIT
content-length: 29716
surrogate-key: card_img card_img/bucket/5 card_img/1420834298853269508
last-modified: Thu, 29 Jul 2021 19:49:09 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e93260812624f17da8a07ed5e80331d85369a6feabaf3f8db3a6c208f3b79d30
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame CF49 53 KB
12 KB 8ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:36 GMT
Server: ECS (frb/673A)
Age: 10474
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 8ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 22:23:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:33:36 GMT
Server: ECS (frb/673A)
Age: 10474
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 35ms
35ms Image
image/png 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1624546045.043304"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sat, 04 Sep 2021 22:23:51 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 36ms
36ms Image
image/svg+xml 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sat, 04 Sep 2021 22:23:51 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 488ms
123ms Fetch
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=78fa24a68c9676fdfe4103775a806e58_90_1628202231772&tm=657&eT=0&widgetWidth=900&widgetHeight=33&widgetX=188&widgetY=6085&tpcs=0&wRV=2000403&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=331&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
X-TraceId: c4d6f9245b64d437df22ec03c28a4cbb
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 0562 16 KB
6 KB 36ms
36ms Document
text/html 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c8fc071d9c5e81cb429cf5177c5f761b378562e2738ac17c7d194c5779849afc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "a9529bf1947e35dcc091aba9c945a135:1627814605.982279"
last-modified: Sun, 01 Aug 2021 10:43:15 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 06 Aug 2021 22:23:51 GMT
date: Thu, 05 Aug 2021 22:23:51 GMT
content-length: 5559
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1628202231~rv=28~id=99aa4ab927b52b8c8e8b71a8dac7e79b; path=/; Expires=Thu, 05 Aug 2021 22:23:51 GMT; Secure; SameSite=None

GET
H2 200 get Show response
odb.outbrain.com/utils/ 43 KB
16 KB 250ms
250ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.jpost.com%2F%2F&idx=1&rand=23935&key=NANOWDGT01&widgetJSId=HPC_4&va=true&et=true&format=html&pdobuid=-1&t=NzhmYTI0YTY4Yzk2NzZmZGZlNDEwMzc3NWE4MDZlNTg=&adblck=false&abwl=false&px=187&py=8803&vpd=7603&cw=900&settings=true&recs=true&version=2000403&sig=zTqhJxpu&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 62a942bc35677c6a234fc7939e4d4c1e6ac120dfa3b3bc8520e5e03c96e69f1a

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.22
x-cache-hits: 0, 0
x-traceid: a682652f9e77a10ca873c424e3e6c33f
content-encoding: gzip
content-length: 16378
x-served-by: cache-lga21922-LGA, cache-fra19154-FRA
x-timer: S1628202232.908493,VS0,VE216
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 IzQv2xsg
pbs.twimg.com/card_img/1421007522203324421/ Frame CF49 22 KB
22 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1421007522203324421/IzQv2xsg?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.6955291becca2212c21a83a5b7ccff16.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

8b78cf3845251970d576b2be775aa379766f287d7c98e73ca300ac940df7274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
age: 93103
x-cache: HIT
content-length: 22257
surrogate-key: card_img card_img/bucket/3 card_img/1421007522203324421
last-modified: Fri, 30 Jul 2021 07:17:28 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b54d8349d61b19f25c8d766e01c60828ab981a99d69a5c536ed3c2d1d154b9df
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 y97ly3M2
pbs.twimg.com/card_img/1420834298853269508/ Frame CF49 29 KB
29 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1420834298853269508/y97ly3M2?format=jpg&name=600x314

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline.6955291becca2212c21a83a5b7ccff16.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

7b76853e5b92c0b1c689679d29c12e49d204ce8127d4f7d89f955ca379779347

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
age: 7394
x-cache: HIT
content-length: 29716
surrogate-key: card_img card_img/bucket/5 card_img/1420834298853269508
last-modified: Thu, 29 Jul 2021 19:49:09 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e93260812624f17da8a07ed5e80331d85369a6feabaf3f8db3a6c208f3b79d30
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 LVV8q1Kf_normal.jpg
pbs.twimg.com/profile_images/1341473118469107712/ Frame CF49 2 KB
2 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1341473118469107712/LVV8q1Kf_normal.jpg

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) /

Resource Hash

c457f5871c63bbdfedfe9278fd3dee35826ce72ae74e315c1d0e74dc785c4620

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
age: 180863
x-cache: HIT
content-length: 2111
surrogate-key: profile_images profile_images/bucket/6 profile_images/1341473118469107712
last-modified: Tue, 22 Dec 2020 19:56:09 GMT
server: ECS (frb/67F3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c0a99138050ebd75165ffd2f8e2748f725ce893d0e3546bde798532693585238
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 HNGjadnd_normal.jpg
pbs.twimg.com/profile_images/1067033895131144198/ Frame CF49 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1067033895131144198/HNGjadnd_normal.jpg

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

5970d0173302c5e24b0e45022846302ac3d1dfb479ab462a6859e1f3ba6c4963

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
x-content-type-options: nosniff
age: 391504
x-cache: HIT
content-length: 2111
surrogate-key: profile_images profile_images/bucket/0 profile_images/1067033895131144198
last-modified: Mon, 26 Nov 2018 12:32:39 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8550454923d78ba305232e9a98060a2d5c040c9c960a3e9928d624318d2a4d5b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
271 B 370ms
126ms Script
text/javascript 23.20.146.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=25900740&prismid=83bcb701-bda9-447c-b1e1-7d8100f92c42&url=https%3A%2F%2Fwww.jpost.com%2F
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.146.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-146-126.compute-1.amazonaws.com
Software: Apache/2.4.48 (Amazon) / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
server: Apache/2.4.48 (Amazon)
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
content-type: text/javascript;charset=UTF-8
content-length: 0

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame CF49 44 KB
7 KB 25ms
6ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308776
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: df796970c1fb608c2523a9d8f1affac11b012358fa3613f2426e86348a973cad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 12 Aug 2021 22:23:51 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 28ms
9ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308776
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: df796970c1fb608c2523a9d8f1affac11b012358fa3613f2426e86348a973cad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 12 Aug 2021 22:23:51 GMT

GET
DATA 200
OK truncated
/ Frame CF49 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CF49 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CF49 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame CF49 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 0562 1 KB
2 KB 131ms
42ms Script
application/javascript 13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:48 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: d6vnM0TDoWgx73P5V1MwpfedGPUpE5xwdk_jK4G_niCuFricRfrI-w==

GET
H2 200 IzQv2xsg
pbs.twimg.com/card_img/1421007522203324421/ Frame CF49 22 KB
22 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1421007522203324421/IzQv2xsg?format=jpg&name=600x314

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6793) /

Resource Hash

8b78cf3845251970d576b2be775aa379766f287d7c98e73ca300ac940df7274a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
x-content-type-options: nosniff
age: 93104
x-cache: HIT
content-length: 22257
surrogate-key: card_img card_img/bucket/3 card_img/1421007522203324421
last-modified: Fri, 30 Jul 2021 07:17:28 GMT
server: ECS (frb/6793)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b54d8349d61b19f25c8d766e01c60828ab981a99d69a5c536ed3c2d1d154b9df
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3-29 200 container.html Show response
cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 93B4 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 05 Aug 2021 22:23:51 GMT
expires: Fri, 05 Aug 2022 22:23:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 y97ly3M2
pbs.twimg.com/card_img/1420834298853269508/ Frame CF49 29 KB
29 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1420834298853269508/y97ly3M2?format=jpg&name=600x314

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

7b76853e5b92c0b1c689679d29c12e49d204ce8127d4f7d89f955ca379779347

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
x-content-type-options: nosniff
age: 7395
x-cache: HIT
content-length: 29716
surrogate-key: card_img card_img/bucket/5 card_img/1420834298853269508
last-modified: Thu, 29 Jul 2021 19:49:09 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e93260812624f17da8a07ed5e80331d85369a6feabaf3f8db3a6c208f3b79d30
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8C7 0
0 85ms
84ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLipS6CYHbi8D8F7RUGxXjkqRZQb3yTgKmEVGuitlu3kJvl3Dz10E1VFqHHYPtZxiACupH-djb9UYw4w3YiA_nwDqXA4iIbecMhxlS0LtBzmsxciTVd7a8S5b3Rm6karFzx1Z4Li41lNgrSFJf6rt17ZyZ5FtGJ1BwzXe0jGQQed9GrylLwyVOYwkH5PLnhDYnMgepKfCFYCNdrYSng5yz-D8eHcmlIqj9ThNYkltzhRehpYMZIkYy849EAelUwCEmgd-LnctLIOJ4IJf6D1P2s8hxfIB6_AQfbAFgtioAseetTJbwNYuXFmONzpgJOAcwTgUZymFRY4U_vaNQwjVVpw8e5gDOZ6957gpzi6SkiTfYb3gnw8Oz2dBUiHma&sai=AMfl-YSvyb20bwGbCBbAsGpoQ6jrT9A92gv8OhkOZRARBXFifCaM89uTpi2QbW3nb0DWEGAu3jG3k2miuDGCLBCG5d_Cda8EmwPHYM8KvvnFT4gMuumxq8014xqycKKqsUU&sig=Cg0ArKJSzH3UYFXQXaOZEAE&adurl=

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame B8C7 2 KB
2 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:22:16 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8C7 124 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B8C7 0
0 13ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2F0lg0mHRQk43WwaMS-yjyzRSBBkvWS-_B5oZAxEVIcy_GW4L-yqUgo0p6p2rDhwBBL5TJOh6RdyBk6Ah90B4lSHMQw
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 7908162387068473620
tpc.googlesyndication.com/simgad/ Frame B8C7 76 KB
77 KB 26ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7908162387068473620

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04b78f2b110a2c9e8b7f1762be089138717a85e86d0ac9f6ef0c9766f25ecd24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 22:31:13 GMT
x-content-type-options: nosniff
age: 258759
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78250
x-xss-protection: 0
last-modified: Thu, 28 May 2020 06:18:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 22:31:13 GMT

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 124ms
123ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 3876
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
570 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.jpost.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 10475
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Aug 2021 22:23:52 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 02 Aug 2021 20:34:56 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BC)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Thu, 05 Aug 2021 22:23:52 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Thu, 05 Aug 2021 22:23:52 GMT
x-transaction: 6d252331bfc4405a
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 988c155be7aa29f2d8a5da3b15e56ceb11e52a61029d4777749e0ab9617de020

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame 93B4 0
0 389ms
388ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B8C7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aacd577873e6cdc040cf79258f88d9f9e0d7f39f54d9e4efcd295a9589d29577

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 r.js Show response
q.adrta.com/s/tm/ Frame 6110 103 B
304 B 123ms
122ms Script
application/javascript 3.225.114.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://q.adrta.com/s/tm/r.js?v=21.20&rcb=769848&cb=55534993
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/s/tm/aa.js?cb=55534993
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.114.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-114-95.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a8fc93b13f1d17f4ff440295d4124659403cfd1f2ed8d748ab1f372b955ce309

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.18.0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 103
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6110 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c61507b59919f9719a4267c73487a008fa3a38704bbca73b04d90c45129beb0e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8C7 0
0 142ms
85ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvA9aWg1tOu9KwhaWs-zcZZ2XKRN8oGfWeu27nGbKWkSdwr4PDBvfPpH-s2psrKJclVFH_nMtq7ebtmy9_FCldIeu1MJxkgEA8NS3CHomIggqmUQxrfxYgnQYV5RTKPPhIdIMjz6E5jsJ5f9yohW7i1slW6ko3Tfut50Rv9hl0MHJwANVEIi8tX3hjasoLfWShzCz-n289S6spIFeU0bBdxEnAP3FEB4aK7TKwLunTQ1kDKEC5jD_3s0RvcA9V6mtA2SpAWJ8dq_FwYnwG8uMU1mc7LzV2v-ELkdFqmyw6iVvl3RyAV3P96pa1OeYeNkjVzWDiM8qCjSbJoRQ__tA-zKtoLSP8ehUCKv1sBlRQqg8Ri&sai=AMfl-YQhfKRJcJH6zT1raR-eMNGN6psAmtD9lWkuxWBDIcTm2JGHBpEthIqdajl8hBA-UCGnEr_Or2KE_tP05Lvs0yDRHNq29wUq7nQsFkHk3zZmhO3eWRYSFaLZ2bTwEDk&sig=Cg0ArKJSzDv5EL9svvE9EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 0562
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=90&cs_ucfr=1&ns__t=1628202232179&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUs...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=90&cs_ucfr=1&ns__t=1628202232179&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobU...

64 B
330 B

50ms
49ms

Image
image/gif

13.224.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=90&cs_ucfr=1&ns__t=1628202232179&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D90%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDK&c9=https%3A%2F%2Fwww.jpost.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-53.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: WtnSBPf_lR7XLe5J3xRGmwoEfo9o9EGd1DYfEuj-AmnZAiHtGvdC6g==

Redirect headers

date: Thu, 05 Aug 2021 22:23:52 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=90&cs_ucfr=1&ns__t=1628202232179&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D90%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DDK&c9=https%3A%2F%2Fwww.jpost.com%2F
content-length: 433
x-amz-cf-id: pMSERjg6vybBVQBnDn69dpg8Ab0D9ohTbHt75ify37giDP5xfYJ3Kg==

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 37ms
36ms Image
image/svg+xml 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1624546051.286567"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Sat, 04 Sep 2021 22:23:52 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 303ms
125ms Fetch
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=e137fe541fb5c317ae71b9b3e524fd7c_90_1628202232070&tm=980&eT=0&widgetWidth=900&widgetHeight=600&widgetX=188&widgetY=10048&wRV=2000403&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=297&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
X-TraceId: 584cde36b3546e57b9bd29e91d7e04cf
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000403/module/ 56 KB
18 KB 40ms
39ms Script
application/x-javascript 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000403/module/streamFeed.js?e=1
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 264a6783e475d026e8b6c69cef6edab09b8c4ce66bc6951fa8c41f7d189655e6

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 08:56:02 GMT
server: AkamaiNetStorage
etag: "b033e07791897b0bc990af0267015cb5:1628143966.132525"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18455

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 77 KB
29 KB 220ms
219ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.jpost.com%2F%2F&settings=true&recs=true&widgetJSId=HPC_4&key=NANOWDGT01&version=2000403&apv=true&sig=zTqhJxpu&format=html&rand=82593&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NzhmYTI0YTY4Yzk2NzZmZGZlNDEwMzc3NWE4MDZlNTg=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=1&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&pcer=p%3Dd_AWf1RnZ2sHJx56Ww7jOeDF6rV-4iC5kYktGM-D-6I%26c%3Da16975e%26v%3D3&dpr=1&cw=900
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b251725df615327a977779d6841870044c9d1a30a118bafbf40e09147489cb8

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.52
x-cache-hits: 0, 0
x-traceid: 489494b5b18064f454c8e57d5b5105c1
content-encoding: gzip
content-length: 29093
x-served-by: cache-lga21952-LGA, cache-fra19154-FRA
x-timer: S1628202232.262661,VS0,VE185
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
144 B 153ms
152ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.jpost.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22list%3AJerusalem_Post%3Ajpost_tweets%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22item_ids%22%3A%5B%221423388521012899842%22%2C%221423378415210614791%22%5D%2C%22item_details%22%3A%7B%221423388521012899842%22%3A%7B%22item_type%22%3A0%7D%2C%221423378415210614791%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1628202232262%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 05 Aug 2021 22:23:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 988c155be7aa29f2d8a5da3b15e56ceb11e52a61029d4777749e0ab9617de020
x-transaction: a3dcb79bfa2a7f72
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 cdnf.js Show response
pix.adrta.com/ Frame 6110 30 KB
11 KB 132ms
45ms Script
application/javascript 13.224.96.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.adrta.com/cdnf.js?v=22.70
Requested by: Host: q.adrta.com
URL: https://q.adrta.com/s/tm/aa.js?cb=55534993
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-61.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36ae0d5f81b298a525235a450a78c02b175a502913623b103824e9260493105f

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: PACPbvr1b_B9QHDwyFtLkP2cDq7NODID
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 23:40:36 GMT
server: AmazonS3
age: 53129
etag: W/"742b27808de078dbdddf394880ab3ced"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
date: Thu, 05 Aug 2021 07:38:24 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yqm6TN6CCD33lY4SdIIRD_8z4w2KVHirlds_m1UUtnL0A0aWfoBaZw==

GET
H3-29 200 container.html Show response
cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4AB5 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 05 Aug 2021 22:23:51 GMT
expires: Fri, 05 Aug 2022 22:23:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame 4AB5 0
0 118ms
118ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
ipv6.adrta.com/ Frame 6110 132 B
304 B 512ms
169ms Script
text/javascript 2600:1f14:b4f:4b01:e698:1526:af7:7e1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.adrta.com/?callback=_1628202232401

Requested by

Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.70

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f14:b4f:4b01:e698:1526:af7:7e1 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.10.3 / Express

Resource Hash

39a1fdb74dd62ab98d61bcb495315f60a47bd5db43d79a70532f45f297d0b67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.10.3
x-powered-by: Express
etag: W/"84-Eeb7MzD8Yno1+j3FBnpdaKRxct8"
content-type: text/javascript; charset=utf-8

GET
H2 200 i Show response
adrta.com/ Frame 6110 143 B
322 B 348ms
115ms Script
text/javascript 100.25.91.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://adrta.com/i?cb=86728929&__aasv=22.71&__aaii=1450907664603411222&__aait=1628202232206&__aavz=-120&__aaib=1&__aaai=1&__aaaa=0&__aafl=1200&__aaaf=0&__aaag=0&__aaax=0&__aaay=0&__aapf=0&__aaec=2&__aaup=1&__aaae=0&__aaat=0&__aaav=0&__aaas=0&__aaah=0&__aaph=0&__aapw=0&__aapc=0&__aap1=0&__aap2=0&__aap3=0&__aap4=0&__aap5=0&__aass=1600x1200&__aacb=55534993&__aaxf=37.120.194.228%2C%2010.1.1.15&__aaci=tm&paid=gam&avid=4878837961&caid=2701820112&plid=138355934645&publisherId=Jpost&lineItemId=5740024483&siteId=jpost.com&kv1=1x1&kv4=%25%25USER_IP%25%25&kv5=&kv6=&kv11=55534993_55534993&kv19=&kv24=&kv27=%25%25USER_AGENT%25%25&kv12=22036676540&kv2=https://www.jpost.com/&__aapu=https%3A%2F%2Fwww.jpost.com%2F&__aapr=&__aatu=https%3A%2F%2Fwww.jpost.com
Requested by: Host: pix.adrta.com
URL: https://pix.adrta.com/cdnf.js?v=22.70
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.25.91.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-91-152.compute-1.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: 7dd6608e53d2f0fdbcde7b8d7f170213e1b8f13c5da7de45bc376fa81fda61ee

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
vary: Accept-Encoding
content-type: text/javascript;charset=ISO-8859-1
cache-control: no-cache
content-length: 100
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D04 624 B
299 B 33ms
18ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN64OhC80e2-AhiAsZCwATAB&v=APEucNXsdJhDQ60ZHhwbhEE9KOtgB0nYkAeFDvqVZQXJi8ZNAzWqf4MNlOWuXIsnPUHsZ-A7xPGMT0myMTAaYA1D1I0sBrQkE77gwa5j8nGxqTSrFzLzXVKI_e_XjLsXKn3a4V2wnAwvS_1H5NyQ_FIcbGR6G9B0W-wITRfLs26sribSMfQrzn8

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN64OhC80e2-AhiAsZCwATAB&v=APEucNXsdJhDQ60ZHhwbhEE9KOtgB0nYkAeFDvqVZQXJi8ZNAzWqf4MNlOWuXIsnPUHsZ-A7xPGMT0myMTAaYA1D1I0sBrQkE77gwa5j8nGxqTSrFzLzXVKI_e_XjLsXKn3a4V2wnAwvS_1H5NyQ_FIcbGR6G9B0W-wITRfLs26sribSMfQrzn8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpf25js-6UngQRw1nZKdpsJKfNyS1zjJuSQ10HUlDcWYAUHetTVReCgCz9U5k; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 22:23:52 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 93B4 18 KB
8 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 21:15:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 21:15:10 GMT

GET
H2 200 16720307528781984618
s0.2mdn.net/simgad/ Frame 93B4 17 KB
18 KB 34ms
4ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16720307528781984618

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196172574e9f25d836e39877fcec10d232f95ecf8e6404152dcf21d9070ad424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:09:01 GMT
x-content-type-options: nosniff
age: 198891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17913
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 10:50:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 15:09:01 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210803/r20110914/elements/html/ Frame 93B4 6 KB
3 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210803/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 18:58:01 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 93B4 0
107 B 200ms
92ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVmFVGqSKT4SoKrvUmML0CMPhN4GI9fMh58mk6oxj7xRG3MzxL85W7MaYDeWaJS6Wehtal4PAfMrxlTUY4PlCWVkI1SZFiOj1-YRXjPE_f3RCvz64mle6pLYLadDQZLsDnAFwsau38ewdtPOpGwK0zjcRCHUhg3XtG38fV34dUQmM3cJo6QJTLR5xG9iQHrtO7KgyjIYX4xWZeVygeje6dptImbT6rl-ByAhS-Sjv3rzwrCr3mEVY8ZK_SUjf_JX1p_Rfs3aLqbPBVOMO29UpziT-Sa9hAmLUtrydU9V6xdrsUZPqCeR5R1aaRkSWr3auvrz3SF1itoCsv_V-6iV11gwj9CWw8fTfHZTbdIO6owy4yieVnzyEsyWXgqOuWLhYskgbczrqxJLVujF08l63GrnRBA0zrqb05XE68J3xNR3skcIMYBozTE1TWHoaf6OjBIfT8C5WR2Q3UjCjSvP1Uhaj1G00cjIMlSKgY40xpjIZZzJWAup9PtoNY17YjEfakwurywqY9-nc3_lp77B9C2N7_ugnrC0MNy_G8ANT9O1-NteGwELHLrbbQg0a5K3-SmWY_BM1C8YaVgOoucgzqfqNlGKQtbOjLxAdSdikk-LM5knFTxb0NSnv0GSUihZzUGK4QYvfKAQLo1b0YqnjZyi9b0LUQF_mQPpTUzrZ-n2Q6blkTxA38Vojh24ycdzNw3A-pdFg5PYyKopQgWapxVAkE82RHRaO7HmTDGNv4AOdZzEJcQnHqqjoQ11uGubYdmQ2VaJGmckgDF57u38FHgnm88Yh0T3z8z9TjNv-sru4jVnX5q6Kuov-9cm5LQc80rrGto_EwOyMDKRanA0nQbLlbMaz8llFrSOMW22mYpWM45W0x-spbqKy-6hLuwgpJW68g00G3uxRWaQTUEEZXw-vBnsYkz9HGvPnRjYEPLJ8DlGi9S56SrYoa3vPiVis4lviAg_uX4QqowQ3_B7MUlx8goOgZq2XzMOxDb1X5qdWXTvdN9uNlz8o4e0pjVxHMOnKxWxR1H7KSlX_HnOCdIhRY-BGml0v3q1Mstya6iL-iCqrJLos0JcEOBnDuwm_5FX6eOGCpYw6CMgomN3m0Tr5S84bhvteZItT16m9xTTtdYHjsvT3WPIpEBMMh5T6S2sLv65u_3QNtlDI9ApOxGe3Zn-NsbJlOuSsG&sai=AMfl-YSR_ElceoyaFRe5tDRp7SyTmobbohC6LgfehP2hsrnPSXU2mOgMO8LiKBDuLeVRmbkDzOEBRxZjoqCSYZXzmhGyN8Ptc078CdiAoooDHO3AHzago4pp2pcuF0GMRlWzv1w1qwlikefvrpEwWGn5t98xfoZcGbkflUYb0JOpUgebOLcGysfmTxENJxaAUlQ8UY8U6mgjvrYQg5D_koebRqLumQ1kRz28tb3rR_mHd1Gih3Wsq0yMAFqI9zmKNlL-3mIdaTRh6Iajzyt-3ZmaVTuPlmDQZLbCohA-0rtRuabO4woQ116llBHCVI0rnwb7JbNsnyW-QpY1rIlRnIAuQ3gdLUhPJPLUoPM3387ZiHDz1kBqYE7AcTf_YI0mePWebQ&sig=Cg0ArKJSzDSPVAt2n9tLEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210803.58107&adurl=

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 05 Aug 2021 22:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 93B4 41 KB
15 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 06:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 06:32:02 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 93B4 2 KB
1 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:21:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93B4 124 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 93B4 14 KB
6 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:03:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 93B4 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRohidI142adAL4b9EN011Vrh_PUL8LCHyfd87Mup-Bv9ritGyl-99W2H1zu92betP66wgvjz5t71n-1QliKgZsoYruTA
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93B4 42 B
173 B 55ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOUMQF-4MqMM1HALjalP9IKmhcFw075Kd-xSEW3MStJweuIil0v2YmPKYV3mEuoWu7MvC20IaNrn_EobsGusDLFO1Wgqj1U9qXKuL7XEhaskoTZJk

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 124ms
124ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 126ms
126ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

GET
H2 200 timeline.js Show response
widgets.outbrain.com/nanoWidget/2000403/module/ 14 KB
5 KB 37ms
37ms Script
application/x-javascript 104.85.1.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000403/module/timeline.js?e=1
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.1.87 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-1-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e73d62fd18fa71baf056db2d7b0f84675b7584f9974c18036fb7f9ada5f182c2

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 08:56:02 GMT
server: AkamaiNetStorage
etag: "e903081c4c5a7ac21abbfb1d23de143b:1628143967.859437"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4797

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 137ms
128ms Fetch
text/plain 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6795b1aa51aa1db2e4baacad566668c8_90_1628202232358&tm=1281&eT=0&widgetWidth=900&widgetHeight=562&widgetX=188&widgetY=9440&wRV=2000403&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=242&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
X-TraceId: ed266b0d0b452b1e14c730a9a7fbb8b7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjlmMzUzMzkzYmUwNjY5OGEwZDc2NzYyMzM2MmNlNGIyMTY5ZmE3NzA5ODk4ZjhiNTE4ZDM2M2I3ZmMzNThiYjQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 26 KB
26 KB 120ms
36ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlmMzUzMzkzYmUwNjY5OGEwZDc2NzYyMzM2MmNlNGIyMTY5ZmE3NzA5ODk4ZjhiNTE4ZDM2M2I3ZmMzNThiYjQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cdaac76ae2c2cba90f29ec455c718ba0ffb40e39da968b9023e52a1e6bf2f6b8

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2422465
last-modified: Fri, 09 Jul 2021 06:24:09 GMT
x-traceid: 12beb3e552e051f49d09056f77c81767
timing-allow-origin: *
content-length: 26380
content-type: image/webp

GET
H2 200 eyJpdSI6IjliZTU5NGViNzJmNDE5MjMzZDYyNGY3YTQzNDUyYjUwYWZmZDUyZjVhZDU2ZTk0OGM4MjU2ZjE1MWI3ZWU1NTkiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 24 KB
24 KB 145ms
62ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjliZTU5NGViNzJmNDE5MjMzZDYyNGY3YTQzNDUyYjUwYWZmZDUyZjVhZDU2ZTk0OGM4MjU2ZjE1MWI3ZWU1NTkiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94fee32a840275c942b4efd51ffe66adf6b90a7b099d544533636eb2c36dcec3

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2427956
last-modified: Thu, 05 Aug 2021 11:45:34 GMT
x-traceid: a2562adce46c6399d0065930a035721b
timing-allow-origin: *
content-length: 24766
content-type: image/webp

GET
H2 200 eyJpdSI6IjgwY2IwY2I0YjE0NzM2ZWJkYTU3MTI4YWJlY2ExNjc5MDhhZTI1MTEyOWE5ODYyOGUwMThkZGEzNGVkMzQyZTQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 40 KB
40 KB 162ms
80ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgwY2IwY2I0YjE0NzM2ZWJkYTU3MTI4YWJlY2ExNjc5MDhhZTI1MTEyOWE5ODYyOGUwMThkZGEzNGVkMzQyZTQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: af9c2aded7294443251c6ff899b11440f49f5072f027fa5e0bc170be23d53779

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2442771
last-modified: Thu, 05 Aug 2021 13:36:48 GMT
x-traceid: 7391223ffbbc5bbbace54e5f2cdb55a0
timing-allow-origin: *
content-length: 40638
content-type: image/webp

GET
H2 200 eyJpdSI6IjVhYjFjNTUwZjc1MGNiMDU1ZmJjNDU1ZDNiOTEzY2JhM2E1ZTZlNTRjMjA3YTUyZjEwZjgwZDUyZjRiYTI0OTUiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 28 KB
28 KB 177ms
95ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVhYjFjNTUwZjc1MGNiMDU1ZmJjNDU1ZDNiOTEzY2JhM2E1ZTZlNTRjMjA3YTUyZjEwZjgwZDUyZjRiYTI0OTUiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ae51fb91d405574ccd1f89e35b6e2b26604c738a6eb6441c4f6ffb341dea9a7d

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2305189
last-modified: Wed, 04 Aug 2021 02:40:58 GMT
x-traceid: 85b980a3894b6f6f347758258445b63f
timing-allow-origin: *
content-length: 28410
content-type: image/webp

GET
H2 200 eyJpdSI6Ijc5NDQ2ODk2YjViNDUzZTA1NjI0OThjNjQwNDkzMjhhMTZjYTRmOGQyYmVmYjhkOWRlYjMyMmFmYTg1MTQxOTciLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 177ms
95ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc5NDQ2ODk2YjViNDUzZTA1NjI0OThjNjQwNDkzMjhhMTZjYTRmOGQyYmVmYjhkOWRlYjMyMmFmYTg1MTQxOTciLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 617d23c6f143da9341c51712fa7a8e64f7386a6c3ba23a6f572d8774360cbb03

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2363952
last-modified: Tue, 03 Aug 2021 13:13:34 GMT
x-traceid: 899b9428f1d80c2a1d17dcfebcfcd210
timing-allow-origin: *
content-length: 8500
content-type: image/webp

GET
H2 200 eyJpdSI6ImRkY2MxMzYxNDUyNTIyYzRiYWVmNTA1YzY2YTBlZjgzM2YyNWRiYzJlYjRjZTRhZjdkYmEzOTY1NTFhMjU2ZGQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 47 KB
48 KB 177ms
95ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRkY2MxMzYxNDUyNTIyYzRiYWVmNTA1YzY2YTBlZjgzM2YyNWRiYzJlYjRjZTRhZjdkYmEzOTY1NTFhMjU2ZGQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1682d68acec32a05190831f6c40215256bd907ff72d36119f12b7e36ccc82be

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2352673
last-modified: Wed, 04 Aug 2021 09:35:24 GMT
x-traceid: f5bb371901cd15692ed232bb546c9665
timing-allow-origin: *
content-length: 48560
content-type: image/webp

GET
H2 200 eyJpdSI6ImVlZDMxOTI0NDZjYjlhMTNiNThiZGZkNzYwZTIwYzkzNjU0NzUyOGY2MjQ2MmY5YmVmM2JkMGY5MTZhMDcyMmQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 16 KB
16 KB 90ms
87ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVlZDMxOTI0NDZjYjlhMTNiNThiZGZkNzYwZTIwYzkzNjU0NzUyOGY2MjQ2MmY5YmVmM2JkMGY5MTZhMDcyMmQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c23d4775083e795e23d90890f72e830496a2e562a37fa9bccd3ae884abc5c19d

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258285
last-modified: Mon, 02 Aug 2021 20:56:33 GMT
x-traceid: 284f3afbb1c4fc4b0245a827f18876e9
timing-allow-origin: *
content-length: 16170
content-type: image/webp

GET
H2 200 eyJpdSI6IjE0ZTNjMzIyNjBiNTA1ZGI0ZjBlYmIyYmRhYTI4YjQyZTViNTUwMGM1MGY0ZmE1OWI1YzExOGE5ZGU2OWZhOGYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
17 KB 92ms
90ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE0ZTNjMzIyNjBiNTA1ZGI0ZjBlYmIyYmRhYTI4YjQyZTViNTUwMGM1MGY0ZmE1OWI1YzExOGE5ZGU2OWZhOGYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a52d7312261899f02e7368cb09b515fad7e08fb9a37203f4ab70bab7b8d678eb

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258255
last-modified: Wed, 28 Jul 2021 22:09:26 GMT
x-traceid: c5c0016506b73d4f6731fa9541925e21
timing-allow-origin: *
content-length: 17616
content-type: image/webp

GET
H2 200 eyJpdSI6IjY5NWViMGRlYzM1NzNhOGE1MGMzY2Y2YTBmZDJjZDA4NzVhNTU1ZTgxNTFkYzg5OThjY2Y2MmE4ZjUwODQyZTUiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 32 KB
32 KB 95ms
93ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY5NWViMGRlYzM1NzNhOGE1MGMzY2Y2YTBmZDJjZDA4NzVhNTU1ZTgxNTFkYzg5OThjY2Y2MmE4ZjUwODQyZTUiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c0fdf642bc411442bbff1f9071b0d5731d5ba2d79471498f768fde3acbb6590

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2278223
last-modified: Tue, 03 Aug 2021 03:13:40 GMT
x-traceid: 41892b1599bc4b109d501f1d73c71060
timing-allow-origin: *
content-length: 32324
content-type: image/webp

GET
H2 200 eyJpdSI6IjU2ZjdjOTk3MzY1NmU1MTg2NGIzNWNjOTAwZDI5MDRjN2QwNjY3ODQwOWMzNjgyMTE1YzgzNzgzMGNkZjUxMjQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 50 KB
50 KB 99ms
97ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU2ZjdjOTk3MzY1NmU1MTg2NGIzNWNjOTAwZDI5MDRjN2QwNjY3ODQwOWMzNjgyMTE1YzgzNzgzMGNkZjUxMjQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c78dc0eafda618cd460f634aa324409bded01224b00e93bdeb815499e6acede8

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258286
last-modified: Mon, 02 Aug 2021 18:57:23 GMT
x-traceid: 4f2b7fd4fa97caa36716465cc7174c4
timing-allow-origin: *
content-length: 51240
content-type: image/webp

GET
H2 200 eyJpdSI6IjI3MDVkNDk0NzJlNjkxNDRhMTdkM2U4YWI5NWZkN2I4Nzk5ZDhhMDRiM2I3ZDBiNDNkOGFiMzlhZTc2MjM2ZmIiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
13 KB 104ms
102ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI3MDVkNDk0NzJlNjkxNDRhMTdkM2U4YWI5NWZkN2I4Nzk5ZDhhMDRiM2I3ZDBiNDNkOGFiMzlhZTc2MjM2ZmIiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 168d394f271999e9c8b3a3d648db423a2f0bbf5c341cdacf2a6a1ab7de5927f0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258244
last-modified: Mon, 02 Aug 2021 18:35:41 GMT
x-traceid: 8c2ea3e931beaa5461db2e1b4a66722d
timing-allow-origin: *
content-length: 13150
content-type: image/webp

GET
H2 200 eyJpdSI6IjJlY2I0ZTZmMTQ5NTUxMWYxOTcwYjhkOGNmMzgzNzViNzI4ZWY0ZGRmYjA1ODJkNWZmMzFlMjE3YWQ1NWIzOGEiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 28 KB
29 KB 107ms
105ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJlY2I0ZTZmMTQ5NTUxMWYxOTcwYjhkOGNmMzgzNzViNzI4ZWY0ZGRmYjA1ODJkNWZmMzFlMjE3YWQ1NWIzOGEiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 56a0084987b4cc4a418ffaab62da13c6e65407fb99b769e38c6a98b0815a89e6

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258272
last-modified: Mon, 02 Aug 2021 19:51:07 GMT
x-traceid: c085721382d5da274f6639359863d8d9
timing-allow-origin: *
content-length: 28958
content-type: image/webp

GET
H2 200 eyJpdSI6ImQ4YTU3NjQ4NGQ0NjA4NTViNTk3YTk0Mjc5NTZlN2MwM2JmMmE3NzZiNzZiNTUxYzdlZDUzMzE4ZGRjYjhhM2IiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 27 KB
28 KB 107ms
105ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ4YTU3NjQ4NGQ0NjA4NTViNTk3YTk0Mjc5NTZlN2MwM2JmMmE3NzZiNzZiNTUxYzdlZDUzMzE4ZGRjYjhhM2IiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69f16dda3e31811637edd1c0f8269d00e6149a6fb54f58654f58a589f44346a1

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258286
last-modified: Sun, 01 Aug 2021 17:00:57 GMT
x-traceid: 673d3973b7a3763cd7d94a1ca659df94
timing-allow-origin: *
content-length: 28140
content-type: image/webp

GET
H2 200 eyJpdSI6ImZiOWM3NTEzNTMzM2Q5ZjRkNWQ2NTYyMGE4NmQ5NDBkYjI5MzU1YjhjNzkzNTA3NWJlZTE2NWE4MjlmMzE4YWYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 107ms
105ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZiOWM3NTEzNTMzM2Q5ZjRkNWQ2NTYyMGE4NmQ5NDBkYjI5MzU1YjhjNzkzNTA3NWJlZTE2NWE4MjlmMzE4YWYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9985568110c4720f55921eca924a070e66d1ed9bdd148e3c498ab55116702cc3

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258285
last-modified: Tue, 03 Aug 2021 13:41:55 GMT
x-traceid: 266a810da3e585b7502e4821ef42e140
timing-allow-origin: *
content-length: 18452
content-type: image/webp

GET
H2 200 eyJpdSI6ImUxN2E3NzgyZmYwOWU5OTA0ZTQzYjkyOTY1M2FkMjJlOTg0MThlZDZkNWZmMjcwMjY3NjQwY2QwNWE4N2NiMWQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 35 KB
35 KB 107ms
105ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUxN2E3NzgyZmYwOWU5OTA0ZTQzYjkyOTY1M2FkMjJlOTg0MThlZDZkNWZmMjcwMjY3NjQwY2QwNWE4N2NiMWQiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 38e262251fb7c77a99d918aa2a4ef17e76cac6c8b947b233de22d17ee7986276

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258277
last-modified: Sun, 01 Aug 2021 16:42:23 GMT
x-traceid: 9d458466ff07c5e1d6b15f22c7e24f60
timing-allow-origin: *
content-length: 35388
content-type: image/webp

GET
H2 200 eyJpdSI6ImFmMGJlZTAxNDVlOTJkNjg2OGFhMWJkMWE0MDMwZmU4YTAwMTYwMzMwOTVhMTljMTM4NDY0ODk5MGYxYzk4NzIiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 38 KB
38 KB 107ms
106ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFmMGJlZTAxNDVlOTJkNjg2OGFhMWJkMWE0MDMwZmU4YTAwMTYwMzMwOTVhMTljMTM4NDY0ODk5MGYxYzk4NzIiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 066629e68e7e77eda4636e9cddef6fbf75130c01dbb1d16bdca91c5549ffd8e1

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258285
last-modified: Sat, 31 Jul 2021 00:08:37 GMT
x-traceid: 6c55f3d9ea9f786c5e06aa552f501407
timing-allow-origin: *
content-length: 38970
content-type: image/webp

GET
H2 200 eyJpdSI6IjAzZGI0M2Y3Y2JjZmRmZDFjMjU1MWMwOGM5MTYxZjY2MDQ0YTU1YTRhMDcyY2FiNGJkMjdhYTJlZDY2N2FmM2UiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 35 KB
35 KB 117ms
115ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjAzZGI0M2Y3Y2JjZmRmZDFjMjU1MWMwOGM5MTYxZjY2MDQ0YTU1YTRhMDcyY2FiNGJkMjdhYTJlZDY2N2FmM2UiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 330c89c244389062e64a7ac7947dfdbbc555d4c3fd0636530db422e6d7e14857

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258537
last-modified: Sat, 31 Jul 2021 17:10:11 GMT
x-traceid: b6112cdfa1321bde8b096a0c674b3415
timing-allow-origin: *
content-length: 35640
content-type: image/webp

GET
H2 200 eyJpdSI6ImY2MDllZmE4NDZiNTk5YjNkMjdhNmQwODg0YTk2NWMxMzNlZTdkYzM3NmQ0Y2ZiZjc4ZWY1OGMwYjBlOTE2MDYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 117ms
116ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY2MDllZmE4NDZiNTk5YjNkMjdhNmQwODg0YTk2NWMxMzNlZTdkYzM3NmQ0Y2ZiZjc4ZWY1OGMwYjBlOTE2MDYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4954bd137c2b03eee47d94e080cadf0ac8b888c09a86510910e5730dfdcb22f

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258330
last-modified: Thu, 22 Jul 2021 05:25:08 GMT
x-traceid: 5fab5414563041fa80ed408cd54cdbad
timing-allow-origin: *
content-length: 18126
content-type: image/webp

GET
H2 200 eyJpdSI6IjJiMDhmMDRiOTM5MDMxMGU3ODQ0MWNmN2VjNGZmNjljZjhjNjJiOWI1MzAwYTcyNDkwZmM3ZTA5M2FkOTJhMmUiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
19 KB 118ms
116ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJiMDhmMDRiOTM5MDMxMGU3ODQ0MWNmN2VjNGZmNjljZjhjNjJiOWI1MzAwYTcyNDkwZmM3ZTA5M2FkOTJhMmUiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f1cd0da8f127c64e1c80bf4c42e61e49eb774b2635fdcf54f57c96bc4f10cf88

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258259
last-modified: Sun, 01 Aug 2021 10:29:36 GMT
x-traceid: c059a76683d08ad12422049ff80a033b
timing-allow-origin: *
content-length: 19496
content-type: image/webp

GET
H2 200 eyJpdSI6ImZiZDk3ZjgzYzlkZjRkNzljMDgyNWNmMTU1NGU1YjNlNjBkYjU5MzJkNGNmNDNiMWYxN2Y3M2RlZDVkOTdkNWYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 52 KB
53 KB 118ms
116ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZiZDk3ZjgzYzlkZjRkNzljMDgyNWNmMTU1NGU1YjNlNjBkYjU5MzJkNGNmNDNiMWYxN2Y3M2RlZDVkOTdkNWYiLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e69b1abb61bf8bdc4ce1365f4a23fa36e3427a00190e93be892266e5367082b0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258251
last-modified: Fri, 30 Jul 2021 17:00:44 GMT
x-traceid: fee9e57044a0fdf52f75c54f318bc805
timing-allow-origin: *
content-length: 53492
content-type: image/webp

GET
H2 200 eyJpdSI6ImIzZjIyZTc3NDUyOTQ5NzI2MTRkYTdhZmJmZmMzYTlkNTIwNjE1YzFiNzAxNWEwNDUzZjJjZjE0YzJlODc4NjciLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 118ms
116ms Image
image/webp 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImIzZjIyZTc3NDUyOTQ5NzI2MTRkYTdhZmJmZmMzYTlkNTIwNjE1YzFiNzAxNWEwNDUzZjJjZjE0YzJlODc4NjciLCJ3IjozNDMsImgiOjE3NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a20adb96a08efc2979c56f35403180d84a37db7e849f4193dd32d2d92d4b4541

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: max-age=2258312
last-modified: Thu, 29 Jul 2021 16:38:05 GMT
x-traceid: 7c8d1292973bd84e6560c241f52b69e
timing-allow-origin: *
content-length: 15024
content-type: image/webp

GET
H3-29 200 index_160x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 33 KB
6 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e854838e15a76040ecf21d147772525a954211f9288b490a6a5a91f1731eab3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 03 Aug 2021 05:54:31 GMT
expires: Wed, 03 Aug 2022 05:54:31 GMT
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 6617
age: 232161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4AB5 0
0 60ms
60ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQVaA92QMYdqKPPSKjuwPiPe1iALiyeHYY5jQwNe7DvbT5q2JAhABILaQ1Q1g0YG5gtAHoAHks7aIA8gBCakCzH4kaYJchT7gAgCoAwHIAwiqBIsCT9BThDIESxW6rRRGSlZbQD44XwnFDdtxR2gUr3LS7G0pY70F7kZ1k_BU0rBX5Ih5iJpW9AJOHEYJqVtjk5TOJH7TlR1AaH5o4-lchDpwVcPZuhGQTyqI27NrzvkcXR3gU1916E9LAr32i5ArZ2OSJKhxSAWtEcOHsN4Gl1nVe6odBDSw9OplJ8qnkXUxZi-TgAUV9e8ru1nndmT_-KBKZrPr-UhvUlGdYpOQXjkSzzM-6Bo3dW6QB9wt-cf-e3XBXqkri_NdZwg-sTthXtFMsWSvVnV_982uQaA_ryNvCrazzuyxXMQcvqP5NnbmkHrJto99UbvDJfZW4V7Ya4i7W-2p1uBhJNr5p5z5wAT2pK6mygPgBAGgBi6AB4TMyXeoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQt44D0ggJCIjhgBAQARgdgAoDyAsB2BMDiBQB0BUBgBcBshcaChgIABIUcHViLTQ4NjU0NDU0MTI3MTYxMDQ&sigh=s-7m1e6-Yng&template_id=419
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 4AB5 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:18:12 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 4AB5 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:21:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AB5 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 4AB5 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:03:19 GMT

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 128ms
125ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

GET
DATA 200
OK truncated
/ Frame 93B4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed7ee54e3b59c9f2b94872ff74aa5ce11ddf345058774098ab47970b2e1df5c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 93B4 0
545 B 121ms
87ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1875 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 02 Aug 2021 06:32:03 GMT
expires: Tue, 02 Aug 2022 06:32:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 316309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21D1 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
URL: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpf25js-6UngQRw1nZKdpsJKfNyS1zjJuSQ10HUlDcWYAUHetTVReCgCz9U5k; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 22:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 448
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame FCBC 0
0 114ms
114ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1

43 B
892 B

53ms
40ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN64OhC80e2-AhiAsZCwATAB&v=APEucNXsdJhDQ60ZHhwbhEE9KOtgB0nYkAeFDvqVZQXJi8ZNAzWqf4MNlOWuXIsnPUHsZ-A7xPGMT0myMTAaYA1D1I0sBrQkE77gwa5j8nGxqTSrFzLzXVKI_e_XjLsXKn3a4V2wnAwvS_1H5NyQ_FIcbGR6G9B0W-wITRfLs26sribSMfQrzn8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 22:23:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 05 Aug 2021 22:23:52 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5D04
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQxk.K-nMgdPaBJhONyDxwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1&google_hm=2

43 B
892 B

41ms
41ms

Image
image/gif

104.85.0.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN64OhC80e2-AhiAsZCwATAB&v=APEucNXsdJhDQ60ZHhwbhEE9KOtgB0nYkAeFDvqVZQXJi8ZNAzWqf4MNlOWuXIsnPUHsZ-A7xPGMT0myMTAaYA1D1I0sBrQkE77gwa5j8nGxqTSrFzLzXVKI_e_XjLsXKn3a4V2wnAwvS_1H5NyQ_FIcbGR6G9B0W-wITRfLs26sribSMfQrzn8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 22:23:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 05 Aug 2021 22:23:52 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEErgfBbZ8R3bF3OCc31Ro0&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5D04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELYad9ITi7cDxoUjaUnVIsU&google_cver=1

43 B
1005 B

47ms
36ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELYad9ITi7cDxoUjaUnVIsU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN64OhC80e2-AhiAsZCwATAB&v=APEucNXsdJhDQ60ZHhwbhEE9KOtgB0nYkAeFDvqVZQXJi8ZNAzWqf4MNlOWuXIsnPUHsZ-A7xPGMT0myMTAaYA1D1I0sBrQkE77gwa5j8nGxqTSrFzLzXVKI_e_XjLsXKn3a4V2wnAwvS_1H5NyQ_FIcbGR6G9B0W-wITRfLs26sribSMfQrzn8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 22:23:52 GMT
X-Proxy-Origin: 37.120.194.228; 37.120.194.228; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e1c3b148-1ec1-44c6-8744-99211e064e39
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELYad9ITi7cDxoUjaUnVIsU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5D04
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjUwNjY1NTcxMTA4Mzk2

170 B
188 B

113ms
56ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjUwNjY1NTcxMTA4Mzk2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Aug 2021 22:23:52 GMT
X-Proxy-Origin: 37.120.194.228; 37.120.194.228; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a07ecd52-bf60-40cc-a952-b1205c24a81e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3MjUwNjY1NTcxMTA4Mzk2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4AB5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29ab34618fc992cd799878b649e2383e061b65eed0d8ba893c3f1257e713c373

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6B43 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Aug 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6B43 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 18:31:13 GMT

GET
H3-29 200 image-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

437641b71f9dcf5d81bedf89cc5759a659a21de763fbd76220a2bf02a38f81ba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2336
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 344 B
370 B 10ms
9ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e29c0844503ca68f506c4e8333125ea7f761fda86f5a3d7ebbba48bbfec0649d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-2.jpeg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 557 B
583 B 9ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-2.jpeg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733c6166f84f040480db5293704782064396c50450867b5efdc842fcf01659a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 299 B
325 B 9ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-3.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e989b5b46e78e092499215b6074c8512cca0e86d5db4c106772d23e74b7a7508

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 299
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4ee8750860de0e52cf2f62747b5ba5e16654a75cdb06214a81e4067367c6fdb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3164
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9990fb1a424ad47491da3853eb8a005ec51e4c2ef93daf45695bb811b6055ea0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4044
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e03f13179b862fc7ab0d33c976e1e726f16dd31a7b6cb75cb36668ff9a2b3051

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3373
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 image-7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/ Frame 6B43 814 B
840 B 10ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/image-7.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b095203be9ca84c5557f8a5fae85a7af9d853be0972181237b30216f86a94a65

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 232161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 814
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:43 GMT
server: sffe
date: Tue, 03 Aug 2021 05:54:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 05:54:31 GMT

GET
H3-29 200 tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 6B43 113 KB
38 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38738
x-xss-protection: 0
last-modified: Thu, 31 May 2018 15:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6B43 4 KB
741 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700,400&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17320945616208394082/160x600-branding/index_160x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 22:01:07 GMT
server: ESF
date: Thu, 05 Aug 2021 22:23:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1875 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 13:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 13:42:54 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21D1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
15ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
URL: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpf25js-6UngQRw1nZKdpsJKfNyS1zjJuSQ10HUlDcWYAUHetTVReCgCz9U5k; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 22:23:52 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 05-Aug-2021 23:23:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 22:23:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 22:23:52 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 6B43 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,400&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 00:57:00 GMT
x-content-type-options: nosniff
age: 250012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 00:57:00 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 6B43 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,400&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:52:56 GMT
x-content-type-options: nosniff
age: 261056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:52:56 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012107240354000/ Frame FCBC 188 KB
55 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55201
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56e2a7f7d448fcb3"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame FCBC 13 KB
5 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4865
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ff227f97ed674b5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame FCBC 87 KB
27 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-analytics-0.1.mjs

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27852
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3719646983ab1de2"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame FCBC 4 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "687e73129cfc4c8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012107240354000/v0/ Frame FCBC 40 KB
13 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012107240354000/v0/amp-form-0.1.mjs

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 278228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12828
x-xss-protection: 0
server: sffe
date: Mon, 02 Aug 2021 17:06:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4abe217821914203"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 17:06:44 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame FCBC 6 KB
669 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 20:48:54 GMT
server: ESF
date: Thu, 05 Aug 2021 22:23:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Aug 2021 22:23:52 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4819589386641340047/ Frame FCBC 37 KB
37 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4819589386641340047/downsize_200k_v1?w=600&h=314

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1e6b577020def37119a0990af665c18c9b946fcd3f1fce34d3be4ad65436a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 06:12:46 GMT
x-content-type-options: nosniff
age: 144666
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38155
x-xss-protection: 0
last-modified: Tue, 25 May 2021 11:58:02 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Aug 2022 06:12:46 GMT

GET
DATA 200
OK truncated
/ Frame FCBC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FCBC 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca018b5f598c9f00bd6563605c3cde2385795d5462bf698799b93bac89fbc3ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCBC 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 68674
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 06 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCBC 295 B
325 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 33371
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Aug 2021 13:07:41 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FCBC 0
0 60ms
60ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCAOX-GQMYYSnEtyHjuwPgs24oAjj6sD5YpnWtq6LDvrr0uCyARABIIb3hiZg0YG5gtAHoAGF1tydAsgBCakCllhOs9BdhT7gAgCoAwHIAwqqBPsBT9DusmcqKYHzeZD_BUb1QZvat_bFYxu8fVixxV6wAf9e2w8CrNlXwBancMIPby0AhRaYjh4tFY8_q62WVOLPo8O5kIU3ByPkdNieKRLKtA7gtuAG76nstq7Gcq3M40ZAfZR2MscGxfUiY6YwcCvU0LvHTsb-a9wsMNbeyP7DkcmzWDcWZcRFQmjSiBcHUs4QKkM9ZUq2eUzdApySAiJzCA4ZwPyftnsnxiXuE7c8fwkwVj6_-MPOw0aPZJmFNsxpRyuwpySX2jomhNX4588jL3ezGtSVGWxG5F_V__f4KgJmhDRTN_TxIKgI4eSQtQw_JSclLBmY3qf_2nPABNnxqp_BA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfjqaPiAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDu-xDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ3MjM4ODE3MTQ0MTM1MjWACgPICwHYEw2IFALQFQGAFwGyFxoKGAgAEhRwdWItMTA2Mjk3Mjg2MTU1MzMwMw&sigh=-ZvIbKBRAEw&template_id=484
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 127ms
127ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:52 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FCBC 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:00:01 GMT
x-content-type-options: nosniff
age: 210231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:00:01 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FCBC 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.jpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:45:21 GMT
x-content-type-options: nosniff
age: 247111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:45:21 GMT

GET
H3-29 200 container.html Show response
cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9738 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 05 Aug 2021 22:23:51 GMT
expires: Fri, 05 Aug 2022 22:23:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCBC 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 68674
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 06 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FCBC 295 B
325 B 6ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 33371
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 06 Aug 2021 13:07:41 GMT

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame 9738 0
0 113ms
113ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6110 0
0 84ms
84ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspPEfhp07yKTFkw7bk4J4uZgfWbpifiaOpQDQ1phQCF9VoAeseowUQnnbsq4bd2mV3FwJifTx4KRENBwAU-T_RX-Lurr_U0V0_zjscjqwh1iG69ClnbGi_gpnC5ZaiyWMtnZ0hygdV0RCwaKYftAreztBnWi-U3ZRAJ2p98UKQCIdwnr3fonrOJ4Rq5Bmw8yj0N2vAuEETmTovIgZe7Ot8n1-un9tTrowHnhIfII8dZNo7rygHuvJPr7Z9XCf9_sou-MfvUJK4m2WLC_uml1FK-TCEx1QefY_KrZXh4mcwY_5mGZFFwNp8egx9CQ&sai=AMfl-YSQk-Yc9IDxhgX9Lzt7lLeu21kFpVpkYjeJrrmLukWQIO2neBMHnnGPqwFAEq9LNXOY7lSqjZW_S3kQVR-mzWKAY6DdEdbTXwJvobFwIFdk9MPUUk1o6Q2_by-ye3E&sig=Cg0ArKJSzGxrh35AkqOEEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 05 Aug 2021 22:23:53 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1875 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9EKR92QMYeyLLNfk3wOg7bmQDgAAAAA4AeAEAg&bg=!4eKl4qbNAAals0SOpbM7ACkAdvg8WnKiGAGyBmLAZZj-kfPllKD2kYNlvn8nZ1MC3y8lZnwZRLoR8QIAAAD3UgAAAAxoAQeZArgTIK3QnuQSvR5cE5imtDrb1hn2mXvq5BV8_kfK5-aprHA-hpOjsTiHOWtuOOZrJmSFyjGheKBUKtEITkNqfP6mCxA-FV0obkQm2pyx_lm0IxQBlUlW-ZwCzhStod6cQXDqeFQHp3xZLb89ETFKA96cSvCu0NY1jeE1vvTkQkEzc8lvZ5h0Ra1RuNFmFA3rjl8TsyS4hD1NefcwrZIjRRuWkkSz4YSob3nknaARDLQVD32-emx-0-V3qCX4CKSkJy1mkPm4jsws-3WJPolKMzPkBAiDQlzxInJ1Zy9BWYIEKZyS9v4lCrW52-vYqNy_4MUM6Jhq6sKdPSW49Y2maaQwIuFI5fp9nbReJRkqcQ2wX4Mv5tGFsvpgovOqjAMsXh9CgoRBAIFiX2F2v6Pys8iHu3gLiA053411Im2UcvHLOlrD9YkWZ6_zYLx5tXXjAuGDkgvzMIFQs_a0K-oOscUrQZOn1XCseFGnubfMOg-prlruZmU9ZEj0H3EqSRCWFh0hT9vrD1FpD0O1SgJ_qzZvGQ-IKgtuRqLuPwv420F6QGbeuY2TGEITbKiVqeWvtJnfTzlPrGR7frLpg5N8S6Y4bn42u82rOZdLu3uWMEpUiYv8Qzye8wRKQ74QALTRRb6snbLczYKBneOYGSANNqGYPacWYkZbbkNvTySQTslr25pPHbL2uI4PGM0tkBMKQJxK8l1XGhCrY3f61m9XYy8GJVh24NvI1vNx54x7ha_PwifI9ILDrnSOyoUrrN3Fv_1dFty8aWK2wJvOSDGhOp79YqSldultUh8YlbzeLMA8RJgoqzB9QzxYnlAxTZvqyYnpY6NZc_MtsPVqz9-dfEQAYpC_1U4TYybasvJu1HY18SAwaIifKS-FRKZwy2y5BHmP6ab4E2Ypr_WzGCIjrngz-ZPbw9y61lo

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE4D 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 05 Aug 2021 22:23:51 GMT
expires: Fri, 05 Aug 2022 22:23:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index_300x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/ Frame 98DF 28 KB
6 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99a7467ed61e323bda484df4fbe028063fd8d0ab58d01c27dd009a08f7e8ae02

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 03 Aug 2021 06:59:53 GMT
expires: Wed, 03 Aug 2022 06:59:53 GMT
last-modified: Mon, 05 Jul 2021 12:03:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 6205
age: 228240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9738 0
0 60ms
59ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CP_kG-GQMYbXmHtuu3gO3xbDAAeLJ4dhjuNHA17sO9tPmrYkCEAEgtpDVDWDRgbmC0AegAeSztogDyAEJqQLMfiRpglyFPuACAKgDAcgDCKoEiAJP0A32qd48g_H5wXC2pb6ELItXpP-u8G-CcDbETQ-YAdwNJxeE5xcBYJ7f7O-686De2-uMCHsTVXQ-mg0v7iyCFUR8xgJ-IfVrqoqjHp2pvKFO1a3CWpfE_YOxfXF6QJ5cBYOxdkIZSHxwTQgmzMK6TlCgbHoN0YjcZJs1bWbV0-9aMylHNcvA4ctIj928508lox3rmWsi4r4IxiEEKAG3ZRUT8n6KLNWxOjc15bsmLdtcXrhCNY83ESf8VwFkybdVu0pWnYxV8vG8sdv15um6dJYp2s6NFP12013lQUSkKKXRoARCyJV0vx6E53lIXOvg5c-KxqQ8zgQaHQDNQ9CNPwuu_9_wa07ABPakrqbKA-AEAaAGLoAHhMzJd6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDrwAbSCAkIiOGAEBABGB2ACgPICwHYEwOIFAHQFQGAFwGyFxoKGAgAEhRwdWItNDg2NTQ0NTQxMjcxNjEwNA&sigh=tUbe4fMim7M&template_id=419
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/ Frame 9738 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/abg_lite_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:18:12 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 9738 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:21:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9738 124 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:53 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame 9738 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:03:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9738 0
0 13ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvnbhD7H1wg8vVrPKto7I463UCqUMVbnfLDZf7LHJKN8r7qbPF_zfbvE70suu7qqNOueMwLveL5v2FrYkmcDqZcljXsg
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 123ms
122ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:53 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3CD 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
URL: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpf25js-6UngQRw1nZKdpsJKfNyS1zjJuSQ10HUlDcWYAUHetTVReCgCz9U5k; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 05 Aug 2021 22:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9738 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84906952379984bfc9c938a2e3abc4503505c1c15e02d0233221291fc7d11257

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 403 grumi.js
rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/ Frame DE4D 0
0 111ms
111ms Script
application/xml 2600:9000:2190:800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/f7ae3efe-f9e8-44be-8cf9-3b564afd5f4b/grumi.js
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 98DF 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83885
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Aug 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 98DF 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Aug 2021 18:31:13 GMT

GET
H3-29 200 image-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/ Frame 98DF 298 B
329 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/image-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d2119e95a4d189ed7d126039f9927d080b9a1805b4cfcdce25f4a81f3fc7b5e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 228239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:44 GMT
server: sffe
date: Tue, 03 Aug 2021 06:59:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:59:54 GMT

GET
H3-29 200 image-1.jpeg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/ Frame 98DF 458 B
489 B 6ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/image-1.jpeg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4527b80e26498a9645460784fc8b51b6fe7270de7da9045b306ddcf693523dcb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 228239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 458
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:44 GMT
server: sffe
date: Tue, 03 Aug 2021 06:59:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:59:54 GMT

GET
H3-29 200 image-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/ Frame 98DF 4 KB
4 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/image-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb1f9898855a8409129d00999890404b36f5066054645dbc9b261b7e4cf5e5ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 228239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3935
x-xss-protection: 0
last-modified: Mon, 05 Jul 2021 12:03:44 GMT
server: sffe
date: Tue, 03 Aug 2021 06:59:54 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:59:54 GMT

GET
H3-29 200 tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 98DF 113 KB
38 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.4_3dc5474a75410cb768741e402b80d908_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38738
x-xss-protection: 0
last-modified: Thu, 31 May 2018 15:49:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Aug 2021 22:23:53 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A3CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
URL: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnpf25js-6UngQRw1nZKdpsJKfNyS1zjJuSQ10HUlDcWYAUHetTVReCgCz9U5k; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 22:23:53 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 05-Aug-2021 23:23:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Aug 2021 22:23:53 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 05 Aug 2021 22:23:53 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame 98DF 4 KB
645 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15806883097412532549/300x250-branding/index_300x250.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 22:23:53 GMT
server: ESF
date: Thu, 05 Aug 2021 22:23:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Aug 2021 22:23:53 GMT

GET
H3-29 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 98DF 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:52:56 GMT
x-content-type-options: nosniff
age: 261057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:52:56 GMT

GET
H3-29 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame 98DF 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 00:57:00 GMT
x-content-type-options: nosniff
age: 250013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 00:57:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DE4D 0
0 60ms
60ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyLA4-GQMYc-MMJ2U3gOd1r7YDLiZ86Jc6bXuu_oCwI23ARABIABg0YG5gtAHggEXY2EtcHViLTQ4NjU0NDU0MTI3MTYxMDTIAQngAgCoAwGqBKACT9AVkBmMW9eUqI41LDagi2YZGFhPf-VhLEeSUi3Kz4eMKlw_u2ozHqLVzukqnBUwD2-oQASdgg-gmdwMgeMy4qSkekbDOp-ywk1bsOZafhHUMnRqUnDC_S1OTRtVIshC78X9GJju0lLfhrpfDA6zg58_7Eo8R8WTxZ24vCQEZIP68MCYG4H4o2KNxW77FCtW2if-8Xe0O3OOIpeeImbnWDPQKKQYO6X1WHIFswSUgaSWpYwXjwaQWc5AgU1F0Hwi4tzZ0PTVUWzsZvKl8UrH5hOId7RXg8J6B-bR50p4bZKfZJ5_IEiDKfBTEm0Z2PlJXj33w1jvkGfpAsLRxq8uc3rMWnzU6Xi_lV0bBz5edqVoiKQC1WzppE44hASlDcJL4AQBgAaR776HkfL8phmgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshcYChYSFHB1Yi00ODY1NDQ1NDEyNzE2MTA0&sigh=4xQSyG19nD4&tpd=AGWhJmtMr5fDBRMIkzwhn485SAHTloW4z3oPUhtLUycGWv-_34vPAwbRE--estMDMMgJ0RDv-10z-cU5LMQJVujk6dq0BlXWg8pObk5qicPrldpR5mW11UpIE1Cwy1OdZf2ufb2N02cm5CTZ9LNzVgl3xkFBvPq2R7XBA7DDD9pLDcpfKZd9Q8jjtMEHqFq4YF3vMIkF2G4oaYQ7xt53enHZdPOQviMkDkhvviQvaI6_yMSkdW_A-9tHF3Ws8rqTrlmTRU9Ae6DrrAyo1_6iB4KYgtdPEaa-lgUbL88py9ricWj28_RQlU0bFpNiMgDkVSHirgIIlAslLz01lOe6y5B1Ik8kkX2583dv7sBwbqucG-32orSWU-Bz4vq9vTcfio1gy2NprU6-MNsYLUEOGPPODKNdDi7s3DHRVTqmM9K2dZMX_lMXF2nBB6NZ70pDeV6vrbZKMRdP8aKBDR96lChrNn2S4_9FxTxiaMq2khJWHcKVKg9rO9zq-ERZFgmuyBgY1HYHsawpXRE3TfSf47CB08G7DuCcowFVXDFBfZqaSiOa2yynrtlsBPSxDYurCtPiEBu-63gE-cW5v__gPWsH1J8XEU2gsROImNBIXwMyGpi3SKN8prUw2LZhn-XO5tn8pubcRaHhHvTUnGSdQ_YSQ2pn6-8Y00BPQFjPH1-So_q9mBRV3GdJDiBUZTAfIBzoinhoEzAuyEFgy8-EoDsX5OcJ-s9cj_WLcprq3X-aTETHPsUUum7DF2g0OVVUv4_rCsOJ2kgcJrE4Izc121myRFbYP-EPeiDuq_8z_LDkDBr90VUt9m7P0Jebf1czj-ipp4EkFiG7qFZHax9nL00aQx2LPzgjXaVbX0ZgB5QEyfTH_ePJPe5svoWPhMeo0Xq9L8I0PTOr9jG51_6ubcPn4bLVuMPpPvujFMxa9rNYlrdYFFkzgRi4cszN8beGNdEpbUTKM9oXDRYsTGuXSVTQMlscKWfEgYXp5-msW46u6Q2NTRyjfmjVS_SWaNOKcW8AIN50FBVzUkFuY_kxfjGAwT7Q_QsqECn0_CBV4iX39DtM_wvbgdEQfv6amaOiP4A1yYl9CTAsg5fFSgcY067P0ERTwsfx_6AM-sJS1LPNgDNr6S05XYcGTFZCoonIzfLTpI9NLDJMT7iqvtl3wV7SASHJIC01I2waGVZB8k9OORw4mDGiTePRDCfrUsHRK6GQqskEhD1umS1hD7sn0Lg58EHDXH9d0wQu-zHnKN3GqlYtsXtVcinYBPq6Ueju7-I1KAj7VvQMjIzc_sYlALtKOzpAozk3ADF6AYP2dWX2F3bTJXgCkcRCuEmymCux5MEbcqeunOJtH1hlZxPnC9-kRGVefF0kpZPq-fTRoTjX-qk0S5h8HOyGDQrNWJJX9JCqKkXGPab0wwXFTPrX3mBx1jdKrwJMUj3P67IyN-aHQoRLrb_W_eH4htp5WKi_J1LXDVlzConAUWMEX-kag0FyxRuXtQ
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame DE4D 944 B
1 KB 98ms
32ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=45397441;rtbwp=0.090499;rtbdata=jbMsCoKHHFdI0nKB7ZYcaXWDTrRDgA79yOifMWIaSiM5kS9nGzrqs3SWa8zPBBFCikSyMY6XAlwHG2mhPZiDOpHlLopXanSTmmKiHSf2P8WkUlcAvZlTU3_BcSdQMAGO42jeZuSRmgdcHS3UAQwspIl9pNC9Atou2nf6I7EKiPyud-M4WP0-E44hKDxPOD2qWLNJBDdlUH4U2bM6F7fkGWjmgDFxi0Sd0

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a5c1689792acd21e3ad029b2f8424094b23f1557c0111637ab36192289e7d729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 794
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DE4D 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:21:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:21:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE4D 124 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628076384053681"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38210
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:53 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/ Frame DE4D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210803/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:03:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 22:03:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame DE4D 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7v9Z4VARYOtlckXhpCFYDuABDBHNzTn1n06tOWp-IaFKEWm2pfMQuAMcnyJTsKJlx0mqTUE67loG9h-cw6GQydOXQyA
Requested by: Host: www.jpost.com
URL: https://www.jpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DE4D 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: www.jpost.com
URL: https://www.jpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 10:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 10:33:51 GMT

POST
H2 200 event
protect.geoedge.be/api/ 0
103 B 124ms
123ms Ping
text/plain 18.233.227.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://protect.geoedge.be/api/event
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.233.227.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-227-25.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Aug 2021 22:23:53 GMT
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
content-length: 0

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame DE4D 33 KB
16 KB 97ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=45397441;rtbwp=0.090499;rtbdata=jbMsCoKHHFdI0nKB7ZYcaXWDTrRDgA79yOifMWIaSiM5kS9nGzrqs3SWa8zPBBFCikSyMY6XAlwHG2mhPZiDOpHlLopXanSTmmKiHSf2P8WkUlcAvZlTU3_BcSdQMAGO42jeZuSRmgdcHS3UAQwspIl9pNC9Atou2nf6I7EKiPyud-M4WP0-E44hKDxPOD2qWLNJBDdlUH4U2bM6F7fkGWjmgDFxi0Sd0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 07 Aug 2021 01:16:55 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame DE4D 4 KB
2 KB 33ms
32ms Script
text/javascript 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=45397441;rtbwp=0.090499;rtbdata=jbMsCoKHHFdI0nKB7ZYcaXWDTrRDgA79yOifMWIaSiM5kS9nGzrqs3SWa8zPBBFCikSyMY6XAlwHG2mhPZiDOpHlLopXanSTmmKiHSf2P8WkUlcAvZlTU3_BcSdQMAGO42jeZuSRmgdcHS3UAQwspIl9pNC9Atou2nf6I7EKiPyud-M4WP0-E44hKDxPOD2qWLNJBDdlUH4U2bM6F7fkGWjmgDFxi0Sd0;js=1;adfxid=1x;8869;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.jpost.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6003175c156608022e47f69ce89c985c37c6b1c69b8c40058781619242bcdd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2056
expires: -1

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93B4 42 B
64 B 54ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUV4e71ngve1WssLdygEPcN4v9zsc5e35pWOPaqLLx4hmDLm8xYy738csZTYvjUcKIjDkcmuDW5Uya4UKdwkwXcyu5REPZXN2Jrvcse1JiueDkgm9dF3LPlAKbyw&sai=AMfl-YSCI1Olyo9oX2zdZkx3pMWc1Clu8aQHvHKqsymIXSTPI67yv9zeGM6FFQ43Lei5eNHzLy1Ril5-7B2ABrO9r5q8SxfOFaiYx2-ACMTeehodGaCNC7v4W4rJe1qVcpE&sig=Cg0ArKJSzLSuR7PQYj-sEAE&cid=CAASFeRouSFYDcjjIfj8WTq-B5aHKemkWA&id=lidar2&mcvt=1000&p=1014,1111,1268,1411&mtos=0,71,1000,1000,1000&tos=0,71,929,0,0&v=20210804&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=272190999&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628202232053&dlt=22&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EDB9 38 KB
14 KB 108ms
36ms Document
text/html 104.85.0.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
URL: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.0.200 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-0-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=137818
expires: Sat, 07 Aug 2021 12:40:51 GMT
date: Thu, 05 Aug 2021 22:23:53 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame DE4D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab4efa11fae97ca56c0cc9b94b88b265f98d2f10a5418a83673792cd814a27f0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame DE4D 84 KB
36 KB 40ms
39ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 07 Aug 2021 01:27:35 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame DE4D 35 B
503 B 32ms
31ms Ping
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=45397441&csi=1u6asM8stACHVZpeSW9PRG3_lVsZcESThPMj05LqC5vZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:53 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 44358068.jpg
s1.adform.net/Banners/44358068/ Frame DE4D 56 KB
56 KB 35ms
35ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/44358068/44358068.jpg?bv=2

Requested by

Host: cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
URL: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

5b4b211d3b65acc873a687a1adcd42fe5036a16449155e6f8602669e8d224a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
last-modified: Wed, 07 Apr 2021 09:45:32 GMT
server: nginx
etag: "606d7f3c-dfab"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 57259

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame EDB9 0
42 B 128ms
42ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=98078343&p=160666&s=824145&a=0&ptask=DSP&np=0&fp=1&mpc=10&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:52 GMT
content-length: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
280 B 163ms
163ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2fw7&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.jpost.com%2F

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 05 Aug 2021 22:23:53 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 3ccd091bd2d4af8eb9b80b065f73d3b1cff7a64714d6cbe8eff877c3b18db026
x-transaction: b442addb6afeded9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d93b79a5ac7159dd57da656fea3be85c366fa43946dc5c5fc719efa0e3f9da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8739
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 22:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 05 Aug 2021 22:23:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6C89 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 05 Aug 2021 17:23:07 GMT
expires: Fri, 05 Aug 2022 17:23:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D56C 783 B
531 B 15ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/grumi-ip.js?ver=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

639f5c5b92e0efb2573905e6d54d99994870d70654009e18cecb09ddac6ebc34

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S/PHrfk7xfPk9qaWNi/YmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.jpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.jpost.com/

Response headers

expires: Thu, 05 Aug 2021 22:23:53 GMT
date: Thu, 05 Aug 2021 22:23:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-S/PHrfk7xfPk9qaWNi/YmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C89 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 11:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 11:02:44 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FCBC 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSA_jIKbLUPxmqwUiW_ofkMBiq0fL8ZupB8mF_2P1yb56GNlvlD_Nh_W5a2Q3brX3S8s1Lph0zg3rZuoDo_c3t657uScUQp0_hvs_TD7C1j1U_n0dwvxsW-nlO4A&sai=AMfl-YR_ntWR1mjIhQ128ytNJ4s12sWmSPrXPRR3HhwWzZmx4I4_w5RQJ1HLf1Ps-SvdARsGB_-L2NCz4GZvhBwITzF2KQHfWWGsQtzelke6HYcgmlAp_pdQ8LrE69rpvw&sig=Cg0ArKJSzCop6L4eRkGuEAE&id=ampim&o=315,250&d=970,350&ss=1600,1200&bs=1600,1200&mcvt=1008&mtos=0,0,0,1008,1008&tos=0,0,0,1008,0&tfs=117&tls=1125&g=100&h=100&tt=1125&r=v&avms=ampa&adk=4210319044

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6110 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkzyerKuG9DAlPNOMi50IU8GUNNKKj15m_P59iKt6YvU5yF9n0PWxrktKMFk-UA3C_uK9ngT2IcV0VGNII94pxy4DX-6IYMrix8XVPLxXaNKdw0DNm&sig=Cg0ArKJSzAIYqoXhcNOQEAE&id=lidar2&mcvt=1011&p=15,0,16,1&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210804&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2361661932&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628202231566&rpt=614&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080201&jk=1558036351847043&bg=!fH-lfzvNAAals0SOpbM7ACkAdvg8WhnTUQJ4rBDRWG48poROnPKEzjIp5RkPCXb-fmW43VIljq58_gIAAABiUgAAAAxoAQcKAEUrv5K-cfLw3syXFqZpBnK4Fdg2oHWzo11qWQrCXZhSHQVOtEyYq_FqNTo1unueINZ9H5QclXbmWM1REdkjoPfMe0205faZAnnIoGIwatbbNeXEIUW1tlALw_oh0roTKEWHUIqY4qJbUQGy6cjj-S8MWG1_paOWJHv5DLW6Hx_xxM4Gz-up9k-YalOE0Jlb6-vjx6uNnyW0Aj1HNI7TBaG-rLZwv2tNl2og0pwO7b0a4e2eGwHVElEJ78vPDoy8w1zfdGyqthQ82McwX0SUhcAkufv4ilkilid4RsUlISW7SUHXUoVgtEEW1TKB1vUOuzdbWHpz0E73Q_apF07Cv11osvDLK3cTtX0qyZzk2zxDKqKkKwJV4EmBBRURtP1Ehvg3Q5xFysksjZxz0W3ryudi2oiurmrQyAHIenp5yTWX5jVgnOB9ZfuhXVyYKPh4Ky9U5_rgulDEe5tSNFeH8DOwD8qdj7XBm8-GiKzTGVWtezsP9-t_o7RtXgV50Atj2J5Knx5fzj3Y9bNOmPIs8k4DWi7byf7wesw_wOmrl_CvmGKGGKTjWi4uvoXYfQbDVeYEj_DnHXxyEGvT2YaCq3VGFzwTN-COgUboZBXu1jSK4oy7N3Ka-I_QWXNxnFYkURvCDxMxlAhBx4TzZB5iRd2jpjWyYLOMkGzizHUQplRSFpRO-ZZbBLJRP5lro6Va9nhzYQ5iqbaV45NKjzGhQD7zxW3eLfh5j4Iqb-eJd704lVihauII-q7lsDjLbZzM0PewZZODOlkjQ5gmlgjWZ_PEpUuLg_1RuO5vbhVTkfnPQnCXftqd3xqmdkN6sRkUQOhfc1lcnng5shJbmqRtrq7qNf9ZZLOnRo3HaptqGQIm4LzBmAAxcv3DX66qAgu6gDcfh0uy3JgeSf1syWsh4FVzoHl5kYXOwg6e6Xgj62sR7xY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame DE4D 35 B
503 B 32ms
32ms Ping
image/gif 37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@45397441,6359937156554461014,0|0|0|0|0|0|0|0|0||0|1|84|B89801EE-AD3A-4634-8CD5-6E64E6C5ADC6_1|||1|0|0|8U9b9T1k7nzi5nP9TebYOumn3tQYot-A0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 22:23:58 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:16:43	Name: test_cookie Value: CheckForPermission
.jpost.com/	1970-01-20 05:38:18	Name: __gads Value: ID=2d5b58ba294ccd73-22d680fe98c80048:T=1628202231:S=ALNI_MaBKa9k6iFjgg7l2wybB2YnHDJJ1w
.jpost.com/	1970-01-19 20:23:54	Name: vad-loc-code Value: de
.ads.pubmatic.com/	1970-01-19 20:18:08	Name: KCCH Value: YES
.jpost.com/	1970-01-20 05:02:18	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Aug+06+2021+00%3A23%3A51+GMT%2B0200+(Central+European+Summer+Time)&version=6.14.0&hosts=&consentId=5c3c5e3e-e272-4e40-8760-c609cf7d2d00&interactionCount=0&landingPath=https%3A%2F%2Fwww.jpost.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK1%3A0%2CSTACK42%3A0
.jpost.com/	1969-12-31 23:59:59	Name: pageviewCount Value: 1
.jpost.com/	1970-01-19 20:16:42	Name: _gat_UA-3326248-22 Value: 1
.jpost.com/	1970-01-19 20:59:54	Name: prism_25900740 Value: 83bcb701-bda9-447c-b1e1-7d8100f92c42
.jpost.com/	1970-01-19 20:18:08	Name: _gid Value: GA1.2.948910697.1628202231
.jpost.com/	1970-01-20 13:47:54	Name: _ga Value: GA1.2.710882465.1628202231
.doubleclick.net/	1970-01-19 20:16:45	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:38:18	Name: IDE Value: AHWqTUnpf25js-6UngQRw1nZKdpsJKfNyS1zjJuSQ10HUlDcWYAUHetTVReCgCz9U5k
.jpost.com/	1970-01-19 20:16:42	Name: _gat_UA-4780630-1 Value: 1
.jpost.com/	1970-01-19 20:31:06	Name: returningVisitor Value: true
.jpost.com/	1970-01-19 22:26:18	Name: _fbp Value: fb.1.1628202231138.1151251941
.jpost.com/	1970-01-19 22:26:18	Name: _gcl_au Value: 1.1.1986709468.1628202231
www.jpost.com/	1970-01-20 05:02:18	Name: _uc_referrer Value: direct

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.jpost.com/(Line 48) Message: country1 DK
console-api	log	URL: https://www.jpost.com/(Line 49) Message: region1 84
console-api	log	URL: https://www.jpost.com/(Line 82) Message: country DK
console-api	log	URL: https://www.jpost.com/(Line 83) Message: region 84
console-api	log	URL: https://www.jpost.com/(Line 87) Message: country testDK
console-api	log	URL: https://www.jpost.com/(Line 92) Message: gdpr is on
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080201.js(Line 6) Message: [GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api	error	URL: https://95662602.adoric-om.com/adoric.js(Line 1) Message: _Adoric_error: TypeError: Cannot read property 'setItem' of null
console-api	debug	URL: https://tag.escalated.io/?i=Lq17fOU6DK5fYHg(Line 19) Message: null
console-api	info	URL: https://cdn.ampproject.org/rtv/012107240354000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107240354000 https://www.jpost.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

95662602.adoric-om.com
adrta.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.twitter.com
app.adoric-om.com
c.amazon-adsystem.com
cb1fbfef32b7fe95c2c43b4557f36af5.safeframe.googlesyndication.com
cdn.adapex.io
cdn.ampproject.org
cdn.cookielaw.org
cdn.syndication.twimg.com
cdn.valuad.cloud
cm.g.doubleclick.net
connect.facebook.net
diffuser-cdn.app-us1.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
images.jpost.com
images.outbrainimg.com
ipv6.adrta.com
jpost.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
pbs.twimg.com
pix.adrta.com
platform.twitter.com
prism.app-us1.com
pro.ip-api.com
protect.geoedge.be
q.adrta.com
revboostprocdnadsprod.azureedge.net
rumcdn.geoedge.be
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stag-core.tfla.xyz
static.adoric.com
static.ads-twitter.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
tag.escalated.io
tcheck.outbrainimg.com
ton.twimg.com
tpc.googlesyndication.com
track.adform.net
trackcmp.net
valuad.appspot.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.jpost.com
100.25.91.152
104.244.42.200
104.244.42.5
104.244.42.67
104.85.0.200
104.85.0.246
104.85.1.87
104.85.5.185
13.224.90.44
13.224.96.53
13.224.96.61
142.250.181.226
142.250.185.194
142.250.74.194
151.101.12.157
151.101.14.132
18.233.227.25
185.33.221.52
185.64.190.78
205.185.216.42
23.20.146.126
2600:1f14:b4f:4b01:e698:1526:af7:7e1
2600:9000:2057:2400:13:930:5bc0:93a1
2600:9000:211e:9800:4:69bf:5d00:93a1
2600:9000:2156:800:4:69bf:5d00:93a1
2600:9000:2190:800:4:b37b:9440:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b944
2606:4700:3030::6815:631
2606:4700:3035::6815:4ba6
2606:4700::6810:9440
2606:4700::6810:9540
2606:4700::6811:915b
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2014
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2013
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a02:26f0:1700:d::1737:6e8f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.225.114.95
34.120.218.58
34.95.123.171
37.157.4.41
37.157.6.235
51.77.64.70
54.78.253.158
70.42.32.31
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
04acece9298cec6f93681376ae02d469cd62cb51b3d6d670d0919ad5350375ad
04b78f2b110a2c9e8b7f1762be089138717a85e86d0ac9f6ef0c9766f25ecd24
066629e68e7e77eda4636e9cddef6fbf75130c01dbb1d16bdca91c5549ffd8e1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ef661be38be006eb690a15613c557d418b8780900ff490545bb2b75d23fcd7
08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d2119e95a4d189ed7d126039f9927d080b9a1805b4cfcdce25f4a81f3fc7b5e
0da8b681b5b73ff645ff5d1312a7a6e7db5f568d6ee68ad10ce77b142d5b7735
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
0e854838e15a76040ecf21d147772525a954211f9288b490a6a5a91f1731eab3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f177cd55dd8ac72aeafc3a308de43412b4b7c382537d9ed751922ed00c6d54b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12357a91880129b920ab8186c638c4e599150f6cc330475dfbd403e76edcbd71
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
1609bdcf4696c8146359638f33c35febdaba621dea00137283c61efc17504909
168d394f271999e9c8b3a3d648db423a2f0bbf5c341cdacf2a6a1ab7de5927f0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ff1e3421b1f1e290998e62486ebe08904d3b2180956b72a2de91a22b362abb
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
196172574e9f25d836e39877fcec10d232f95ecf8e6404152dcf21d9070ad424
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1bcecfe7a1a6c6947b031db7a954aac392bad5c961bc99f4724c277f4ded254a
1ef6ed0ef70e73de9728d96b25744424ef6c04f30f5cc2c62c9cb04689d320e9
21622af2c58c14def3e24af70aa0e9663e064eb44268730b9b873c11ab51c615
2331402bcc3460ee186654cc0af4841e1ca3e5c543953ab8c68a04ce59ec7899
2346f48d5ac0f767a761cd0bbc9e35d4e9ad1c4a40351b6ba48074b037ad083e
2596198e77ccbdab3018bee48950659e33465901f5b2060ea5439ff6c1f6a9b1
264a6783e475d026e8b6c69cef6edab09b8c4ce66bc6951fa8c41f7d189655e6
2678d8e52f00bfaca4d36890b4458fcd08694ab9850c8f41e0863882cb737b33
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
292c75919ea21accc272b0ab64b17c0d93b0420455c3b6b84dbe43cbb26711e7
29ab34618fc992cd799878b649e2383e061b65eed0d8ba893c3f1257e713c373
2a47755a3341a60972aa173ed45390aa93ed609ed5c82ba583be9bb2a3a6a2c0
2b251725df615327a977779d6841870044c9d1a30a118bafbf40e09147489cb8
2c04d3fca9ce4e503aa208e7f64da442098801421b81f63b9e1f1594a9fd36e8
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cd4f22793acd88e9c94d2ba7fc2a5979aa82f6bed64131f4837db72c9440e4b
2d2ece7738a34510712fa98224c3f0af58629bce2bc31f071a4a209e220f5895
2e5bfda5a932e1f5355df678dfe8a53160267943ccf4648fd123cdba6c829950
2ef8dbb9b45985bbe0fb9f939664389c566febbd09d8446c5cd104d269ebb528
330c89c244389062e64a7ac7947dfdbbc555d4c3fd0636530db422e6d7e14857
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
350d0116d7f955aae767548ed3f45ddefa4666c060a6ec23ed6756328682ccdd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ae0d5f81b298a525235a450a78c02b175a502913623b103824e9260493105f
38e262251fb7c77a99d918aa2a4ef17e76cac6c8b947b233de22d17ee7986276
39a1fdb74dd62ab98d61bcb495315f60a47bd5db43d79a70532f45f297d0b67a
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3f5b9ce35e198160e8ef29bb8cc12a398bce9ab0518ea53b9ce959d96088c031
4075d8c0c312c24df5548f967cab5fbf808fe78fdcef9d4032bad92f6cacbb70
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
437641b71f9dcf5d81bedf89cc5759a659a21de763fbd76220a2bf02a38f81ba
440d987faf41f10a43f77879d723d49dfa76f0553692c53a67a4fb74e39fa2e0
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4527b80e26498a9645460784fc8b51b6fe7270de7da9045b306ddcf693523dcb
460f100ec22b40760bce4a22eb508f461a922a1c0e1ef1292d48acaf4ed59d6c
476bcd9b9748bf4f352cd33af4b8289dbac96ec6f857ae5001c7e4775a8a48d3
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4a0e307f58197b5568cec9a9498f024a7bacf3e1f2109c08cafaa67e7506e657
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4d12329e0fd65159a22a6e3070ece0bc79825bdcda1357baf388818dc1756a00
4d93b79a5ac7159dd57da656fea3be85c366fa43946dc5c5fc719efa0e3f9da7
4dc4abcd99f7976c1a0938575631974c55fa42bf76681e84ca56aeea3180966e
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51acc463407d948778543da2b992b49c0273a435a03e6aff2b07503afa033b2a
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
556ee8a8380b60437747eab7c0dc7a25da85cfb45c687ea33ca5e90651ca7ed5
56a0084987b4cc4a418ffaab62da13c6e65407fb99b769e38c6a98b0815a89e6
5970d0173302c5e24b0e45022846302ac3d1dfb479ab462a6859e1f3ba6c4963
5a047a2807134fcc33829a7773f2c02bd2339b1587a0dce07b6e00454ca8f0af
5aae1c32cf5bc4aed85d56579ce12da4034baa28f1cbbeff95804154afe2d2fe
5b4b211d3b65acc873a687a1adcd42fe5036a16449155e6f8602669e8d224a6c
5d48bb6f0899203043a845cf13e4d48fbf112e724806bba09a35fbc002e1221b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5fbb36bdcd7fcb6a1962d355dccfab3262736d4d198a389ffb85a3fa3d2440d4
6002dfc67ce01be8722df27414eeb77160aceb6a179fb772e07d9cf6acd14248
6003175c156608022e47f69ce89c985c37c6b1c69b8c40058781619242bcdd8b
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
617d23c6f143da9341c51712fa7a8e64f7386a6c3ba23a6f572d8774360cbb03
62a942bc35677c6a234fc7939e4d4c1e6ac120dfa3b3bc8520e5e03c96e69f1a
639f5c5b92e0efb2573905e6d54d99994870d70654009e18cecb09ddac6ebc34
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
69f16dda3e31811637edd1c0f8269d00e6149a6fb54f58654f58a589f44346a1
6c0fdf642bc411442bbff1f9071b0d5731d5ba2d79471498f768fde3acbb6590
6e2e6bf8f6626636cda58faf3800d799ab2a6a211bebf6c5208fee369ca42fda
6f0e2d6ef1822ed8e5258624a51096c7748a1759a78e09b85fd23220a7e9c1d7
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
733c6166f84f040480db5293704782064396c50450867b5efdc842fcf01659a1
7435b1cc1e69ad04a3626a452f964b0adfa0980fa319590929683eac7f58b688
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ec3c71c550b183178fc6cdd8579b544f60193f3203f640f0bdf89578eede1a
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
78e0bdeabeebc2dc279c8a9321a3c05dfee71e89123ee3d480fb83fe9d308aed
7b1bff77779d96c841b4bf9574db5bb0700a414a63afaf221dd9ac0a6becccda
7b76853e5b92c0b1c689679d29c12e49d204ce8127d4f7d89f955ca379779347
7dd6608e53d2f0fdbcde7b8d7f170213e1b8f13c5da7de45bc376fa81fda61ee
7e984fa0ce5bd8d57c02c75a34ce9eefd9c63a590586d67857724624fce13870
7eed350931e2f17f1ba34dd410696e096fc8dc1bc9a025d65b6a175e16c307bb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fd782009c90598e9a5aa5c0dc98eed5fc3f4e22335ee845736840fa7aea50e1
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8069956acb4c566506ff71f7a23c8e23f75ce9443384fe3393ed5c846924026e
823fc62093519436a87dde00f879d35b3fd6523e8621f0489afe4f4f33efa285
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84906952379984bfc9c938a2e3abc4503505c1c15e02d0233221291fc7d11257
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868f2732413f5fcb021d726343ac249b6ca630db5fbd578f6525f279dda5c22b
88c0fef3091671cceed733723fe33338255a8e66c0c5772a830a3d000d5b8d10
899694b4b21e8b1b79bc71898023d2ee2e3d684c14c9dbd3bfd1f604ada82713
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8b78cf3845251970d576b2be775aa379766f287d7c98e73ca300ac940df7274a
8bc63dc058592ccfad7b75f3003d8ec25b03d040666b3ddd2c4c5e47927924f0
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
92422896736057cd5f54a3281b97ce0c7cffe3d3f11240b63992086fe44dd9da
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
932a86a68031021f339685be7a0e99ca8e78c08021960b548625ca997dff0292
93a1125a3c3ef80e004e551fff07c6eb8db56cf72185862e83e25161ab625aba
9486a0b751e14c3cd650b31cab37593285a4f63ed3bf578979c02fd71e115709
94fee32a840275c942b4efd51ffe66adf6b90a7b099d544533636eb2c36dcec3
964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d
96d0d669abd3f84e7c537ad74cbff8b971c05b56ddb59518375e6bbccc81713c
9985568110c4720f55921eca924a070e66d1ed9bdd148e3c498ab55116702cc3
9990fb1a424ad47491da3853eb8a005ec51e4c2ef93daf45695bb811b6055ea0
99a7467ed61e323bda484df4fbe028063fd8d0ab58d01c27dd009a08f7e8ae02
9c373faeb019ebc0fed954a4f33d9a39ce09ba61942a9c75a41d7044dc03b781
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0449c2b5e9424f40effc03b397a558d5a91afb27e61283f1e50a8899db184cb
a06d70fe8da62483acc7a4cc3636c7965644b2b2d779e9ea3c2c490f24ca40af
a20adb96a08efc2979c56f35403180d84a37db7e849f4193dd32d2d92d4b4541
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3c93825b7a947566f8db10fcecec92a2e6806df5a302f0d54233103ba4fda14
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52d7312261899f02e7368cb09b515fad7e08fb9a37203f4ab70bab7b8d678eb
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5840112fa69da34584506241c378b4e34b12f12334a851fdac17b820dfc24e4
a5c1689792acd21e3ad029b2f8424094b23f1557c0111637ab36192289e7d729
a5de3651c0aa89e6497da505565c8944039fd6480aa161b1f270d1f5953c9d5f
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8fc93b13f1d17f4ff440295d4124659403cfd1f2ed8d748ab1f372b955ce309
a9f17709a5b5fb8ed9d85f4b85359161c4ae8681d9dbaac1029b3fbe34b8fba5
aacd577873e6cdc040cf79258f88d9f9e0d7f39f54d9e4efcd295a9589d29577
ab4efa11fae97ca56c0cc9b94b88b265f98d2f10a5418a83673792cd814a27f0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb10f47a41afcb5b883793b7b442219071ae6b97b4f94d17324d25693696977
ace6ce2e04aeedffd653ffbdce2cd99d457797e349a4152c26d79952520f8009
ae51fb91d405574ccd1f89e35b6e2b26604c738a6eb6441c4f6ffb341dea9a7d
af9c2aded7294443251c6ff899b11440f49f5072f027fa5e0bc170be23d53779
b095203be9ca84c5557f8a5fae85a7af9d853be0972181237b30216f86a94a65
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2637b9c5800f28d4a0b31eebb21725f4399635a3392846f3f82cdbea34b0abe
b4ee8750860de0e52cf2f62747b5ba5e16654a75cdb06214a81e4067367c6fdb
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b654337ee4ef3701d838d179a25c7191a75eee0275b4ca60542ddb91e8b9ea21
b68e9f9a553084f70b0b50e054987515e63d918c7d03ca7a396854394be5bc4b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b826f485873b923a0a9046262b9d026e8f4d2094da1e98e527f279eb9b148d6c
bb1f9898855a8409129d00999890404b36f5066054645dbc9b261b7e4cf5e5ee
c0b017ea77c2fbe00c8d6acd7a1295bc106f85efc88c7b9af91bd8d1c2443e4f
c1e6b577020def37119a0990af665c18c9b946fcd3f1fce34d3be4ad65436a53
c23d4775083e795e23d90890f72e830496a2e562a37fa9bccd3ae884abc5c19d
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c457f5871c63bbdfedfe9278fd3dee35826ce72ae74e315c1d0e74dc785c4620
c496fde18101e6d34a26af958ef5eaec33cc11028e5c7464b97de92ad810601f
c61507b59919f9719a4267c73487a008fa3a38704bbca73b04d90c45129beb0e
c6c235c01da59796d898a6cec03be70d348db98dc9428d3552ba0e2bfac231b6
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c78dc0eafda618cd460f634aa324409bded01224b00e93bdeb815499e6acede8
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c8fc071d9c5e81cb429cf5177c5f761b378562e2738ac17c7d194c5779849afc
c91f8a3b1fd7af72e4841537d882cda365c60155e03b01c72110fc4913bd2eca
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9c0a08f10658a3b07e203d22f823ff98edd8f6eb88617c02da86da42e9a5883
ca018b5f598c9f00bd6563605c3cde2385795d5462bf698799b93bac89fbc3ca
cdaac76ae2c2cba90f29ec455c718ba0ffb40e39da968b9023e52a1e6bf2f6b8
cddcc52dfaa4cf024a2dc9dac7bfd6a78a95f1945f32f4201a404e61e6fe2822
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf84082e259ad41af7fd361fd43e0bee4f52c633d44d4bbaf02930a437d82a00
d3d82d487d29c77b2391b2c81976f672a9f2e50624bb7aef2b92c5361622ac5a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6da4c7c1d8d69489e4ce9a8a4a9096951cbe0ccdba460a35085b8aac5fef03f
dcc6b7e38b62557d233334e959867ef5e5dde2eeafe9b565ec35f13446a296d1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e03f13179b862fc7ab0d33c976e1e726f16dd31a7b6cb75cb36668ff9a2b3051
e0b6f15515bef3de20931fea83223e07e078174a93b1d677002fb20c7aca2494
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e295a599a00ebbb6d15ff65b162dfadfc54ec214b5ea8fcde441037cff809747
e29c0844503ca68f506c4e8333125ea7f761fda86f5a3d7ebbba48bbfec0649d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e69b1abb61bf8bdc4ce1365f4a23fa36e3427a00190e93be892266e5367082b0
e6a06986392a2d6394f9960f760429740194003cafdd1bc293203329ec8cbbdc
e73d62fd18fa71baf056db2d7b0f84675b7584f9974c18036fb7f9ada5f182c2
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e7c129ee5de51a2692632d98e0e18cbc092fb758635921e4ecc404293495fafa
e845309bca1ba7946299dc5ea01a12f66784e7220003ff3c438714decfa8c413
e989b5b46e78e092499215b6074c8512cca0e86d5db4c106772d23e74b7a7508
ecc1573d382bfc56a2e6654cdff5c7ad35f0ce7884bd858a9e0c7a823ad6308a
ed7ee54e3b59c9f2b94872ff74aa5ce11ddf345058774098ab47970b2e1df5c7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1682d68acec32a05190831f6c40215256bd907ff72d36119f12b7e36ccc82be
f16eb51eb8a930f21ab9c708601848e2c523d5eba3f7fa32c509901f804a935f
f19ec923daf7d72e5f2f155ba6229ffde0afd953ce121b44c1ad55e332db58f0
f1cd0da8f127c64e1c80bf4c42e61e49eb774b2635fdcf54f57c96bc4f10cf88
f25c6a2980d4e1f7dd8d2a56228540ec83f16b2e683737b63b3eb45947e2d470
f3b4c5f964996652028f637735530c2cfbc301cf445d259cce0564032ffb0f46
f45af631d0b2d223e6768a421e6dbcdf60599f7183fc902cd824f996ba0f0bc8
f4954bd137c2b03eee47d94e080cadf0ac8b888c09a86510910e5730dfdcb22f
f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745
f56f843284945e0ecc9414d1499d7a199062fa6abcbe1a8a2b788844162cd640
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc14419d3193a259312aaa121c090ff9207c65db769c7dfc19ccac8a08981c9c

www.jpost.com Open in urlscan Pro 2600:9000:211e:9800:4:69bf:5d00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

312 Requests

100 %HTTPS

55 %IPv6

42 Domains

70 Subdomains

65 IPs

7 Countries

3636 kBTransfer

8626 kBSize

17 Cookies

45 Outgoing links

Page URL History

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jpost.com Open in urlscan Pro
2600:9000:211e:9800:4:69bf:5d00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

100 %
HTTPS

55 %
IPv6

42
Domains

70
Subdomains

65
IPs

7
Countries

3636 kB
Transfer

8626 kB
Size

17
Cookies

312 HTTP transactions
14 data transactions