urlscan.io logo urlscan.io
SecurityTrails logo

refund.tripshield.co.il Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://refund.tripshield.co.il/
Effective URL: https://refund.tripshield.co.il/onlineClaim
Submission: On June 12 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 110 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is refund.tripshield.co.il.
TLS certificate: Issued by WE1 on June 9th 2024. Valid for: 3 months.
This is the only time refund.tripshield.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 78 188.114.96.3 13335 (CLOUDFLAR...)
1 142.250.185.202 15169 (GOOGLE)
5 142.250.185.68 15169 (GOOGLE)
3 142.250.186.72 15169 (GOOGLE)
1 162.247.243.39 54113 (FASTLY)
1 142.250.186.131 15169 (GOOGLE)
3 185.221.85.3 206998 (NEW-2)
2 23.218.209.87 16625 (AKAMAI-AS)
4 216.239.32.178 15169 (GOOGLE)
2 157.240.251.9 32934 (FACEBOOK)
1 172.67.69.47 13335 (CLOUDFLAR...)
1 172.217.16.194 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 70.42.32.95 13789 (INTERNAP-...)
1 142.251.173.156 15169 (GOOGLE)
2 142.250.184.227 15169 (GOOGLE)
2 157.240.251.35 32934 (FACEBOOK)
1 104.26.10.244 13335 (CLOUDFLAR...)
110 19
78    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
refund.tripshield.co.il
1    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
5    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
3    142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com
1    162.247.243.39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com
3    185.221.85.3 (Ireland)

ASN206998 (NEW-2, IE)
bam.eu01.nr-data.net
2    23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
4    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    172.67.69.47 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popt.in
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
googleads.g.doubleclick.net
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    142.251.173.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wi-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.co.il
2    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    104.26.10.244 (None, )

ASN13335 (CLOUDFLARENET, US)
display.popt.in
Apex Domain
Subdomains		 Transfer
78 tripshield.co.il
refund.tripshield.co.il
1 MB
5 google.com
www.google.com — Cisco Umbrella Rank: 5
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 68
21 KB
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3506
tr.outbrain.com — Cisco Umbrella Rank: 3411
wave.outbrain.com — Cisco Umbrella Rank: 3433
10 KB
3 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10229
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
317 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 google.co.il
www.google.co.il — Cisco Umbrella Rank: 25779
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
2 KB
2 popt.in
cdn.popt.in — Cisco Umbrella Rank: 31957
display.popt.in — Cisco Umbrella Rank: 31603
56 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
74 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
28 KB
1 gstatic.com
www.gstatic.com
206 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 893
34 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
2 KB
110 15
Domain Requested by
78 refund.tripshield.co.il 1 redirects refund.tripshield.co.il
5 www.google.com refund.tripshield.co.il
4 www.google-analytics.com refund.tripshield.co.il
3 bam.eu01.nr-data.net refund.tripshield.co.il
3 www.googletagmanager.com refund.tripshield.co.il
2 www.facebook.com
2 www.google.co.il
2 tr.outbrain.com amplify.outbrain.com
refund.tripshield.co.il
2 connect.facebook.net refund.tripshield.co.il
1 display.popt.in refund.tripshield.co.il
1 stats.g.doubleclick.net refund.tripshield.co.il
1 wave.outbrain.com refund.tripshield.co.il
1 cdnjs.cloudflare.com refund.tripshield.co.il
1 googleads.g.doubleclick.net refund.tripshield.co.il
1 cdn.popt.in refund.tripshield.co.il
1 amplify.outbrain.com refund.tripshield.co.il
1 www.gstatic.com refund.tripshield.co.il
1 js-agent.newrelic.com refund.tripshield.co.il
1 fonts.googleapis.com refund.tripshield.co.il
110 19

This site contains links to these domains. Also see Links.

Domain
www.tripguaranty.co.il
www.cinteractive.co.il
www.cyberserve.co.il
Subject Issuer Validity Valid
tripshield.co.il
WE1		 2024-06-09 -
2024-09-07		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-03 -
2024-10-01		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-21 -
2024-06-19		 3 months crt.sh
popt.in
E1		 2024-05-05 -
2024-08-03		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google.co.il
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://refund.tripshield.co.il/onlineClaim
Frame ID: 8E77EF875E2D0264E9CA0B5307A1FF9D
Requests: 109 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdiA1IhAAAAAEPlwaEydJqEV4KqsZa4FyXP6UpM&co=aHR0cHM6Ly9yZWZ1bmQudHJpcHNoaWVsZC5jby5pbDo0NDM.&hl=iw&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=normal&cb=o1zt1s73f6j9
Frame ID: EC9557A8E43D5600E0FBE7A80B8DE3EC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=iw&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6LdiA1IhAAAAAEPlwaEydJqEV4KqsZa4FyXP6UpM
Frame ID: 97C76913B89449D998B8486F6121502A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

הגשת החזר אונליין - tripshield

Page URL History Show full URLs

  1. https://refund.tripshield.co.il/ HTTP 301
    https://refund.tripshield.co.il/onlineClaim Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

110
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

19
IPs

5
Countries

1845 kB
Transfer

4978 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://refund.tripshield.co.il/ HTTP 301
    https://refund.tripshield.co.il/onlineClaim Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request onlineClaim
refund.tripshield.co.il/
Redirect Chain
  • https://refund.tripshield.co.il/
  • https://refund.tripshield.co.il/onlineClaim
152 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
176b981aca136ced41ab2ef6222acf08f4ce5cfef6c00a1f614ebb989afc13fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-apo-via
origin,header
cf-cache-status
DYNAMIC
cf-ray
892a0a6c6d9cbba4-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 12 Jun 2024 13:03:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BoiJC%2Fh0q1j5EI5msi0qwiX7ObXbcsLM2CRF8NSG8WB%2Bbfvt7xQZ7KaTgZiVL6XRD%2BmLWbQQjj53SevRahX%2BNX%2F96JKXlF3IS%2B7QMm93v1AGNOzlS5%2F0w%2FZ5rOSRCjXSpY0n2RSKsJ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-aspnet-version
4.0.30319
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
892a0a6a2a40bba4-FRA
content-type
text/html
date
Wed, 12 Jun 2024 13:03:23 GMT
location
https://refund.tripshield.co.il/onlineClaim
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9CNS8tLrONtaJyM3DyQzLB83spHawnQmI8OBmNmPGNiOshNs15cbF37yyN3nEj1TFcvk9EL2PFi3hgkQ8ONsZJx6r6lJ%2BmMJ15jXrLbUoQhOtUkcV2X34j2smehkZ3U1KqbczQG4OPFOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
bootstrap.min.css
refund.tripshield.co.il/assets/plugins/bootstrap/css/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/bootstrap/css/bootstrap.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:54:32 GMT
server
cloudflare
etag
W/"50e79f9919ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0GKZdCw0TpLzWrY6AioT8yPUXoOcOdmBjuybZAoHS00KjqJadq%2FljlNolSHUhjNYot%2F7sAAyYaM0jOsOiYecEzfcsw%2FbLnygSEchHpy%2FoHxdV5m6uQgMCpzUxxdTh1hC9djfoDoFeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73a963bba4-FRA
style.css
refund.tripshield.co.il/assets/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/style.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1c24e1ef7560a2dab6f277ea91cd1368e3f46c63533c389251440edab48c68e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=39350
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:42:29 GMT
server
cloudflare
etag
W/"b0b97dea17ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9LzUGYjmSbAYfY%2BgPhkppwETr7jN6fsB8I6ejSGPzmIGRTfpnWP3zH7VzMIeYeZtXHGLI4hRYHDxDlfzUncN8yE9tYKjx7tFdDx%2BQIz61V4Q0R7hkvtiwqGDV81NNB%2BV2p49SNJ8gk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73a965bba4-FRA
line-icons.css
refund.tripshield.co.il/assets/plugins/line-icons/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/line-icons/line-icons.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c27c57142f0a623b231caba158e4dd1018a7e84126316e5175f599274dbf3149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=11557
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:55 GMT
server
cloudflare
etag
W/"60f0674118ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmz1SHM1X4es%2FBE3xbb%2BPKtGRXEArTNg4LTEiIuTYJpHlP9%2FHZ82CYavL3qaMDk9z1gzb0pvB3Kvq37UbSL15LLyaQbTseRfFeLTlmAuSUZHLqwwltbwVZrtTvKhA5WKqrJMW6lCGIA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b96ebba4-FRA
custom-sky-forms.css
refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/css/custom-sky-forms.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3e96ce8f8f16fcb38bab86d4e2f7e78d6e98ae2815956c373ea901bc2953049
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=5641
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:58:49 GMT
server
cloudflare
etag
W/"f087c5321aecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxNvjpS%2FJecRpc8tW%2F5xdlBMavcWMs0cC6VYggxa1vnvCXs52rcZ6Jzog1aeRWyzsLzA24eWKNZ8nVGrpncO8UnOwJX5qGwZ1aF%2BNKnWyuVl6DAeI0MyG5FQpdt%2FQCWvsRr1jpykTPo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b970bba4-FRA
owl.carousel.css
refund.tripshield.co.il/assets/plugins/owl-carousel/owl-carousel/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/owl-carousel/owl-carousel/owl.carousel.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bdde772c8c00b595299d6473c9f22819d1c5e88b528191524be55cf63c456cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=6152
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:54:51 GMT
server
cloudflare
etag
W/"90d920a519ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIZqXU356Q1L2qbiwNjdJAmxIiDig%2FGOBH4nnTQ9wcn%2BWrYuIvj0OzLqyyW1XaA7TjNU8P6pXlywiUoiqk0Fw1B4XsKo12AmcyGSj18rXD1wSp3yi6B6KBv%2FqhCO5OQTeaxYwPQJ0QY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b973bba4-FRA
default.css
refund.tripshield.co.il/assets/css/theme-colors/ 		0
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/theme-colors/default.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=193
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:46 GMT
server
cloudflare
etag
"60c2e3c18ecd71:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wqSDxq%2FXkTbwYCs3XUySZn4zK7HHH5TzSCGrytQEzUsWH8%2BpPqwQJckZ5McJgimtBKSlvEmRgnrD5guU7Tpl4rJvptlfbFisS4vMbDTr1fO2k%2FyG90BKjXRkail108BAHvF%2Bsv84Pw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
892a0a73b974bba4-FRA
dark.css
refund.tripshield.co.il/assets/css/theme-skins/ 		42 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/theme-skins/dark.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
442593ccd5626184692d637b7d4be81b4a45834867f7289d3e5620888c2516f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=59482
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:47 GMT
server
cloudflare
etag
W/"10d5e63c18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XkkQVyT57Usi6uR1sMDWfm1KTtTbQS3BOF3xdywaTJL0LVHV1OKL67CSS3Qx6pa7xTcNvUMSsN3wRZPnG%2FTsgyPVOaVuVTHaw2Jp7nEk%2BYzycsof9FUo9c7KMqEeveLfCBfjU0MDABI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b978bba4-FRA
font-awesome.min.css
refund.tripshield.co.il/assets/plugins/font-awesome/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/font-awesome/css/font-awesome.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:54:40 GMT
server
cloudflare
etag
W/"2072819e19ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BoB5KbqXbPsGAmDxSFZU3DDoLjAFtyDoL9eVttVcCJZzSEiVFlv7yIi6jT15Rob3WLe5Vb1HbeJkZppdvlXDIMj2gQO7EbEIvvm0sw5o8OAVj2y%2BJKs0XzagyFcdpaYxixvgfdMAJ18%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73b979bba4-FRA
bootstrap-clockpicker.min.css
refund.tripshield.co.il/dist/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/dist/bootstrap-clockpicker.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
368f29a2b4ac942beb937c7efc82a399db2eab9a9ee547e7f775b19d7b1aeb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 Oct 2018 08:01:00 GMT
server
cloudflare
etag
W/"06a4b36f6bd41:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5MckiM%2BovoU0as3Azzq%2F1ZBwWVcGWSaMHn%2FoDRc1H903757hCZIMxH5%2BI1%2FB8T%2BC8D3dIR0i9KkLGs5O19CxqAb3a2Jrl7QN6pqOSo1Gn1Ujz6gJusM94fy1v36uE5i2YNjxUKUagI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73b97ebba4-FRA
Styles.css
refund.tripshield.co.il/include/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/include/Styles.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e34a213d6a24fcc7e4fed75a30878fca0f316448db2f48405a4c4dfbc3c50877
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=36823
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:40:14 GMT
server
cloudflare
etag
W/"90ec159a17ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Klyr1%2F%2FZw%2BKCrh2u%2Fmpnj4FILam7K%2FGdXEpFeoFk%2Fr7JrD%2F1Rw0t%2BCGMGYYfD4vv6DQAff%2BYerQswzbH1sjkMCvP6fqrr9KddeRaifZiGgBnYRw%2BkVnlM9SujmXkMJR95yeRNw3OMm8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b980bba4-FRA
normalize.css
refund.tripshield.co.il/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/css/normalize.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
77fdd8416fc2d407eacd148dfea6e7131816d0333df6097e6485ba2a3b0775be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=8127
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 24 Oct 2018 08:01:00 GMT
server
cloudflare
etag
W/"06a4b36f6bd41:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXhACG5OBu2zhENHfS64Q3EP6aYA7pjxA36UrX%2BZfNyrsySVC%2B2zv7DzMvJTzlXlocA%2FxnKZ2C4Uc5Wn86OcbQZWeQtvCm5CykxvmWibSXeUKatWXyENcu4a9fcjoCdExY5xH0KumkA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b983bba4-FRA
webflow.css
refund.tripshield.co.il/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/css/webflow.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
caf6bc1f35a8eabf73d30a56a78aa1ff013380a75e23f63bf5c18ce3fcf3dfce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=41335
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 04 Jun 2019 11:19:32 GMT
server
cloudflare
etag
W/"03add61c71ad51:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVM0oGu34ViOoKugHOz4whXjkmyVN7ve4YRTFWYtlEl%2BWea11Iw28K7PPRtwX29V8XLVDLKCx%2FtDoRvaBjeoGAMcg1A7Nzb%2F3FE8lgqUpHa7VQ8FTJCt6hxSAiGKK5lyF54QBIgHrgg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b987bba4-FRA
tripguaranty.webflow.css
refund.tripshield.co.il/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8040293db07eca955c93d147bc35df4c80dee331f831fce58c818a7b54b728a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=25376
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Tue, 04 Jun 2019 11:19:32 GMT
server
cloudflare
etag
W/"03add61c71ad51:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q98IJS%2Fq4HaqK8HOQf%2BakY6Pt%2FlOGRAjU5EkNuVthM2BNQgb0G0TlI4Mh80JLxMnJ85l%2FY12DAWa1WcyctMvrlJVOJpWQhhLYs%2Bk6C%2BpP%2FqyJsdROn3Yb6KWw44foAmD3amzJzf8Wy8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b98abba4-FRA
style.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		60 B
653 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/style.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
872c52bd35daacc0c21d6838f07c95d101782946a9215429b96e3ef198b96435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=504
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3X0vZMIrfFjBBPZWRw%2Fp5Xtxsmg9iTtCNSz2xsc3m0jAdi4H%2FJNj48oMKQxH6m0IGyo0bTl0uXdCikOwgEd06s3WP5DjY0B4BcXa9iV4aWKrIQJomtmLFebnjOZOBw25lIBlTfx3K4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b98bbba4-FRA
shortcodes.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/shortcodes.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8696cc7a39303df429ff5dc007e26eb3da03f6728ecfc7772bd44d139eac82f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=16832
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhYeHYCOxg%2FIEH%2BwN7xgScHbqViRIP5nmoG512JVB6eUVDTxDxyKmqfottVw9%2BP1jVDclp4vOYMj7UUm131%2BZ6imDO2WbpFErvyPnQMNPTEmOARPADkbvfDhYEVH87zaWF5mWbtjpx0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b98ebba4-FRA
elementor-icons.min.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/elementor-icons.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2AEPeDIV8YgPuhczmHgBeFbzlQ9wFD2HER%2FmhWMf%2B9PibUF64qtxC0yOaPvvl4gsrH6N%2FZxYO1Oa0oTJha3VoC78fW5SO%2BVEKQrFx9g8fZXYk%2F%2FAzQthwy1%2FqtabAvyJBwZlrS053Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73b991bba4-FRA
frontend.min.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/frontend.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
55ab7680e55a4c8ad7d40c43097d8f4a536b0fd62013cf0edfe0b46d7268101f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIZLhIN3nxb%2BTum432SW8s1QVK56JfbAIAKt33AZOOb9jGPil%2BsIV4r43fhWNCqIh135RymP%2B%2FnGe%2FLrwdlPfvMsKvMUII4xzBlnFqeFOaW7uY1QCIO8N5CS%2Fs7Thx%2FDbHYvqE3ID6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73b992bba4-FRA
post-266.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		24 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/post-266.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3f5bfd2ff1e752098c85208035d782bef9b35a810f8dc0b97118ea511c32fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=25655
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daK6BbC7GQsqeiM491ZKswysDsjaT6WowZdYMXbnpeqEmX6Pc7v8c6Dhy9maCU98keiCYdqr01%2Fav5RtHWFfvnVdYk1481zZ9TzEMSY0Y4PWTRJBdtaIaxUuw%2BWFwMkX1Wm0vFVa5pk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a73b995bba4-FRA
custom-frontend.min.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		160 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/custom-frontend.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5b69e998393698907a08f2750d7ce2aeb29b5b96e491a9f1ee48c9bafe92fef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3f7asFIwHNTdLIz%2F9dvcp6NqPAO5VidxSLKd0E28Tc8zyeiC%2BwzWfe70VbkmE8Y%2FRhrf6PszGI81eNd25XOrhOO9pa1%2BwtnGm9DP1TxRRpyHyeiYj%2BRSnp8f2TMTB7h5A57t7JhHnE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73b998bba4-FRA
custom-pro-frontend.min.css
refund.tripshield.co.il/hybrid_wordpress_files/ 		469 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/custom-pro-frontend.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9e9d365aa837e0f1401e6061adf093b0b8cc03d96b2bc655305a8d7b60a7f2f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2PLWlt5sSkYceiUjunzqMuiapYe4NZ%2B8HHMf30Ji%2F2AtmdT31EGrkUTdFeaIv4%2BST8Q5ZZ0WYi50l21sa2Pv7z54KNfNIW40pcEuzK3Pg163CsIZSNAhEvMkPY6XYXXDQ54wPy3DxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a73b99abba4-FRA
rocket-loader.min.js
refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2024 15:09:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"666322ba-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BaF5H0Umsoe9V%2FjoglM2%2Fp6x51VhJi3IQB9CjhlyuUrB9YETCx%2FQZUYdYdK%2FRgXpUYgM9cX3iub1o4A9KqsApfTFsfy83CaT5A%2BfZjp0x1xoDRqaWTtABGztV3GoTm8usMu6yyLRSMAHfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
892a0a746ab8bba4-FRA
expires
Fri, 14 Jun 2024 13:03:24 GMT
sky-forms.css
refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/css/sky-forms.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/css/custom-sky-forms.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
45c10e594102970e9ce84b114c60e9897704599d77e40f20fc5fe238ce690172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/css/custom-sky-forms.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=19914
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:58:50 GMT
server
cloudflare
etag
W/"70c46c331aecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BWijdcZppzaGifz2GAck5mJnh6H21v%2BTjqbK3BjaZ%2FJwvaPMqXKf03qx0WoFnvDam4s7HRObUtnZw3hD8mlwe9Yocka6il0NpCuFzlBrmb4B%2BgszHoNo59sSdH7SVu5s3jOkDNTxTI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a7899fdbba4-FRA
app.css
refund.tripshield.co.il/assets/css/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/app.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
848968e428b4e8776c60da88ca738cd5e2daf551c8c74c26e71baba086da9d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=62527
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:42:28 GMT
server
cloudflare
etag
W/"30e941ea17ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ho%2Fk%2FJZcAPHh%2FGS1PfJo5mK4P1%2FXcwmknPzLOM8QMGHnMIONgxtzO68z6sbWCYO2aEl9bSQAnICSTevrj6dnJYJvBPYwNtci1unr4ysIe2VaW2HdrzNKDqQG7dVZdD47woLREYS9vsk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78facdbba4-FRA
ie8.css
refund.tripshield.co.il/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/ie8.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f1de1892e08e98727014c5499e6a13e7d0fc1cfb4392de4b374bf023ba41d93e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=1723
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:42:29 GMT
server
cloudflare
etag
W/"01a50ea17ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLT0jdIaI2vXkSmy8T4XYXpOmBTwHWbbcwmTdrntXRf%2FlxdGCLhUTqtvUPZKsOQIr%2Bu%2FKI9A4kUnIFSoRWcTva8GI8erDCeFP1stljMUVPPfoHFocoMpBcymWiT9w%2FxxpFpbzc2mzNQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fad1bba4-FRA
blocks.css
refund.tripshield.co.il/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/blocks.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5a2982a0f93d242323315ba420bc5772d33a77649e74351d5f3ecb353ca06901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=18862
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:42:29 GMT
server
cloudflare
etag
W/"80875dea17ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKHolpO%2BpPES2vMpxgnWG8jzQR3CUwPqT%2Bu1GW047vxh7%2F%2Feot2XM2CQz%2BX0r1%2F4gwM1EW1UwqnOf6M2bd6PCuYMSz2sF09QbLIX9a5s0dtV4ZK17HSJExQLTooW7FHvYn9unqng6zM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fad4bba4-FRA
plugins.css
refund.tripshield.co.il/assets/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/plugins.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1fb08338766ec295c6efb4a3d456f3c9d0d1ee6d882b377df3e22b7c71265320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=22623
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:42:29 GMT
server
cloudflare
etag
W/"209672ea17ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SoRW8JF2uue1KnraasC5yHQyAiiUc5mMZpmA8johisVbZUj8vTOw1r3Fc8SwCD3lsbRmzliRIcrgtI0tUoUp88UUEOAZcj16PKDFMHRfQYYD4A%2FTKCkR2OQ8Nnln5vn4ZxxkqLOVlZ8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fad7bba4-FRA
animate.css
refund.tripshield.co.il/assets/css/plugins/ 		44 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/plugins/animate.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8992882b548461f80c8ae3ffbfb873fe5e0a376d029fcf9a411326e8ce568a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=59837
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:46 GMT
server
cloudflare
etag
W/"403d43c18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTYcRXJ1%2B8EZ8%2BVdnU8wC9VH2byt08N8wn6NiwAhNfllWchp5pWzHPgcHXmiLoGzvkNreLJ94Spmq5N6sYEgKDfSDYh2tH0YeoErTs8ogviA5a%2BUUJb0X5uaTYVSEwpOwTVJT0EnU%2Bc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fadbbba4-FRA
box-shadows.css
refund.tripshield.co.il/assets/css/plugins/ 		931 B
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/plugins/box-shadows.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ef9a2be511aa1ea67388df0dcc91eb309c61f7820379f12ae0929409faef0244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=1418
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:45 GMT
server
cloudflare
etag
W/"010b33b18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXclxkvMEOj48lThHHKuUndin%2B3qh7wiBc8qEPJPZj7sp7kjQ2%2FXi4%2BTnxVJYKvXM2ORuW%2BBZr7970uGdbOInNa%2BKXOPmllRM%2BHL95CjKU6NtkSBoOYMzYofaO0p%2B95FezJVIIZIdL4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fadfbba4-FRA
style-switcher.css
refund.tripshield.co.il/assets/css/plugins/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/plugins/style-switcher.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fddf3b8ac70e045fae5c928c659106d6c93d03b5b0967f1c5dcf40eb7d981efa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=3885
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:45 GMT
server
cloudflare
etag
W/"d09ab23b18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BO39VyvbCeyqmmaFY%2F3JdGXKCKiei0Gu5%2Fwgk5JT5Cm%2FZbITwMrpqUNRU%2BroaRk6rCKo05krqUkfYg1PUlF%2FUDdB4%2FwZuQ2UWDdvBBqvyjEHuT2w0A4A3uxTGH%2Biui1OQtFNnn0WEg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fae1bba4-FRA
header-default.css
refund.tripshield.co.il/assets/css/headers/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/headers/header-default.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a196804e86653cae4c24ca7e8cf5430dd4655cb2d4cd0f99d2fa9ee55b4bb924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=19982
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:43 GMT
server
cloudflare
etag
W/"40c94c3a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pb7yebk39Qsqm2Dbh8oTqp6XWZXs34q0CwUXfPUxOMaTg5wbEF4hcSHT2R%2FS5XM0rlOA5loDQGNb1VjKW%2FrD83yki3LjqhnJhR8ZLWnHqyJqSAX9XEV8oxXgV%2BiFxCErSpyGGRAibNw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fae4bba4-FRA
header-v1.css
refund.tripshield.co.il/assets/css/headers/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/headers/header-v1.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
99aa12d17dc243be816b927d3ce21e5ef79c0e29820451ba652e80327ee99123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:43 GMT
server
cloudflare
etag
W/"60c4453a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mRQS3wABiWZy0UaQK5jfJq7Nlh1UQVo3SqB6tgv%2BBWTy1tD05ZzOo5mZRKClGdiiliI3ZFFVOFWfV05%2BJfH%2BNbX5vajNWkiJBJbjtxs8sp6%2BI%2B2RGX3rhJWzBkvvG98ZvU3bc%2FF3YG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a78fae6bba4-FRA
header-v2.css
refund.tripshield.co.il/assets/css/headers/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/headers/header-v2.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
adacc9194e8734f12d9e5cb92a5092cdfba8102a6f304720e14eb9a6ab2b883c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:43 GMT
server
cloudflare
etag
W/"80f44a3a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIHrdsph%2BU16tmO8aKrnKYxYqhyORuZ03EmzBPY6Vv4SPoT6hoZOVzhpk%2FVtfLIKZYaOqEl5T1tplKH6HV9HEDudPtrRcmzdsGxipYJyqiL0d4z3ZqO4ptCmEn9Y7wJD8L8KeIGbwpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a78fae9bba4-FRA
header-v3.css
refund.tripshield.co.il/assets/css/headers/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/headers/header-v3.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
add0b2313783b71a70510b097826b8a4b0d98696e384a0ef83f4d7e904bbfa14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=16929
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:43 GMT
server
cloudflare
etag
W/"f06f643a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxMXM6se9qLUo%2Bz1%2FjfFWwLkPEhRmUzw7lCG7ViIrLmVQR9eQ3Y8TtT4LSUhKZH6E%2BM6%2Foq6CvNzgBEtNiooYmLABqY7H%2FesxBxQeQvGLeAo9mncOZwBk4861srj1dKLG8e0J%2BPX2Gw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faeabba4-FRA
header-v4.css
refund.tripshield.co.il/assets/css/headers/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/headers/header-v4.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6b869bff4f249ed49127909e447529a54d6cb2f97e8603d4d10ed8e4746c6606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=20617
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:43 GMT
server
cloudflare
etag
W/"d0e56d3a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmJx9cAmhzarK3RGFmB90afhIHOLrg626hYzIAsuVD5AIVwiLeVutxbTvbhB9D8RCPMrLwoJ0E5nPfiwP%2Frm74YzjNXM%2BztKGVSNKaLUp3aNgdyX9YJwVUTeRU7EAOe1%2B%2Bi6LXjhdus%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faecbba4-FRA
footer-default.css
refund.tripshield.co.il/assets/css/footers/ 		1 KB
989 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-default.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d8898b66d02960cc3b7a9a186ba9ff9b52f20306ef05a4876a15e0f2ed831cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=1901
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"10cae53918ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGMSzMioFjROm425%2Fq9IxfWGjViZl65776wAwS8hTtpHn6fqnOHXKyD7r17u9NfO2tx1lQT%2FM4zRs2kp622RPo7l7XROgUQdQVhmoNpVIE2mf8wNYlX9WypyldanL%2Bih1Uf%2Fxowed7I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faeebba4-FRA
footer-v1.css
refund.tripshield.co.il/assets/css/footers/ 		771 B
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v1.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
783caaa29a03b02d593699ad95dac5c1b061c6c0ef6d144bf33118bba8582396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=1072
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"5084e13918ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14Ckztng72lm0l6RaUy3PXxuAXt%2FKZaNQ21HddiBnqKFUXYksWwbmpJzQaeluuG2SIsy4%2B4DRSFy8%2FLHnUiu4srL9MxcoMFOpGn%2BGj0PK0DskTDd%2FKMrYY7FrnEETDpKEb8bU%2B3Pa3E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faf2bba4-FRA
footer-v2.css
refund.tripshield.co.il/assets/css/footers/ 		517 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v2.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eba581ad883df3f1d96c816112ceb93dc5467256fc46a9ebdec7bea15f0fed95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=769
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"707ee3918ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0TyXeHlohESLJ4G4SHP04LjSDTZpulO2tf0JMLezwyCVk9UbWoLCd5wjoTdyZySYSXN%2BuqOi6kbk6aj2uuzzRKLjmic0WqSRuKv6emEA4M2311gTAz0WhDXciWi5m6rSx21Orc9fCV4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faf6bba4-FRA
footer-v3.css
refund.tripshield.co.il/assets/css/footers/ 		578 B
833 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v3.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6ffdff015e43c928de256bdd4b9aaee625e58d3eed7f2dc289bd7920a9d6a727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=789
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:43 GMT
server
cloudflare
etag
W/"9024883a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0qPiyWr%2FoqrK24ZzD9OGfBjTnx5nRpRQX%2FKkfSoIfPFVKjUHG%2FosTEjpx0jJr8YnPrJ6S4vVqmEB0xu0cfvVWPHbVuDUF3cEAKgg94DEMBRA5cCsy13wIKQ%2FwQ21APEmaLyhHYY4FA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faf7bba4-FRA
footer-v4.css
refund.tripshield.co.il/assets/css/footers/ 		1 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v4.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b2a2a4884c85fba1f96ac8dddc4391f29fda25d7a09b2d00efcdb99fdf238674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=1510
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"b085f33918ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37fcFdc28HxlNxzLnaCZ1Ab%2FbwLEFT7Aohec5NvQt7sH4WNDs025dTvLw1E8ovuFgs7LRUiwheQCOcC7E8wtfG73pn7ZubBdbNB4I3YGb%2BtNy%2FsHpG73CUWRhEZWgz4jNjjK2sO9llo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78faf9bba4-FRA
footer-v5.css
refund.tripshield.co.il/assets/css/footers/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v5.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c4785ca980c3035f06577ac9d6ba66abbe1fcdc7ea92dda258b2f62ff3212108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=3440
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"f05603a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXgeAFMtnqRco1hSH4UFCvWWb3dKd3%2F%2FOdhK%2BA4eoZ2Yq9hv3XUmJ13nt0vh5ZV63Hj7VmTZOwAdmvrJExjwnjug03d5oljjOcjyOqoVqOTQsh3N94QyV8EcJU8jTCuTPreBY1EPOn0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fafabba4-FRA
footer-v6.css
refund.tripshield.co.il/assets/css/footers/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v6.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8231730de92dcd618a552278aa505517b5e51962b19c5a02b2173bcc785519e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=3170
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"c070fd3918ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lgaBmIybamPO13wR%2BXjCPoTPF2k5JSufRIDsISJPQwbIJVjTUKGjy5%2FOEQ1vOaEX6M8gPInDfMUGq9q872RT%2FpQoWPK%2FtscxiQLqDArJQLiOwTTBXtXNl6kF2yhYOCzVgu1hFiepTuE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fafdbba4-FRA
footer-v7.css
refund.tripshield.co.il/assets/css/footers/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/css/footers/footer-v7.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3be41e97b8ea0407443ab18f0ca53b320312ea3688bedd4b52cef538c3783b7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/css/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=2418
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"d07923a18ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpLcUJEulnKpzlx19QzIzp77SHm9J4e8yHwZ%2B67UUn9eGcaxzdhvQzaNyTP0YiFcaecASlVr6W9qCdJHFc6m2smVerd%2FbqSg59hqbjL2zZV5C%2F91fNASQk%2F1QZclor6ZWa%2FJwRgC8rY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a78fb00bba4-FRA
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
26ab2fd4afb5c57248a2007a588878f05464d27dfa0d46a35cadcd00b2bb8972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 13:03:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 11:33:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 13:03:25 GMT
list_pict_10.jpg
refund.tripshield.co.il/images/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund.tripshield.co.il/images/list_pict_10.jpg
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/include/Styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
180253d2be00d351fb85fc738f840e1000f389df87a23ed082d759a71fab86e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/include/Styles.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
355234
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
h2pri
last-modified
Tue, 04 Jun 2019 11:19:32 GMT
server
cloudflare
etag
"03add61c71ad51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LM8n22jFoUtN%2BdYEvhtnERbHeAcdWko0U7SxyFkMMB6tMOivpCmdeWr%2FrDI9g6plCd30hlrPkTQVQWOkJSq01B%2FjJLqXmz9rMsxLOW3j%2FY%2FpVHCvY6dArjm%2FRbK4wye5xFBia4HA9II%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
892a0a7e9c5dbba4-FRA
accessibilityControl.js
refund.tripshield.co.il/assets/accessibilityControl/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/accessibilityControl.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0ad27b38791b3b52355793b291fd4d556a117e28f942778179c2504b7563c2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 24 Feb 2024 12:59:04 GMT
server
cloudflare
etag
W/"2826843e2167da1:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEj0A8wHWoAbfN3VVH%2Fz0W%2BWhB3RW2yGrhrqLa7me9klNQQU7KiCskA8uMw8Dhixrufqwkbdz9293r8gg4mpdFd0KxuXbD%2B8GWrSHOqWEa93hc94P8g7BLlAtSsjEQtK%2B4CrSMzutt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7ecc98bba4-FRA
webflow.js
refund.tripshield.co.il/js/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/js/webflow.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ccc70f97cb76eb22f724fa96bc4df02de3bf17f59a6340dcef4030d66b14ecc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 04 Jun 2019 11:19:32 GMT
server
cloudflare
etag
W/"03add61c71ad51:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTbPVaRHqSfRS5sMLYt%2BxpQySWFP4J0uTIYArUSJRlVUptn1y39EJyFcsjJ%2BQ1kXLrC81Gh%2Bmq6CV8uKGLyoJdowsm%2FiAxjAiHBz8NmkvTjicSgWPUbyWXM0PaSnHcwgriKsZE%2FxGkU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7ecc9dbba4-FRA
bootstrap.min.js
refund.tripshield.co.il/assets/plugins/bootstrap/js/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/bootstrap/js/bootstrap.min.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:54:33 GMT
server
cloudflare
etag
W/"6021f9a19ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMc11xPDw5A5kfawx2YiOsQJDfBunm8hZXhjIFHEG0dFmHb6sK2hkfMmbsLMVxiZK%2BAS1r1vSr3Z31rneo3qonUeKNvU29K938zNuJDZRfQ5h3uBS%2FspjUESUQaExrj4lId0z2JRhz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7ecca0bba4-FRA
jquery-ui.min.js
refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/js/ 		88 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/sky-forms/version-2.0.1/js/jquery-ui.min.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ffeb4502ca9f15ef2466c7d4b412e680216e45d70db6a3286d66fee0dd681562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:58:59 GMT
server
cloudflare
etag
W/"506acd381aecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cK0t1nTQ10rSks1wOQ7IHZSUuXV3XX6LVn80k3SSWhggTo1QEpA9q7xYIR9%2Bo2oqC8Pu1poMQhUdEhqGj9ct0LAeIQHGiefEyzrnynHsWrifCHSilpI92v%2BPR9cQBtXlwp1xm92%2Buxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7ecca8bba4-FRA
jquery.marquee.js
refund.tripshield.co.il/include/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/include/jquery.marquee.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
362b4d48c28a47ce0aaefc45a632afcb348ed7bf7400fe7005c533b4172aa610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:40:04 GMT
server
cloudflare
etag
W/"80bf3a9417ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhOWCOzZsloekZ4Ar9ipwjYOvYmNi%2FiiKLOdnanMRpniaGra%2F11TyoZmZiySkEMb6bQ0XqItHQgyEeTa2wD62%2FqVxMzbSLzVKYDZhiWamKax11qMeyR0GpST%2FCquiyyDAI9XiybWeQk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccabbba4-FRA
jquery.sticky.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/jquery.sticky.min.js?ver=3.7.2
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jKilRDSMVtQbK9cr3%2B%2FsWUj8rJW4Pnj8EJw8oDfTcr1qTZHACE3HL0H1KPnGY9P50QZ%2B26dU4nd6eB9hFwHuLXUcZonCoRRPdMGjdG3FTPZ5Fjb9uaQad5OBziQVCWnKtrtwFCJ%2BHBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccb1bba4-FRA
preloaded-modules.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/preloaded-modules.min.js?ver=3.6.7
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
97d32475326d3e98970d7d253c023f9f74979d74c6a39a98c6b4a5aca290f4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dKhicZ0v0eTfP4%2B3T15dBdqjuJqkwhAQVmMVbUH3%2FFtSK9TP3U9YD7feBbpjA4CU%2F8wu0e4d92Ds1s3rUxQQjkEgfkqC356hqnaTA0expsAlUg4G50mhaD5Zuirna0vZHChKNR8vjWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccb4bba4-FRA
preloaded-elements-handlers.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/preloaded-elements-handlers.min.js?ver=3.7.2
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9e426b06ebb2fe02a8f495c8d6e2b5aea53f3446cac8aa0fd2cc0bebe366676a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjm3cpzyw0%2FgQ%2FvPccm4PU8pmF4NqawOPL%2Bm8INsnd560ByIgYDKvc8SHTHCxTAWA6xc3oNA%2Bpr8E5SYh36dugAmDBkB1DowSi09EfsejkRKbVczlzD4vYtUxNntT1A%2FkoewbHvsKRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccb7bba4-FRA
frontend.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/frontend.min.js?ver=3.6.7
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0f0d6d71e313ae3ee40517ae4df4806d42aacf7720c5c0220506c247796c4f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEQyY2i3TERFBYczzTyzF%2BZAAHEs9Gl5FDVLg46YMtMzGh3QyRQhS70fjK%2Fr%2FwE9SU%2FmPwZ8YX8elS9Ym7XK87Jl7ftJFIAO7C1j12oXrrhEGO7EBBaTP7b4b1LuvQH6qqhvz%2Bwg19Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccbcbba4-FRA
profrontend.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/profrontend.min.js?ver=3.7.2
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a2cebfe3738dbd10570bcfea24eb240323f7f03312fce23f999ecbc9fb3cc6cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2hoARSxWTnp1HA1lpuwhKRDP0%2B1COgTTkvJ2ge7%2FCPsp9tjCsqw1Vr50HVvp2nhEwDmrzulWsygpoOG5GMaVrBIjvzcVTtFr9IrDyn0t7j%2Bdbcvq4%2BTfKeoPeLVBuvnpEjb%2FaZ3hH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccbdbba4-FRA
i18n.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xVm9ZnDvw%2BEb9X5Gv1A73XV2kOh%2BjGl18qFfPlm6crcLawzHUxPKcvpfXw7nm3BlGuk9N4l497mukIMH3%2F8AFyPTOUPyNrkGFXFbPB6BUYK2C3iZK1XZ3AkU31Z3VjhXXA7siaQFy4c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccc0bba4-FRA
hooks.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sXBX00PIYVDPCGYCz9zpVmHG1BcOpKvUHtzRiPDGKDxib8LlaZRrjZhcpRRGguI9p3bajHG31gjLE5oCKoZsphSw7m2%2Bm9HFzwf7RWX72ALE2Zg%2Fk8Eveey5sq6P%2BWluIMKqzX9xMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccc3bba4-FRA
frontend-modules.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/frontend-modules.min.js?ver=3.6.7
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
133f35fbfc23c0d8cf814176860427bd6a02da9278de3de662da11d9602d8582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PB4J%2BcfJ%2FwQ4JEI%2B0yxNGUgrFQNbj1UEwbWye3uNFxdrPaIJ6aYpVoOmPCUwrW5J4HosBEdqvtfcklJmqTu8bSGMR1mSKrpcmXh%2BoiKcnuUmERfI2vW77Ux36kJBRUL%2BMvH84ZVLSjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccc4bba4-FRA
webpack.runtime.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/webpack.runtime.min.js?ver=3.6.7
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e31e1cfb470365c46c451ae94f3a5f9bac9df96a0f403f044f851228a5bf1667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D0eXhRNceiiiCv8EHGmkGr%2F15M1Qk0Z9Y6aIgAO83UFGgtnoZTT1nJoLBjPlYAXUewkharyfnKG%2F6aWEkEHnWHBv2xNtiPP3w26ztVni6Cz7LKkIfRKLJw1k8yWu9Vh0WmIjO7bpI8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccc6bba4-FRA
webpack-pro.runtime.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/webpack-pro.runtime.min.js?ver=3.7.2
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
866d4e109d45cc75283a55da524d647bfb8065a7f30ec23759aef9af3b535c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OdvTZNng%2Bffl%2BCCWnX390I9A7ZW4i8X%2FVIy4vCS32TziLHhNR0d9g2pyVi%2B3WBKdZt1qpjgx02SnUY2bimVI9Pbe0tl7qZczWtUYDphHFx7XMZhiDiQsPT5Cr8rGeua98%2BhiiCIzE3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccc8bba4-FRA
jquery.smartmenus.min.js
refund.tripshield.co.il/hybrid_wordpress_files/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/hybrid_wordpress_files/jquery.smartmenus.min.js?ver=1.0.1
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 11:39:13 GMT
server
cloudflare
etag
W/"80c68423f7b2d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJTf7Z61ZUNS%2BCg7xGsnivDwXo1Lwd2SPSfCMRySlUdL0nYF6AFko6inUyxuQsqDpe5%2B4j%2FQDdkz8CMevEGAJFjnXbgvx2wiQMa%2F%2BGo1JI4pkV17PHlplpEsKZrUwvb%2FezQKYH88pZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccc9bba4-FRA
jquery-3.6.0.min.js
refund.tripshield.co.il/js_new/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/js_new/jquery-3.6.0.min.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 18 Aug 2022 18:30:36 GMT
server
cloudflare
etag
W/"0aebb9b30b3d81:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fu9jDTjsxyAGHZ9HejjbDeXKvo3%2BtPPej19jfRE9rr5N6iRpD%2B854iR3BlLliYv7SvNGFwB59Tny7J847vE3ZoovOoV22FgJS4vRLDg314%2B6ThuH34QyHUmsPx0MKrHZpD3T24URcTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7ecccdbba4-FRA
api.js
www.google.com/recaptcha/ 		1 KB
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
603b66ab7923390d2daa9866598b82ba140f958504a1556b92d305352157f253
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 12 Jun 2024 13:03:26 GMT
label_question.png
refund.tripshield.co.il/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund.tripshield.co.il/images/label_question.png
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9fffcd097227a375f06b8d41232b45f0d0e93664a2b8623200f1340eeee32971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1357
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 Oct 2018 08:01:00 GMT
server
cloudflare
etag
"06a4b36f6bd41:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzJjfDMpWVJVEnXEc0FbTYTivm9rHyHEFYnxKjyhMpq2dED4%2BjY4OQqYBrOAB5b9ZnVAkISBSoe6DYsOlr3NIFKri1v9WHzhiaS%2BSRAxbZ5hNrBghC4azLvZWw9x4CrUtjsUZvQ47b8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
892a0a7ecccfbba4-FRA
opensanshebrew-bold-webfont.woff
refund.tripshield.co.il/include/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/include/opensanshebrew-bold-webfont.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/include/Styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
22a63798dfc04117296d0d0aaa9e426e55d6bd43aa7e2f79d898e76adc918e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/include/Styles.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:40:08 GMT
server
cloudflare
etag
W/"c0b34a9617ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIendjqDAFNsrHL7Z9mWwAiGdC2sZyzmGGm7a8nLyNa5yBoERm2Dw5JMVPmzgH4y9Imig8j05v1D%2FZt%2F9uotA0vxSUNVnlY%2FZV9%2F8yacA2xLXKoM%2Fdq2WnMQna0wDhxJmI3%2BGnQ%2B7as%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccd0bba4-FRA
opensanshebrew-regular-webfont.woff
refund.tripshield.co.il/fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/fonts/opensanshebrew-regular-webfont.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 22 Aug 2022 14:36:42 GMT
server
cloudflare
etag
W/"039789834b6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxV7nffkbkkaWyf%2Bnm7NZtgSggqISrCvfE%2FNju557iECsyUTwcfAluJl%2F8p3QoGZxx2vAeWEN2G8HRasHgFd3OZiRGHteKM2qWLsAJibgyZMXfV1ByqQ%2FhnVIFcnchumZWpomsch7Jc%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-apo-via
origin,header
cf-ray
892a0a7eccd2bba4-FRA
opensanshebrew-bold-webfont.woff
refund.tripshield.co.il/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/fonts/opensanshebrew-bold-webfont.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
22a63798dfc04117296d0d0aaa9e426e55d6bd43aa7e2f79d898e76adc918e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 22 Aug 2022 14:36:38 GMT
server
cloudflare
etag
W/"0df159634b6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwcSknGmDdNb94BrX39GdBEuK%2FBAMQRw5v1Kz3RNMR8Wulym5gYVNnT3yZG75O%2B0U3c8Z9iYvhA6PScBdatTxMYxqgQgdhTQYXQGdfDGWpZ61Ar6S2xCRrf7iTp2q6R8jqpu84vdUuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccd6bba4-FRA
opensanshebrew-extrabold-webfont.woff
refund.tripshield.co.il/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/fonts/opensanshebrew-extrabold-webfont.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b032e8a42aaae0813fac1260d55516d8f1fc8757603269c5508c0ebe70eb00d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/css/tripguaranty.webflow.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 22 Aug 2022 14:36:39 GMT
server
cloudflare
etag
W/"8075ae9634b6d81:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N1LI9iUDI0vqb65bKqbKNAjxkYwvopZOiGqSb%2B5fqkATxnADEHkiXXujk0lBMl113hxiu61yyygcxJ7XpbMCY6aCXYxSfPm%2FMA39NbgkczwYEbDG6VHW4NSLaLy1pCN6hx4Q%2Fu3U8%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccd8bba4-FRA
opensanshebrew-regular-webfont.woff
refund.tripshield.co.il/include/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/include/opensanshebrew-regular-webfont.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/include/Styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/include/Styles.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:40:12 GMT
server
cloudflare
etag
W/"d0a0189917ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJ6sHX%2F%2FT7XLJHDhCcHAXi97kl789MdHQC1Z7DV2S1V5RhWt3lhd8AJhd%2BRz0KXaIBOLFeZE1QyfALA9QCdFWU0uNeBDRNsQSVIaUfWM3MyzEcbB9crfK1yaRJTy0MSAHtUt9hLV4E0%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a7eccdabba4-FRA
truncated
/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95ab41058c8238f81225af3ae634b1b21859666b61c251536704ee3043ab3648

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
gtm.js
www.googletagmanager.com/ 		408 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7LBLV
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
275baddea808228f57a8142752f5f0b94a61179f2f858e5371e623f6f65bb869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123980
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 13:03:28 GMT
favicon.ico
refund.tripshield.co.il/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
df0fd3e2d893df46a9e50ce4717c6324e0fcad3310184bfbac4f8d3f50edb6d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:36:46 GMT
server
cloudflare
etag
W/"507b701e17ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jddPhS%2FGnrWdhiRny3tSeYp9aJp4cCWgeLRZtYc2qUJy%2Fk3rTc1jyZ%2BOGJbHMdWD70o8rPWjNB9BI62Aowukgy%2FDHwQpKy90ckhxJEF%2BeIGpbSQSN3Vk1XZrc8WFM2HT2CuYHqt4Qlg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a878a71bba4-FRA
jQueryRotate.js
refund.tripshield.co.il/assets/accessibilityControl/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/js/jQueryRotate.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cfd196daaf7bf2065927411b40f3199ec8492abc33efa6df1f54fcdde484313f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:42 GMT
server
cloudflare
etag
W/"3026ba3918ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fGzkQTqPS0eFJ0Mjuob0aMk9kq%2BR%2FylzWND897aeGtnJ7PMAx82ZG2I7l65zeiKpdSMIybSdbxH%2Fhl0f0RL%2FL%2F5J8YZRgj4rmWeb5R0f3QBk5pVNLcDAHVNWh4ZjnJqKw59R4vQYVH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a87faecbba4-FRA
accessibilityStyle.css
refund.tripshield.co.il/assets/accessibilityControl/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
84b79f58577234ae9215a5bb7538da49f37591ca4fe88026d4712bda0e7d2069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
cf-polished
origSize=6584
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 08 Dec 2021 09:44:34 GMT
server
cloudflare
etag
W/"305be43418ecd71:0"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQ9Ikd1inWz14qX%2Fff%2FCxe0lnUpozk0G%2FG%2BeavhVLeTBC0P6%2F6I4WgWABtdLm1Uba%2B%2BEdqyy%2FjqPrX49Uu%2Bv7xaAi78cVnZoSIwO%2Fmjlt74iEFelRoJbr8Y9uzgsKBL4BMPY3zsMqrg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
892a0a87faf0bba4-FRA
ArrowDownSmall.png
refund.tripshield.co.il/assets/accessibilityControl/images/ 		929 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/images/ArrowDownSmall.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9a2bc40ded91476e1d78ff2aca6dfade533a9587d7dc0081699e081dff242c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
929
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:41 GMT
server
cloudflare
etag
"d07393918ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKZjzJ4hYIGoYXWIL8vCYUS823%2BkEdPGiIn13e%2F7tRgAMTGsNaw%2Buq6wKSren9kioPxkWGvFHTc8bt4y5EAqkPdpnPUGqA7EfFlErlfi70Zl3lw8sfvhHX%2F6lG77lwmJENKFv1DHKIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
892a0a87faf5bba4-FRA
cyberserve-FooterIcon.png
refund.tripshield.co.il/assets/accessibilityControl/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/images/cyberserve-FooterIcon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1cef6af3b594cbe36fb3ac3a7ebd9858c52efbcdd201429a7f6946f1305d21f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/onlineClaim
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1869
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:41 GMT
server
cloudflare
etag
"a0e0d3918ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZ48wQpAxI%2BslISCWso1xJ2wyyfnOCsks7X9s%2BveREhi3U9ofgyByEDL5YSOoedLnRgqrdVjIYabGXJu%2FUmaR3we0rPvZ36vYUAQ%2FEnUSjQyrfK9dnVMaepzJ0fL1n1NXqbXZeI%2Ba%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
892a0a87faf6bba4-FRA
nr-spa-1.260.1.min.js
js-agent.newrelic.com/ 		106 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.260.1.min.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f941e01a27c4568da7a81f5cb516b5d2056b14b88cccf3c53f647bde767e0919
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Yrbdc1GL627m.B3Rf5_UelmBfBfYfLKU
content-encoding
br
via
1.1 varnish
date
Wed, 12 Jun 2024 13:03:28 GMT
strict-transport-security
max-age=300
x-amz-request-id
3WD6X09YRHHEMCX0
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
34121
x-amz-id-2
3BhVwmq9CQ8CeN8XJmOowkhg5OhFAsl8XmZctzraWEsCsXNphdcWlzaG4l5iqFxIWd6QMXadPxOO4T3X6qpIDA==
x-served-by
cache-mrs10566-MRS
last-modified
Mon, 20 May 2024 17:44:49 GMT
server
AmazonS3
etag
"1221654800ab387071aa9e0bf5b47dde"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
16162
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 		536 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__iw.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
6603e05909c6b2b05bca9ea8ac65eaa5c314ef2be73017105b2037e245d8d39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 11:33:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210805
x-xss-protection
0
last-modified
Mon, 03 Jun 2024 04:00:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jun 2025 11:33:23 GMT
fontawesome-webfont.woff
refund.tripshield.co.il/assets/plugins/font-awesome/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/plugins/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/plugins/font-awesome/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/plugins/font-awesome/css/font-awesome.min.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:54:41 GMT
server
cloudflare
etag
W/"70c8259f19ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cDFQHvUMrSMb0PYR1KptNNsbHiAB4U0vFI%2Bgxn3SHR2Lh4uEeNv630P9pCIO%2F4exHQpRTJqfaIzqsbYkbjc0ulIRLj7FwMGk%2BbLvj7%2BQBRMB1%2FkaRwgFBCQV%2Faf0HXi4gi2936jDik%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a885ba2bba4-FRA
NRJS-a8b0bddc1eae4961082
bam.eu01.nr-data.net/1/ 		150 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-a8b0bddc1eae4961082?a=473052075&v=1.260.1&to=MhBSZQoZDURUWxVYVwtacWIoVwxZWVEPVFsJFFlcVxwGUVRNDUUWBAZASQ%3D%3D&rst=5409&ck=0&s=2e2af3e00734fe4e&ref=https://refund.tripshield.co.il/onlineClaim&ptid=1af19d27aa0015ca&af=err,xhr,stn,ins,spa&ap=7&be=1575&fe=3243&dc=1893&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1718197402987,%22n%22:0,%22r%22:1,%22re%22:530,%22f%22:530,%22dn%22:530,%22dne%22:530,%22c%22:530,%22s%22:530,%22ce%22:530,%22rq%22:533,%22rp%22:1575,%22rpe%22:1817,%22di%22:3460,%22ds%22:3467,%22de%22:3468,%22dc%22:4796,%22l%22:4796,%22le%22:4818%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=3450&fcp=3512
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
8d05251a2e6a3bb962761f98fb85e8af4a19b38564e59f199ea030ae067b6fab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 12 Jun 2024 13:03:28 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Transfer-Encoding
chunked
x-envoy-upstream-service-time
4
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://refund.tripshield.co.il
access-control-expose-headers
Date
access-control-allow-credentials
true
CF-Ray
892a0a8d2845a040-FRA
timing-allow-origin
https://refund.tripshield.co.il
js
www.googletagmanager.com/gtag/ 		320 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X6TCBL190C&l=dataLayer&cx=c
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
61ed97fcc6d908cba4e38d0b64fdbd9ca989e7acbb796d0a16c8a08d5f5af7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107435
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jun 2024 13:03:28 GMT
destination
www.googletagmanager.com/gtag/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-935259433&l=dataLayer&cx=c
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e4d0f5ce39899d6f527f347d919e0e8f6981c96a409afd78e5e645fe0a3e373a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92804
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jun 2024 13:03:28 GMT
obtp.js
amplify.outbrain.com/cp/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d1742437f4249d62b230420398cf6c027d28f11b62bae4a731cd10826bb34dc6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 13:03:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Jun 2024 11:13:08 GMT
Server
AkamaiNetStorage
ETag
"582c5442aa270e6339a6ebe4378d12cf:1717931858.466651"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
AS
Cache-Control
max-age=1200
X-CC
IL
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8571
Expires
Wed, 12 Jun 2024 13:23:28 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 12:34:31 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1737
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 12 Jun 2024 14:34:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 13:03:28 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=12, mss=1380, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
homnYvfCSCEIuBXNCIph/v4+c+ksNs++9JGRrF9I5+7mAndHWrhLAeDIxPvHlXhNHOcKudz/AQrRPxoVfHqhdQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
cdn.popt.in/ 		228 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/pixel.js?id=523aa25bf2bcc
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b1334c8028eb18cd43edaedb5c612f6997c679730cdcf39fff077d3d8565c42

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:28 GMT
x-amz-version-id
hYeY.BQoYW6q7kFQV6chPtbueb29cfV4
content-encoding
gzip
cf-cache-status
HIT
via
1.1 ef674a9df28e4fc8d944ae07304fa954.cloudfront.net (CloudFront)
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P1
age
5967
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 12 Jun 2024 07:23:52 GMT
server
cloudflare
etag
W/"cc539dfe3d3d4e03c7d3fe1e39eca91b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BN2Aqrz%2F%2BptVXc7SeyZvLZPK7dRD0gZm0GaO5owAXcrzbqqAlUlY6cN2v8QnuBqeQZM9IYWm%2FUw1mvErXf8k0%2FKGXXIegLCtxD2LEUWujHGs0o3bQeBxpM16HHqwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
892a0a8c5dfa8f34-FRA
x-amz-cf-id
8NPOjyMM6ME-s9aRiSJWDM8M3ozTvikKF_9leg9_VSSgPbQmeKbXYg==
anchor
www.google.com/recaptcha/api2/ Frame EC95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdiA1IhAAAAAEPlwaEydJqEV4KqsZa4FyXP6UpM&co=aHR0cHM6Ly9yZWZ1bmQudHJpcHNoaWVsZC5jby5pbDo0NDM.&hl=iw&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=normal&cb=o1zt1s73f6j9
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SwyKGPSUC8xft_eFg0VHnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SwyKGPSUC8xft_eFg0VHnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 13:03:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/935259433/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/935259433/?random=1718197408766&cv=11&fst=1718197408766&bg=ffffff&guid=ON&async=1&gtm=45be46a0v896122895z871927965za201zb71927965&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&hn=www.googleadservices.com&frm=0&tiba=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&npa=0&pscdl=noapi&auid=910245556.1718197408&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
7633ffc8290160396d861d65ba7d403c0b72efddc87a7857d57733b3c94eb22e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1460
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font-awesome.min.css
refund.tripshield.co.il/assets/accessibilityControl/font-awesome-4.4.0/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/font-awesome-4.4.0/css/font-awesome.min.css
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:54:23 GMT
server
cloudflare
etag
W/"50cc69419ecd71:0"
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no9P9Dgm8xuTyUFN9m1Va7cHDQgoVUbCZHR612B4wVg8JMg4NicNReamJkbZ%2FSAW%2FfSACMHIR6UaWETZGhhVLhtU7yuciNHSmulbnygv5K3ipfv2cP4XKxYZe7xSg15b%2B9zKm8aLR4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a8d6afdbba4-FRA
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X6TCBL190C&gtm=45je46a0v894750704z871927965za200zb71927965&_p=1718197407801&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1499357392.1718197409&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718197408&sct=1&seg=0&dl=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&dt=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5927&_z=fetch
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund.tripshield.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1267645847&t=pageview&_s=1&dl=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&ul=he-il&de=UTF-8&dt=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1729263338&gjid=444958316&cid=1499357392.1718197409&tid=UA-59275324-1&_gid=1569143924.1718197409&_r=1&_slc=1&gtm=45He46a0n71M7LBLVv71927965za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=344503996
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund.tripshield.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
blobs
bam.eu01.nr-data.net/browser/ 		24 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/browser/blobs?browser_monitoring_key=NRJS-a8b0bddc1eae4961082&type=BrowserSessionChunk&app_id=473052075&protocol_version=0&timestamp=1718197402222&attributes=entityGuid%3DMzc3MTQyNnxCUk9XU0VSfEFQUExJQ0FUSU9OfDUzNTkwMTMzOQ%26harvestId%3D2e2af3e00734fe4e_1af19d27aa0015ca_1%26trace.firstTimestamp%3D1718197402222%26trace.lastTimestamp%3D1718197407040%26trace.nodes%3D26%26trace.originTimestamp%3D1718197402222%26agentVersion%3D1.260.1%26firstSessionHarvest%3Dtrue%26ptid%3D1af19d27aa0015ca%26session%3D2e2af3e00734fe4e
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 12 Jun 2024 13:03:29 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://refund.tripshield.co.il
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
892a0a8f9c57a040-FRA
Content-Length
24
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
662519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27964
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15d95"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qb5hlr16b2tHOItCDAxMtGXimD7bwq7k8iBcpoHzGSnUAjW6amHzaDLweBD2qwGB%2BF1aqUFRGTdf7syL436PuiOQWvRlR8gGgOxnCb0yVfs25BB1O0QvmpXP076Z8bnzsWjvTOBt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
892a0a9109dd37d7-FRA
expires
Mon, 02 Jun 2025 13:03:29 GMT
unifiedPixel
tr.outbrain.com/ 		53 B
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=01252452427808748&referrer=&cht=gtm&marketerId=00491ed2690bf2f669a3acfb90f3def605&name=PAGE_VIEW&dl=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&g=1&obApiVersion=1.0-gtm&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 13:03:29 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods
GET, POST
Content-Type
image/gif;
Access-Control-Allow-Origin
https://refund.tripshield.co.il
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-TraceId
b2c43e4489b4f7cdccecfe36f5ae1135
Access-Control-Allow-Headers
Content-Type, Authorization
Content-Length
54
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00491ed2690bf2f669a3acfb90f3def605
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 13:03:29 GMT
content-encoding
br
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
a57dd5fd8d0329ef76ee6e5b2f4d2f95
Content-Length
39
Content-Type
application/javascript
00491ed2690bf2f669a3acfb90f3def605
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/00491ed2690bf2f669a3acfb90f3def605
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Wed, 12 Jun 2024 13:03:29 GMT
ob-sent-time
1718117686381
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
AS
Cache-Control
max-age=60
X-CC
IL
Connection
keep-alive
X-TraceId
c2a9e08850ba04c021f3f24316c51f
Content-Length
22
Expires
Wed, 12 Jun 2024 13:04:29 GMT
905649186218275
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/905649186218275?v=2.9.157&r=stable&domain=refund.tripshield.co.il&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
3a25692c69a3856f44621392fa93a9745f20b26394dc4a4e8ec4f22bd2ba593b
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Jun 2024 13:03:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=62, mss=1380, tbw=63951, tp=-1, tpl=-1, uplat=83, ullat=0
pragma
public
x-fb-debug
XfqXmb3YjBqJgg3yZdjrrQFS0bUL5QpTvn4AJJSfWoilpSd93MH4AJZ2XZzAEtikCdu2XHxq+4NBJ1vJdu5Wdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59275324-1&cid=1499357392.1718197409&jid=1729263338&gjid=444958316&_gid=1569143924.1718197409&_u=YADAAEAAAAAAACAAI~&z=1853502247
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.173.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wi-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jun 2024 13:03:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund.tripshield.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/935259433/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/935259433/?random=1718197408766&cv=11&fst=1718197200000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v896122895z871927965za201zb71927965&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&hn=www.googleadservices.com&frm=0&tiba=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&npa=0&pscdl=noapi&auid=910245556.1718197408&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL5uJSeEUpEgBvRm-YnGcquGOZobLAMQ&random=1003494043&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.il/pagead/1p-user-list/935259433/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/pagead/1p-user-list/935259433/?random=1718197408766&cv=11&fst=1718197200000&bg=ffffff&guid=ON&async=1&gtm=45be46a0v896122895z871927965za201zb71927965&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&hn=www.googleadservices.com&frm=0&tiba=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&npa=0&pscdl=noapi&auid=910245556.1718197408&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL5uJSeEUpEgBvRm-YnGcquGOZobLAMQ&random=1003494043&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NRJS-a8b0bddc1eae4961082
bam.eu01.nr-data.net/events/1/ 		24 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRJS-a8b0bddc1eae4961082?a=473052075&v=1.260.1&to=MhBSZQoZDURUWxVYVwtacWIoVwxZWVEPVFsJFFlcVxwGUVRNDUUWBAZASQ%3D%3D&rst=6330&ck=0&s=2e2af3e00734fe4e&ref=https://refund.tripshield.co.il/onlineClaim&ptid=1af19d27aa0015ca
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.85.3 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 12 Jun 2024 13:03:29 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://refund.tripshield.co.il
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
892a0a90de18a040-FRA
Content-Length
24
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=905649186218275&ev=PageView&dl=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&rl=&if=false&ts=1718197409525&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.2.1718197409513.391253485945716398&cs_est=true&ler=empty&cdl=API_unavailable&it=1718197409278&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1380, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Jun 2024 13:03:29 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=905649186218275&ev=PageView&dl=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&rl=&if=false&ts=1718197409525&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.2.1718197409513.391253485945716398&cs_est=true&ler=empty&cdl=API_unavailable&it=1718197409278&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x317054c1ca4b512a","source_keys":["1","2"]},{"key_piece":"0x7f58435cde804f06","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Wed, 12 Jun 2024 13:03:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=14, mss=1380, tbw=3138, tp=-1, tpl=-1, uplat=168, ullat=0
pragma
no-cache
x-fb-debug
MgW9rO+sa7IB9g7jYwjuwHkssirDlgPoH5jCbcgBybqGLv+tiIhVwVJOtrRMVQWpEy8q1V/76yT6oD5iRq39HQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
Alef-Regular.woff
refund.tripshield.co.il/assets/accessibilityControl/font/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/font/Alef-Regular.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c81d3d7e8a4c0c965e1cb88432fbda45813f8ec6e53e634ec7ffa08a8f403c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:36 GMT
server
cloudflare
etag
W/"10593618ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTv0xUyfR0GG7qkUSBKKYLof4J9DAgvRPLpXdgbwzSSqkpiR8ECOBrAzWu55KQgEBSGkvXce8fzvglIzqVTSS4kpHXVN%2FSBa2RPFi%2Fv4jgEKVc6LCxa0IgE3uZAKO2k4kmWiaRJTDsk%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a92aab3bba4-FRA
fontawesome-webfont.woff2
refund.tripshield.co.il/assets/accessibilityControl/font-awesome-4.4.0/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/font-awesome-4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/accessibilityControl/font-awesome-4.4.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/accessibilityControl/font-awesome-4.4.0/css/font-awesome.min.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:30 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
64464
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:54:25 GMT
server
cloudflare
etag
"40bd799519ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIZdhgPNPF3MvQG%2BFk0imAxRA7I%2B2kn8%2F24l54bqQ4etkOUCkpz5Np9XVvmmh%2FOyg7cNulKxhcVQr0VmKofaQW7bEnVq7AvyiyGbgMrE4OxdGSvzGiVKqvTByhoIJ8iJYQrLh8yJedE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
892a0a92aab8bba4-FRA
opensanshebrew-bold-webfont.woff
refund.tripshield.co.il/assets/accessibilityControl/font/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refund.tripshield.co.il/assets/accessibilityControl/font/opensanshebrew-bold-webfont.woff
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
22a63798dfc04117296d0d0aaa9e426e55d6bd43aa7e2f79d898e76adc918e86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://refund.tripshield.co.il/assets/accessibilityControl/css/accessibilityStyle.css
Origin
https://refund.tripshield.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
master-only
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 08 Dec 2021 09:44:36 GMT
server
cloudflare
etag
W/"2027723618ecd71:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFmceSoDNNnm5oUHuYKDOhf3iAgQ3oxixJd%2FhgZ29ZoIRplp1UzU5AbhwtfxJfJ%2BqULY%2BTMUpWe9yH7bJrPIyu0uyH5h0vqhrk5FhyKbFWONHrfFCSIDdqECVYysDlr6SOqQ0BP%2FrxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/x-woff
x-frame-options
SAMEORIGIN
cache-control
max-age=14400
cf-ray
892a0a92aabbbba4-FRA
523aa25bf2bcc
display.popt.in/APIRequest/ 		97 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.popt.in/APIRequest/523aa25bf2bcc?domain=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&referrer=&previous_url=&cookies=%20poptin_old_user%3Dtrue%20poptin_user_id%3D0.haezyepuqaw%20poptin_previous_url%3D%20poptin_new_user%3Dtrue%20poptin_viewed_session%3Dfalse%20&triggers=&cc=false&if_mobile=false&page_title=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&origin_landing_page=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&previous_visited_pages=&shopify_customer_id=0&cart_total_items=0&cart_total_price=0&cart_products_ids_list=&cart_products_org_ids_list=
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.10.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d390133f8f12c9376638e8a2562892fd106555441b99c635d167cef89aab60
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/javascript, */*; q=0.01
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 13:03:30 GMT
content-security-policy
frame-ancestors https://bc.popt.in https://*.mybigcommerce.com https://*.jumpseller.com https://*.myshopline.com https://*.myshopify.com https://*.grisynava.com
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dI18fchx26TSMeascZ1ihQ4EWv8Z78px0mUDq1gJOlx5RcrmLy%2BraYM40yMtC2xePFIPdQYjNsD6RRPFHLF2vfYQgRnH3Ux61akqRJ5w0E0%2FlHbEAYC%2BgnuZjJZ%2BKYuRv1I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, must-revalidate, no-store, nocache, private
access-control-allow-credentials
true
cf-ray
892a0a93efde71d1-FRA
access-control-allow-headers
Origin, Content-Type
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59275324-1&cid=1499357392.1718197409&jid=1729263338&_u=YADAAEAAAAAAACAAI~&z=840918157
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59275324-1&cid=1499357392.1718197409&jid=1729263338&_u=YADAAEAAAAAAACAAI~&z=840918157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 97C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=iw&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6LdiA1IhAAAAAEPlwaEydJqEV4KqsZa4FyXP6UpM
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XWBFqshuABN9VlrvaNYQsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XWBFqshuABN9VlrvaNYQsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jun 2024 13:03:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-X6TCBL190C&gtm=45je46a0v894750704za200zb71927965&_p=1718197407801&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1499357392.1718197409&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718197408&sct=1&seg=0&dl=https%3A%2F%2Frefund.tripshield.co.il%2FonlineClaim&dt=%D7%94%D7%92%D7%A9%D7%AA%20%D7%94%D7%97%D7%96%D7%A8%20%D7%90%D7%95%D7%A0%D7%9C%D7%99%D7%99%D7%9F%20-%20tripshield&en=scroll&epn.percent_scrolled=90&_et=59&tfd=11033&_z=fetch
Requested by
Host: refund.tripshield.co.il
URL: https://refund.tripshield.co.il/onlineClaim
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 12 Jun 2024 13:03:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://refund.tripshield.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __cfQR object| NREUM object| webpackChunk:NRBA-1.260.1.PROD object| newrelic function| checkFields function| onLeadSubmit function| trimAll object| dataLayer function| $ function| jQuery object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorProFrontend object| elementorFrontendConfig object| elementorFrontend function| Sticky object| __core-js_shared__ function| tram object| Webflow string| root object| iDiv object| script object| headlbl object| accLink object| arrowImg object| accList object| keyNav object| colorRow object| grayTable object| grayRow object| whiteCell object| grayCell object| blackCell object| tableLi object| zoomTable object| tableRow object| zoom100 object| zoom120 object| zoom140 object| zoom160 object| accListTurnOff object| poweredByDiv number| rotateAngle number| accColorIndicator function| loadjscssfile function| checkIfIncluded function| removejscssfile function| removeAllAcc function| addKeyNav function| addGrayScale function| addblackBG function| addwhiteBG function| turnOffAcc function| createCookie function| readCookie function| checkCookie function| delCookie function| IsCookieEnable function| updateFromCookies function| getRootWebSitePath function| getHome boolean| __cfRLUnblockHandlers object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| obApi function| obTag string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| closure_lm_288562 object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal boolean| IE object| Wilq32 object| gaplugins object| gaData object| appConfigChunkLoadingGlobal boolean| pixelAdded boolean| poptin_loadcontrol_fix boolean| poptin_disable_fa boolean| poptin_disable_localstorage boolean| poptin_single_page_app boolean| landing_page_teaser_on object| upgrade_popup_setting object| previous_url_spa object| poptinTimeDelayTrigger boolean| poptinExitPopupShown boolean| poptin_display_trigger boolean| poptin_disable_fonts number| updateClockInterval function| jQ224 object| poptinSubmitted function| poptinVisible function| onpoptinClose function| onpoptinSubmit boolean| poptinStarted function| runPoptinNow function| runPoptinNowStart function| pageLoadCheck boolean| isPoptinLandingPage boolean| poptinAfterPageLoad function| closePoptinOnXclick function| closeTabPoptinOnXclick function| poptin_display function| poptin_display_form function| closePoptin function| PoptinQueue function| poptinClientLimitLogStatus function| closeUpgradePopup function| poptinUpgradeDontRemindMe function| poptinUpgradeRemindMe function| poptinUpgradePopupClick function| apiObj string| poptin_viewed_session number| poptin_once string| ap_triggers

15 Cookies

Domain/Path Name / Value
refund.tripshield.co.il/ Name: ASP.NET_SessionId
Value: frovago3ysrcyqptw4envnmp
.tripshield.co.il/ Name: _gcl_au
Value: 1.1.910245556.1718197408
.tripshield.co.il/ Name: _ga_X6TCBL190C
Value: GS1.1.1718197408.1.0.1718197408.0.0.0
.tripshield.co.il/ Name: _ga
Value: GA1.3.1499357392.1718197409
.tripshield.co.il/ Name: _gid
Value: GA1.3.1569143924.1718197409
.tripshield.co.il/ Name: _gat_UA-59275324-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
refund.tripshield.co.il/ Name: poptin_old_user
Value: true
refund.tripshield.co.il/ Name: poptin_user_id
Value: 0.haezyepuqaw
.tripshield.co.il/ Name: _fbp
Value: fb.2.1718197409513.391253485945716398
refund.tripshield.co.il/ Name: poptin_previous_url
Value:
refund.tripshield.co.il/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1718197410037%7D
refund.tripshield.co.il/ Name: poptin_user_ip
Value: 31.187.78.243
refund.tripshield.co.il/ Name: poptin_session
Value: true
refund.tripshield.co.il/ Name: poptin_c_visitor
Value: true

2 Console Messages

Source Level URL
Text
other warning URL: https://refund.tripshield.co.il/onlineClaim
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://refund.tripshield.co.il/onlineClaim
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
bam.eu01.nr-data.net
cdn.popt.in
cdnjs.cloudflare.com
connect.facebook.net
display.popt.in
fonts.googleapis.com
googleads.g.doubleclick.net
js-agent.newrelic.com
refund.tripshield.co.il
stats.g.doubleclick.net
tr.outbrain.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.25.14
104.26.10.244
142.250.184.227
142.250.185.202
142.250.185.68
142.250.186.131
142.250.186.72
142.251.173.156
157.240.251.35
157.240.251.9
162.247.243.39
172.217.16.194
172.67.69.47
185.221.85.3
188.114.96.3
216.239.32.178
23.218.209.87
70.42.32.95
05d390133f8f12c9376638e8a2562892fd106555441b99c635d167cef89aab60
0ad27b38791b3b52355793b291fd4d556a117e28f942778179c2504b7563c2fa
0b1334c8028eb18cd43edaedb5c612f6997c679730cdcf39fff077d3d8565c42
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4
133f35fbfc23c0d8cf814176860427bd6a02da9278de3de662da11d9602d8582
176b981aca136ced41ab2ef6222acf08f4ce5cfef6c00a1f614ebb989afc13fa
180253d2be00d351fb85fc738f840e1000f389df87a23ed082d759a71fab86e0
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1cef6af3b594cbe36fb3ac3a7ebd9858c52efbcdd201429a7f6946f1305d21f7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1fb08338766ec295c6efb4a3d456f3c9d0d1ee6d882b377df3e22b7c71265320
22a63798dfc04117296d0d0aaa9e426e55d6bd43aa7e2f79d898e76adc918e86
26ab2fd4afb5c57248a2007a588878f05464d27dfa0d46a35cadcd00b2bb8972
275baddea808228f57a8142752f5f0b94a61179f2f858e5371e623f6f65bb869
326ffedb17cf069bdc342759a21bf78461179b48fe9047d0e4636e3c6115ad9d
362b4d48c28a47ce0aaefc45a632afcb348ed7bf7400fe7005c533b4172aa610
368f29a2b4ac942beb937c7efc82a399db2eab9a9ee547e7f775b19d7b1aeb97
36a326c783a12f72498d41fb32371da87fe0cbd1595248f3f154fd939f07f10c
3a25692c69a3856f44621392fa93a9745f20b26394dc4a4e8ec4f22bd2ba593b
3be41e97b8ea0407443ab18f0ca53b320312ea3688bedd4b52cef538c3783b7b
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442593ccd5626184692d637b7d4be81b4a45834867f7289d3e5620888c2516f2
45c10e594102970e9ce84b114c60e9897704599d77e40f20fc5fe238ce690172
50dbecb3ed007ae3c814e0c220f9e9a153d02fbafa3d9465c4b222042976a8ec
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
55ab7680e55a4c8ad7d40c43097d8f4a536b0fd62013cf0edfe0b46d7268101f
5a2982a0f93d242323315ba420bc5772d33a77649e74351d5f3ecb353ca06901
5b69e998393698907a08f2750d7ce2aeb29b5b96e491a9f1ee48c9bafe92fef7
603b66ab7923390d2daa9866598b82ba140f958504a1556b92d305352157f253
61ed97fcc6d908cba4e38d0b64fdbd9ca989e7acbb796d0a16c8a08d5f5af7b8
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
6603e05909c6b2b05bca9ea8ac65eaa5c314ef2be73017105b2037e245d8d39d
6b869bff4f249ed49127909e447529a54d6cb2f97e8603d4d10ed8e4746c6606
6ffdff015e43c928de256bdd4b9aaee625e58d3eed7f2dc289bd7920a9d6a727
7633ffc8290160396d861d65ba7d403c0b72efddc87a7857d57733b3c94eb22e
768686e989a8f39ac9cf934d0c967d218feef8319e8cd4b73ad5dc38631a2451
77fdd8416fc2d407eacd148dfea6e7131816d0333df6097e6485ba2a3b0775be
783caaa29a03b02d593699ad95dac5c1b061c6c0ef6d144bf33118bba8582396
8040293db07eca955c93d147bc35df4c80dee331f831fce58c818a7b54b728a1
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
848968e428b4e8776c60da88ca738cd5e2daf551c8c74c26e71baba086da9d90
84b79f58577234ae9215a5bb7538da49f37591ca4fe88026d4712bda0e7d2069
866d4e109d45cc75283a55da524d647bfb8065a7f30ec23759aef9af3b535c71
8696cc7a39303df429ff5dc007e26eb3da03f6728ecfc7772bd44d139eac82f0
872c52bd35daacc0c21d6838f07c95d101782946a9215429b96e3ef198b96435
8992882b548461f80c8ae3ffbfb873fe5e0a376d029fcf9a411326e8ce568a28
8d05251a2e6a3bb962761f98fb85e8af4a19b38564e59f199ea030ae067b6fab
95ab41058c8238f81225af3ae634b1b21859666b61c251536704ee3043ab3648
97d32475326d3e98970d7d253c023f9f74979d74c6a39a98c6b4a5aca290f4cf
99aa12d17dc243be816b927d3ce21e5ef79c0e29820451ba652e80327ee99123
9a2bc40ded91476e1d78ff2aca6dfade533a9587d7dc0081699e081dff242c70
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9e426b06ebb2fe02a8f495c8d6e2b5aea53f3446cac8aa0fd2cc0bebe366676a
9e9d365aa837e0f1401e6061adf093b0b8cc03d96b2bc655305a8d7b60a7f2f8
9fffcd097227a375f06b8d41232b45f0d0e93664a2b8623200f1340eeee32971
a196804e86653cae4c24ca7e8cf5430dd4655cb2d4cd0f99d2fa9ee55b4bb924
a1c24e1ef7560a2dab6f277ea91cd1368e3f46c63533c389251440edab48c68e
a2cebfe3738dbd10570bcfea24eb240323f7f03312fce23f999ecbc9fb3cc6cb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adacc9194e8734f12d9e5cb92a5092cdfba8102a6f304720e14eb9a6ab2b883c
add0b2313783b71a70510b097826b8a4b0d98696e384a0ef83f4d7e904bbfa14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b032e8a42aaae0813fac1260d55516d8f1fc8757603269c5508c0ebe70eb00d6
b2a2a4884c85fba1f96ac8dddc4391f29fda25d7a09b2d00efcdb99fdf238674
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
bdde772c8c00b595299d6473c9f22819d1c5e88b528191524be55cf63c456cc3
c27c57142f0a623b231caba158e4dd1018a7e84126316e5175f599274dbf3149
c4785ca980c3035f06577ac9d6ba66abbe1fcdc7ea92dda258b2f62ff3212108
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c81d3d7e8a4c0c965e1cb88432fbda45813f8ec6e53e634ec7ffa08a8f403c7e
c8231730de92dcd618a552278aa505517b5e51962b19c5a02b2173bcc785519e
caf6bc1f35a8eabf73d30a56a78aa1ff013380a75e23f63bf5c18ce3fcf3dfce
ccc70f97cb76eb22f724fa96bc4df02de3bf17f59a6340dcef4030d66b14ecc1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfd196daaf7bf2065927411b40f3199ec8492abc33efa6df1f54fcdde484313f
d1742437f4249d62b230420398cf6c027d28f11b62bae4a731cd10826bb34dc6
d8898b66d02960cc3b7a9a186ba9ff9b52f20306ef05a4876a15e0f2ed831cd7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0fd3e2d893df46a9e50ce4717c6324e0fcad3310184bfbac4f8d3f50edb6d8
e0f0d6d71e313ae3ee40517ae4df4806d42aacf7720c5c0220506c247796c4f7
e31e1cfb470365c46c451ae94f3a5f9bac9df96a0f403f044f851228a5bf1667
e34a213d6a24fcc7e4fed75a30878fca0f316448db2f48405a4c4dfbc3c50877
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e96ce8f8f16fcb38bab86d4e2f7e78d6e98ae2815956c373ea901bc2953049
e3f5bfd2ff1e752098c85208035d782bef9b35a810f8dc0b97118ea511c32fea
e4d0f5ce39899d6f527f347d919e0e8f6981c96a409afd78e5e645fe0a3e373a
eba581ad883df3f1d96c816112ceb93dc5467256fc46a9ebdec7bea15f0fed95
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9a2be511aa1ea67388df0dcc91eb309c61f7820379f12ae0929409faef0244
f1de1892e08e98727014c5499e6a13e7d0fc1cfb4392de4b374bf023ba41d93e
f941e01a27c4568da7a81f5cb516b5d2056b14b88cccf3c53f647bde767e0919
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7
fddf3b8ac70e045fae5c928c659106d6c93d03b5b0967f1c5dcf40eb7d981efa
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffeb4502ca9f15ef2466c7d4b412e680216e45d70db6a3286d66fee0dd681562