office365-login.co.il Open in urlscan Pro
2606:4700:3031::ac43:ccde  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJuWBVCXdBK8u97skBmVBCvK9mwKiDYi5bgm_SJj1Dey1NFeBc9lVIRPTnGKZFzFbGGPO9-3LvFWyA14VAJptN3JoLfbd5a&google_gid=CAESEDU222dG-Yqdgb-b2DUoioA&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMzeUh3QUFBV1B5aXc1SQ&google_push=AYg5qPJuWBVCXdBK8u97skBmVBCvK9mwKiDYi5bgm_SJj1Dey1NFeBc9lVIRPTnGKZFzFbGGPO9-3LvFWyA14VAJptN3JoLfbd5a

Request Chain 63

• https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKe_Pyz3a2XtJFuGtGiDtz7_Msji9UfeVVPjXorcsC9X7EHdowyiZldQDnYg3NKR4TiIOivSRnaYzhpV9_ofA-iiFzfMWg&google_gid=CAESEC7bpIPPZBp1VV5Hmz8Blzk&google_cver=1 HTTP 307
• https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJ_kt4kGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLZV9QeXozYTJYdEpGdUd0R2lEdHo3X01zamk5VWZlVlZQalhvcmNzQzlYN0VIZG93eWlabGRRRG5ZZzNOS1I0VGlJT2l2U1JuYVl6aHBWOV9vZkEtaWlGemZNV2c HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1lTV1pqYWFwbERiQVYtTjVjME5RQi1FZTlpMHEzWjB6aDZnQkJKWE9YOA==&google_push

Request Chain 64

• https://rtb.openx.net/sync/dds?google_gid=CAESEFhllmwD_jF6z9sTqU1Aq50&google_cver=1&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFhllmwD_jF6z9sTqU1Aq50&google_cver=1&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw&google_hm=OkW3hV8ryrcaPZ5TpALMOg==

Request Chain 65

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKh2aYGI25ih3PfW2FH8M8s&google_cver=1&google_push=AYg5qPIhwToH7USwl2QKx1icyh28retdL5atFTDdfG_990UqSb-ebo9juM3CAvLSOpP1WW3BmWFTsseoOsqiFsdThDYBHpsMS0sF HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKh2aYGI25ih3PfW2FH8M8s&google_cver=1&google_push=AYg5qPIhwToH7USwl2QKx1icyh28retdL5atFTDdfG_990UqSb-ebo9juM3CAvLSOpP1WW3BmWFTsseoOsqiFsdThDYBHpsMS0sF&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkYXHvf9T_utiY7gcQ618g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIhwToH7USwl2QKx1icyh28retdL5atFTDdfG_990UqSb-ebo9juM3CAvLSOpP1WW3BmWFTsseoOsqiFsdThDYBHpsMS0sF

Request Chain 66

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEW1z-wYRvrzkDAmcSwC1MA&google_cver=1&google_push=AYg5qPLyithqEqT2gkpB4aEYAfAH8wSCGvpO4yVDrXbVOzqn-lOCK1La6I9ifMS6710T1cBHJHEPqzktZR81_VJKKkD_nUcMlqoU HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaVU9YTTctOS01UkU4&google_push=AYg5qPLyithqEqT2gkpB4aEYAfAH8wSCGvpO4yVDrXbVOzqn-lOCK1La6I9ifMS6710T1cBHJHEPqzktZR81_VJKKkD_nUcMlqoU

Request Chain 67

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL7VJ91yIheGTk3igbViW8w&google_cver=1&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w

Request Chain 103

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CObch5712vICFbXuuwgdKNIKpw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_5923f640-0a3b-11ec-bfe3-692d0dec5663

Request Chain 104

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 107

• https://d.agkn.com/pixel/2175/?google_gid=CAESEKspzYBfn-TSfcKK94wvo0g&google_cver=1&google_push=AYg5qPIFR9Y9BQNlGH8lxMRWNfzqxshbF_1rTSo0w_qAOFDgKp5HNuNaRpBOVJz5zyqsPGPc-wXVSSpoPByak7Me_NOq8FFaLqo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFR9Y9BQNlGH8lxMRWNfzqxshbF_1rTSo0w_qAOFDgKp5HNuNaRpBOVJz5zyqsPGPc-wXVSSpoPByak7Me_NOq8FFaLqo&google_hm=Q0FFU0VLc3B6WUJmbi1UU2ZjS0s5NHd2bzBn

Request Chain 108

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI0W-_gT7ydejEZhiuAtCpRzOi3V8VnYEqy3TpOctjKauhuddEXND0AP4IqOWROJBfkWuILymS2ufZdSftd1n74jZzAMtg&google_gid=CAESEMYI0gjFF4-iu3MdzXxV93c&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI0W-_gT7ydejEZhiuAtCpRzOi3V8VnYEqy3TpOctjKauhuddEXND0AP4IqOWROJBfkWuILymS2ufZdSftd1n74jZzAMtg&google_gid=CAESEMYI0gjFF4-iu3MdzXxV93c&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MzEwOTEwNTUwMDAxMjE1NzIwOTg5NA%3D%3D&google_push=AYg5qPI0W-_gT7ydejEZhiuAtCpRzOi3V8VnYEqy3TpOctjKauhuddEXND0AP4IqOWROJBfkWuILymS2ufZdSftd1n74jZzAMtg

Request Chain 110

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ

Request Chain 112

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFT_vBTy8w0PZ3MIJl4Hxik&google_cver=1&google_push=AYg5qPK9T1Nl-6hCrkOUxLr55S-_P17QGp0LJnpoLal9k3s8VGVqIA188QxiYHGPahAWqPr1gmI5qRj7ZfREMaC2VUr8TegRIdA HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9T1Nl-6hCrkOUxLr55S-_P17QGp0LJnpoLal9k3s8VGVqIA188QxiYHGPahAWqPr1gmI5qRj7ZfREMaC2VUr8TegRIdA&google_hm=

Request Chain 130

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMHfl5712vICFdnyuwgd3vEBXQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_594783d0-0a3b-11ec-a5ea-692d04ef6a29

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response office365-login.co.il/	9 KB 3 KB	157ms 119ms	Document text/html	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18355c68390338e3c804dead124a3df2bf019fc57f46597225bc8c957496936f Request headers :method GET :authority office365-login.co.il :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-type text/html last-modified Mon, 03 May 2021 17:31:21 GMT vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgEab6OOS5qZf%2FrwourZ%2FGbXCvHPSrszIAZAenxenVuVK9Pu1uYH5WBoQlo0z25tG1%2BhtSS6qfLL%2BA8%2BlMRfd7R2CdB9YVS1XYMGSbVsyqfqrLbHnljpvFB3yVemHeaFTBC7UYo2E2ZpANu9qlIoEDqPptc%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 687520dcda4a4345-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	bootstrap.css office365-login.co.il/style/	108 KB 18 KB	147ms 135ms	Stylesheet text/css	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/style/bootstrap.css Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6121ec11f6f973764c805699924fc8de985509e321254c5b23e5a859aaf5e03 Request headers :path /style/bootstrap.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=116486 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:06:02 GMT server cloudflare etag W/"1c706-4dffa30e56280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko%2BAAZUiO4oE7UwjiKjw7DVbsLTfpD8iHON5p2xzx44a6Cdlm%2BCmG8i2XBZem4ej3Z%2Fnnt7%2BKVyhTQ7wtuMUh4R6zd0y8cEpx1sOwffB9BKqh2%2B2ZhEVqKHDfnJ2hzG62Qk%2B%2FAumHuTmHlyJw0DtgRX0wBY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 687520ddbc054a55-FRA cf-bgj minify
GET H3-29	200	font-awesome.css office365-login.co.il/style/	13 KB 3 KB	153ms 140ms	Stylesheet text/css	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/style/font-awesome.css Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aff0fe9c5bb0b48251cc524c2f70eb71353076fb39203f634c9dbe0dd1f6226e Request headers :path /style/font-awesome.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=19557 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:06:01 GMT server cloudflare etag W/"4c65-4dffa30d62040-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUBr7CRG5UALxGVVnRklLkApnrmo6oCZdv1puYKsNjIDCPR1qb6yYFE5Z1hoRmPMgeDCevu29Y1Xy9T446ErDgVHfovnisKTMufEgzj9QCSvHg8cWw0L84MPS%2F1h6X9QZCQusoRB8vR5eO3wWb6vaCO386s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 687520ddbc0c4a55-FRA cf-bgj minify
GET H3-29	200	style.css office365-login.co.il/style/	23 KB 6 KB	144ms 131ms	Stylesheet text/css	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/style/style.css Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3addf610b495fe6cfd73ebfac82f86b7ec7acd54f18e3a8e3c79528302c47c0 Request headers :path /style/style.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=31404 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:06:02 GMT server cloudflare etag W/"7aac-4dffa30e56280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhE%2Bs2UCdXqsXJG5Mdf%2Fht4ssODzJIHshSggRnZF9TRQ4lqMk66JwtlnIdmgNeyWwPrFtZ6fSk6l40epRFV2X5Hmj8WWRP%2BJOM8xiKxnuuyEHr%2BYxXeBZb5Lg6KvXBx2nOgd8PWLhMya1gQpiETojgCC%2BXA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 687520ddbc034a55-FRA cf-bgj minify
GET H3-29	200	lblue.css office365-login.co.il/style/	1 KB 1 KB	141ms 128ms	Stylesheet text/css	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/style/lblue.css Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf5883ce5f30c835f5f46139cb23f16db3d4edcc851b798409173fd12449c3b4 Request headers :path /style/lblue.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1774 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:06:02 GMT server cloudflare etag W/"6ee-4dffa30e56280-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uEuOQUFImsHGSj6WFEi3R9woPUzxbu5%2BCbYNC0CsPJWsKOpHRsdNgjyCem76HKmvkGikdruyojbAKR4ho2uD7mg6jOyCFxF7Vh4fHIGNOw8Fq2Vf5iEbbYX%2FI9VRRziGWzfHhVJqIjfwypxwpG6h%2FK32zU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 687520ddbc094a55-FRA cf-bgj minify
GET H3-29	200	bootstrap-responsive.css office365-login.co.il/style/	11 KB 3 KB	158ms 146ms	Stylesheet text/css	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/style/bootstrap-responsive.css Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ab2d37103d429a8d794024db503039481ea04c9b8995f95fd4a3675754537ac Request headers :path /style/bootstrap-responsive.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=21447 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:06:00 GMT server cloudflare etag W/"53c7-4dffa30c6de00-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRAU%2BTNfpGnfoSONZTL%2BCi5qm3IEft%2F2vjhkhy8HTGQOq9jVQWe31EX0vVkkE87xMs6Y5JkdS8HNVNJWs5zbzXAqfestOYdHP%2Fsux%2B4IzpWzmoRLnpXzPU%2BBQ%2B63VWtUQtzoZVYCn2b3nnwtN9cQFkDpX9k%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 687520ddbc0b4a55-FRA cf-bgj minify
GET H2	200	buttons.js Show response w.sharethis.com/button/	59 KB 17 KB	52ms 13ms	Script application/javascript	2600:9000:2190:7a00:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w.sharethis.com/button/buttons.js Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:7a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 08:08:54 GMT content-encoding gzip server nginx/1.16.1 age 90120 etag W/"60256fd0-eabe" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront) cache-control max-age=259200 x-amz-cf-pop ZRH50-C1 x-robots-tag noindex, nofollow content-length 16639 x-amz-cf-id L2nYmUA15GN81brhMgkAsGDX8Uk0vIFWfttPQnvfI16kz-USbiL5ZQ== expires Thu, 02 Sep 2021 08:08:54 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	138 KB 49 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5857703812409507 Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 052df650b4487d9a93dff30eab143926d5a8967f5ac562372e4d547fafb21710 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://office365-login.co.il Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49482 x-xss-protection 0 server cafe etag 16349380149292538517 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 31 Aug 2021 09:10:54 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.9.1/	90 KB 32 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:06 GMT content-encoding gzip x-content-type-options nosniff age 48 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33018 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Aug 2022 09:10:06 GMT
GET H3-29	200	bootstrap.js Show response office365-login.co.il/js/	31 KB 9 KB	142ms 132ms	Script application/javascript	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/js/bootstrap.js Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a271908459f412648865c52f284ec5fdc1dac8b6074d32f75a72d8103867f2fd Request headers :path /js/bootstrap.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=31596 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:05:59 GMT server cloudflare etag W/"7b6c-4dffa30b79bc0-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=499rNAzkVQvt7bGlGCL4v%2B79IU4A%2Bi61SckXAYifqr%2B2dN%2Bn4VBgEe2FAZHVp5vwJCuIApZjoGYKfCVLR4Wx0mJVFUR5jpsCW5B8yqYHXk2BoH%2BjLc37BA13pHJx7%2BcPF9nFv%2B2Ip37ilvJHvs%2BC3ANdZKQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 687520ddbc044a55-FRA cf-bgj minify
GET H3-29	200	modernizr.custom.28468.js Show response office365-login.co.il/js/	7 KB 4 KB	139ms 129ms	Script application/javascript	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/js/modernizr.custom.28468.js Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54e0095946406ad3449ee0bd4f1e6e08403f97b767f4611be9e9c2e1c9ef5b33 Request headers :path /js/modernizr.custom.28468.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority office365-login.co.il referer https://office365-login.co.il/ :scheme https sec-fetch-site same-origin :method GET Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=7521 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 25 Jun 2013 13:05:58 GMT server cloudflare etag W/"1d61-4dffa30a85980-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBt0%2FBQjVwHCf43Wn1tI9QTFAWcOa2VD3lfY4Fy6ihgPdremAFMANNwIahIX1Y5AFVVoWu9ZDKNsr47MtH5MvYuXV1tWZPHFs06jh%2FCrdWKIsqc6eCw07rFLhMo8XQ0Z1V%2BEPdaRX4ni4YBviB1sWb13Bt0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 687520ddbc0e4a55-FRA cf-bgj minify
GET H2	200	css fonts.googleapis.com/	10 KB 951 B	21ms 15ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700 Requested by Host: office365-login.co.il URL: https://office365-login.co.il/style/bootstrap.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5c2bb8eaabd73f4d54bfe1082ce8606dd5e63ec9da3fe3cd8fdb9feace59f504 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 31 Aug 2021 09:03:09 GMT server ESF date Tue, 31 Aug 2021 09:10:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Aug 2021 09:10:54 GMT
GET H2	200	async-buttons.js Show response ws.sharethis.com/button/	89 KB 19 KB	47ms 13ms	Script application/javascript	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws.sharethis.com/button/async-buttons.js Requested by Host: w.sharethis.com URL: https://w.sharethis.com/button/buttons.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 29 Aug 2021 01:01:18 GMT content-encoding gzip server nginx/1.16.1 age 202176 etag W/"60257011-16245" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) cache-control max-age=259200 x-amz-cf-pop ZRH50-C1 x-robots-tag noindex, nofollow content-length 18815 x-amz-cf-id fEBPzZ8YpyyYgo6SBOnJVcLOiZ8VJcyocsne2GFcKbdt0fh6FkvTFw== expires Wed, 01 Sep 2021 01:01:18 GMT
GET H3-29	200	fontawesome-webfont.woff office365-login.co.il/font/	43 KB 43 KB	106ms 106ms	Font application/font-woff	2606:4700:3031::ac43:ccde CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://office365-login.co.il/font/fontawesome-webfont.woff Requested by Host: office365-login.co.il URL: https://office365-login.co.il/style/font-awesome.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f Request headers :path /font/fontawesome-webfont.woff pragma no-cache origin https://office365-login.co.il accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority office365-login.co.il referer https://office365-login.co.il/style/font-awesome.css :scheme https sec-fetch-site same-origin :method GET Origin https://office365-login.co.il Referer https://office365-login.co.il/style/font-awesome.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding br cf-cache-status HIT last-modified Tue, 25 Jun 2013 13:07:53 GMT server cloudflare etag W/"aa34-4dffa37831c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPbaIUofwN28IDj6pr2rrye7CQ4QrEuWBlPltpOdOeUWAJVDUfowYgElj3CPaDUOnP6y%2F4SKyoUKTbKERE1kMPKBoivNcR924BmXITZY2WUDr%2BeEhi2AJKayVWeKOAlHd5czhlMoU1G1%2BYMHTT3qoUXzdo0%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 687520deee474a55-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 fonts.gstatic.com/s/opensans/v23/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://office365-login.co.il Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 00:29:17 GMT x-content-type-options nosniff age 31297 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14992 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:22:57 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 Aug 2022 00:29:17 GMT
GET H3-29	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v23/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://office365-login.co.il Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 08:52:43 GMT x-content-type-options nosniff age 260291 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14440 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:25 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 08:52:43 GMT
GET H2	200	portal-v2.html Show response c.sharethis.mgr.consensu.org/ Frame 204D	2 KB 1 KB	38ms 7ms	Document text/html	2600:9000:21f3:e000:c:a9b7:ddc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.sharethis.mgr.consensu.org/portal-v2.html Requested by Host: w.sharethis.com URL: https://w.sharethis.com/button/buttons.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:e000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6 Request headers :method GET :authority c.sharethis.mgr.consensu.org :scheme https :path /portal-v2.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers content-type text/html; charset=utf-8 content-encoding gzip cache-control max-age=3600, public date Tue, 31 Aug 2021 08:47:21 GMT etag W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id kb1AxoXbaOAMQ5iaZTtTWxtPWnX_r49ussTbMeNLfmy3ZPzTJIfoSQ== age 1413
GET H2	200	7FxIRqhRa3w Show response www.youtube.com/embed/ Frame F627	55 KB 23 KB	51ms 50ms	Document text/html	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/7FxIRqhRa3w Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7d00870ad6943935f757d029eee3150e0a4742edae2f5afa751acc74d63eed2e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/7FxIRqhRa3w pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 31 Aug 2021 09:10:54 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR accept-ch-lifetime 2592000 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." content-encoding br server ESF x-xss-protection 0 set-cookie YSC=YnY6lG9MhCU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=KNYuTO1H0CU; Domain=.youtube.com; Expires=Sun, 27-Feb-2022 09:10:54 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+373; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/	250 KB 93 KB	40ms 40ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5857703812409507 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c2e98ed8bcdaf28a62eb046af5a63b1ec9867776397e104ba24a07ca20cef6ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95040 x-xss-protection 0 server cafe etag 11438147597726798438 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 31 Aug 2021 09:10:54 GMT
GET H3-29	200	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 fonts.gstatic.com/s/opensans/v23/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://office365-login.co.il Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 14:28:00 GMT x-content-type-options nosniff age 585774 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15112 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:34 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 14:28:00 GMT
GET H3-29	200	mem8YaGs126MiZpBA-UFW50bbck.woff2 fonts.gstatic.com/s/opensans/v23/	11 KB 11 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFW50bbck.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://office365-login.co.il Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 17:20:51 GMT x-content-type-options nosniff age 229803 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11316 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:19 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 17:20:51 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210826/r20190131/ Frame CC80	10 KB 5 KB	7ms 5ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210826/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5857703812409507 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210826/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 31 Aug 2021 02:22:32 GMT expires Tue, 14 Sep 2021 02:22:32 GMT content-type text/html; charset=UTF-8 etag 13836150016441684253 x-content-type-options nosniff content-encoding gzip server cafe content-length 4591 x-xss-protection 0 age 24502 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 11 Aug 2021 00:32:57 GMT server Golfe2 age 1134 date Tue, 31 Aug 2021 08:52:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Tue, 31 Aug 2021 10:52:00 GMT
GET H2	200	buttons-secure.css ws.sharethis.com/button/css/	23 KB 4 KB	13ms 12ms	Stylesheet text/css	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws.sharethis.com/button/css/buttons-secure.css Requested by Host: ws.sharethis.com URL: https://ws.sharethis.com/button/async-buttons.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:38:28 GMT content-encoding gzip last-modified Thu, 11 Feb 2021 17:57:38 GMT server nginx/1.16.1 age 1947 etag W/"60257012-5a76" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-robots-tag noindex, nofollow content-length 3851 x-amz-cf-id McOZ7xOizy_CuHiU4cJByl24T_WeKtg3Q7F0zekvSqyTZTdh28dNCA==
GET H2	200	get_counts Show response count-server.sharethis.com/v2.0/	232 B 549 B	104ms 39ms	Script text/javascript	13.224.93.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Foffice365-login.co.il%2F&cb=stButtons.processCB&wd=true Requested by Host: ws.sharethis.com URL: https://ws.sharethis.com/button/async-buttons.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.93.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-93-34.zrh50.r.cloudfront.net Software / Resource Hash 6f9513991b64f07a83644954294cec39d1154f84286b94daf33241eaa05378ff Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 21:12:09 GMT via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) age 43125 etag 14e35b345b532535610b0f8322f1f8a9 x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-pop ZRH50-C1 content-length 232 apigw-requestid E5hyfhxkIAMEShA= x-amz-cf-id JF9llhRQa4oYtXR3oU3CI9Vp-ff1XhstIX3MZsaQbRn2mDaO0H3fuA==
GET H2	200	facebook_counter.png ws.sharethis.com/images/2017/	2 KB 3 KB	14ms 13ms	Image image/png	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ws.sharethis.com/images/2017/facebook_counter.png Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 11 Feb 2021 19:07:06 GMT via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) server nginx/1.16.1 age 17330628 etag "60256fcb-977" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag noindex, nofollow content-length 2423 x-amz-cf-id 30jweCeLv9szv2xF5-mqMhFrrIOreY4NiQ5oXF1onYSmChD44kBMHQ== expires Fri, 11 Feb 2022 19:07:06 GMT
GET H2	200	linkedin_counter.png ws.sharethis.com/images/2017/	2 KB 3 KB	14ms 13ms	Image image/png	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ws.sharethis.com/images/2017/linkedin_counter.png Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 11 Feb 2021 19:07:06 GMT via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) server nginx/1.16.1 age 17330628 etag "60256fcb-9e1" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag noindex, nofollow content-length 2529 x-amz-cf-id Bsq-j93o2PPevdMGvt_WQmQrNIy4CZhXEeWkgtwfYF0k77-r8goncg== expires Fri, 11 Feb 2022 19:07:06 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 31 B	13ms 13ms	XHR text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=186293382&t=pageview&_s=1&dl=https%3A%2F%2Foffice365-login.co.il%2F&ul=en-us&de=UTF-8&dt=Office%20365%20login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1685491478&gjid=917460659&cid=618733851.1630401055&tid=UA-6461311-32&_gid=1827921454.1630401055&_r=1&_slc=1&z=20392962 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:54 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://office365-login.co.il cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	211 B 664 B	57ms 35ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=office365-login.co.il&callback=_gfp_s_&client=ca-pub-5857703812409507 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 7978f1e93cf29ad1540eea2ebbc19c5e85424f568787edf983dc05640e75c2c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 198 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	16ms 16ms	Script application/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=office365-login.co.il Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 15ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=office365-login.co.il Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 72BE	0 19 B	57ms 53ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&adk=1812271804&adf=3025194257&lmt=1620063081&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffice365-login.co.il%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054600&bpp=5&bdt=264&idt=130&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5804319126209&frm=20&pv=2&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-5857703812409507&output=html&adk=1812271804&adf=3025194257&lmt=1620063081&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffice365-login.co.il%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054600&bpp=5&bdt=264&idt=130&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5804319126209&frm=20&pv=2&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=152 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 31 Aug 2021 09:10:54 GMT server cafe content-length 0 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 31-Aug-2021 09:25:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 31 Aug 2021 09:10:54 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	72 KB 27 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322975956640" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27566 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:54 GMT
GET H3-29	200	www-player-webp.css www.youtube.com/s/player/c29c59cf/ Frame F627	329 KB 45 KB	32ms 28ms	Stylesheet text/css	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 13:36:14 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 70480 vary Accept-Encoding, Origin content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46223 x-xss-protection 0 expires Tue, 30 Aug 2022 13:36:14 GMT
GET H3-29	200	www-embed-player.js Show response www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/ Frame F627	194 KB 64 KB	38ms 35ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 13:36:14 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 70480 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65420 x-xss-protection 0 expires Tue, 30 Aug 2022 13:36:14 GMT
GET H3-29	200	base.js Show response www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame F627	2 MB 499 KB	20ms 17ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 13:36:35 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 70459 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 510544 x-xss-protection 0 expires Tue, 30 Aug 2022 13:36:35 GMT
GET H3-29	200	fetch-polyfill.js Show response www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/ Frame F627	8 KB 3 KB	18ms 16ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 13:36:14 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 70480 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2830 x-xss-protection 0 expires Tue, 30 Aug 2022 13:36:14 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame F627	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.youtube.com Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 11:21:30 GMT x-content-type-options nosniff age 337764 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 27 Aug 2022 11:21:30 GMT
GET H2	200	bubble_arrow.png ws.sharethis.com/secure/images/	979 B 1 KB	41ms 11ms	Image image/png	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ws.sharethis.com/secure/images/bubble_arrow.png Requested by Host: ws.sharethis.com URL: https://ws.sharethis.com/button/css/buttons-secure.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe Request headers Referer https://ws.sharethis.com/button/css/buttons-secure.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 15 Jun 2021 23:07:45 GMT via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) server nginx/1.16.1 age 6602589 etag "60257011-3d3" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag noindex, nofollow content-length 979 x-amz-cf-id FdbMpl2jCls6h0nNpMvmotTAzRwjVwtnUD-VJPKotJO2DRqXXb-s0A== expires Wed, 15 Jun 2022 23:07:45 GMT
GET H2	200	googleplus_16.png ws.sharethis.com/images/2017/	2 KB 2 KB	34ms 11ms	Image image/png	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ws.sharethis.com/images/2017/googleplus_16.png Requested by Host: ws.sharethis.com URL: https://ws.sharethis.com/button/css/buttons-secure.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8 Request headers Referer https://ws.sharethis.com/button/css/buttons-secure.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 15 Jun 2021 19:35:30 GMT via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) server nginx/1.16.1 age 6615324 etag "60256fcb-61f" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag noindex, nofollow content-length 1567 x-amz-cf-id QY0ju14rM-8-ZXEEMXkeFhpN4cuYtuc_LOL4GlrsDCiyFyFUjjzbKg== expires Wed, 15 Jun 2022 19:35:30 GMT
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 48B2	75 KB 26 KB	565ms 563ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c2fc986c66d2a170dd46b3fe6aaa8d0b21e4ed948fa738549a4fb22e5f9ee6de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 31 Aug 2021 09:10:55 GMT server cafe content-length 26257 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 31-Aug-2021 09:25:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 31 Aug 2021 09:10:55 GMT cache-control private
GET H/1.1	204 No Content	pview Show response l.sharethis.com/	0 343 B	67ms 15ms	XHR text/plain	3.124.181.115 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1630401054536.71135&hostname=office365-login.co.il&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=b8696446-30b6-4dc5-9e4c-d3140afd5643&bsamesite=true&consent_cookie_duration=275&consent_duration=275&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Foffice365-login.co.il%2F&title=Office%20365%20login&sop=false&description=Login%20to%20your%20Office%20365%20portal%20or%20webmail%20with%20a%20simple%20click. Requested by Host: w.sharethis.com URL: https://w.sharethis.com/button/buttons.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-181-115.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 31 Aug 2021 09:10:54 GMT Access-Control-Max-Age 1728000 Access-Control-Allow-Origin https://office365-login.co.il Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers *
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D672	21 KB 10 KB	573ms 573ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d853a9ac4b8dc22a3b0859745408ce05b2200bdd10b3ee8724cb67c323afd062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 31 Aug 2021 09:10:55 GMT server cafe content-length 10260 x-xss-protection 0 set-cookie IDE=AHWqTUkU2yzzPVyGQq-3Dx8h_ItSplKntcW-mAeB_vEC8mfbAPvJu3pa7DrqpHdviXs; expires=Sun, 25-Sep-2022 09:10:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 31 Aug 2021 09:10:55 GMT cache-control private
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 6666	21 KB 10 KB	273ms 271ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ace88c5d5796c3205d72a303b931a22d607ceabaf2e457c8fd5b0895177c47d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 31 Aug 2021 09:10:55 GMT server cafe content-length 10275 x-xss-protection 0 set-cookie IDE=AHWqTUmKJyQXgnytIMhmzpo_mgXVHAmBcflGNZNNjjZTzdp8U30HiOi_8fiosqzG_48; expires=Sun, 25-Sep-2022 09:10:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 31 Aug 2021 09:10:55 GMT cache-control private
GET H/1.1	204 No Content	pview l.sharethis.com/	0 315 B	16ms 16ms	Image text/plain	3.124.181.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1630401054536.71135&hostname=office365-login.co.il&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=b8696446-30b6-4dc5-9e4c-d3140afd5643&bsamesite=true&consent_cookie_duration=275&consent_duration=275&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Foffice365-login.co.il%2F&title=Office%20365%20login&sop=false&description=Login%20to%20your%20Office%20365%20portal%20or%20webmail%20with%20a%20simple%20click.&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Login%20to%20your%20Office%20365%20portal%20or%20webmail%20with%20a%20simple%20click.&img_pview=true Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.124.181.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-124-181-115.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 31 Aug 2021 09:10:54 GMT Access-Control-Max-Age 1728000 Access-Control-Allow-Origin * Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers *
GET H3-29	200	id Show response googleads.g.doubleclick.net/pagead/ Frame F627	113 B 161 B	27ms 27ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8b8610333d59e71ed4b6bd0a86174fbdbc50ac54da1def4aa9fb15eb0ec99350 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:54 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame F627	29 B 91 B	6ms 6ms	Script text/javascript	2a00:1450:4001:808::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:57:58 GMT x-content-type-options nosniff last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe age 776 content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 expires Tue, 31 Aug 2021 09:12:58 GMT
GET H3-29	200	remote.js Show response www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame F627	95 KB 29 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 13:36:36 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 70459 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29767 x-xss-protection 0 expires Tue, 30 Aug 2022 13:36:36 GMT
GET H2	200	TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js Show response www.google.com/js/th/ Frame F627	35 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 25 Aug 2021 05:20:01 GMT content-encoding br x-content-type-options nosniff age 532254 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13387 x-xss-protection 0 last-modified Mon, 23 Aug 2021 09:00:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 25 Aug 2022 05:20:01 GMT
GET H3-29	200	embed.js Show response www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame F627	24 KB 7 KB	10ms 6ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 13:36:36 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 70459 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7277 x-xss-protection 0 expires Tue, 30 Aug 2022 13:36:36 GMT
GET DATA	200 OK	truncated / Frame F627	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	CnoNBkTTL_2N3nL48j7wwlMGzbinnFSyGTg7WYXUumUxWeq4tN7Pc8W2q3to_GNghL8ZXyU9vA=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame F627	2 KB 2 KB	9ms 8ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/CnoNBkTTL_2N3nL48j7wwlMGzbinnFSyGTg7WYXUumUxWeq4tN7Pc8W2q3to_GNghL8ZXyU9vA=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 8c0b8d37b667148e9bd76b50aca6e93805e7bae152d363d3ff6c23553e5f0445 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:18:11 GMT x-content-type-options nosniff age 3164 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1689 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 25 Aug 2021 16:11:16 GMT
GET H2	200	sddefault.jpg i.ytimg.com/vi/7FxIRqhRa3w/ Frame F627	32 KB 33 KB	10ms 8ms	Image image/jpeg	2a00:1450:4001:831::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/7FxIRqhRa3w/sddefault.jpg Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/7FxIRqhRa3w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 67231783b72037d61d496716be579bc104b5edb9f62bac875ab9d03e3247bca3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:35:38 GMT x-content-type-options nosniff server sffe age 2117 etag "0" vary Origin content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33187 x-xss-protection 0 expires Tue, 31 Aug 2021 10:35:38 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame F627	4 KB 2 KB	19ms 18ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe x-content-type-options nosniff vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:55 GMT
GET H3-29	204	generate_204 www.youtube.com/ Frame F627	0 9 B	10ms 7ms	Image text/plain	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?qGJReg Requested by Host: office365-login.co.il URL: https://office365-login.co.il/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.youtube.com/embed/7FxIRqhRa3w User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 6666	2 KB 1 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:48:16 GMT content-encoding gzip x-content-type-options nosniff age 1359 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 08:48:16 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6666	122 KB 37 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:55 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 6666	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:56:05 GMT content-encoding gzip x-content-type-options nosniff age 890 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 08:56:05 GMT
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 6666	0 0	86ms 85ms	Fetch text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CFHJeHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEtgFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qTtRoZAZdxUGzWqi7POlVFt8MIAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4NTc3MDM4MTI0MDk1MDcYAA&sigh=4JpUV7XBn0g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 31 Aug 2021 09:10:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 6666	0 0	16ms 15ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1ks3trpkaxxzehbz95e6ec9ywz0k3zdvk2pk3y3618s6q4nbb5qx27mzadsx4jwwqhk8nxsq9x24z0w5zgqwt7h7rs07yfg4005pkz4e9ezszkyfkhx5560dc1p4je18ed9p4jc0hp4dmx56e35fb8b72v1scn3r9d3fpd2fae89rcgby0tcc8hgevn0rsg56c3y300fs5qp6kfkraccarqyy8ypewz572sb6ebaw4j4ea0ygnx5mhcm1mj17zmj3wd0n281bdwdnej4c1j2macrbv584ww5jkac1ewye00ty13xapjeghwaaxrm2cf8nw0qqjgs8n3ccq1a2z9y122dkd68xa6d43ngf1rc0cqdh7yncn779cwyxca0g3dt9f5wemtj2m&b=YS3yHgANWoEH_YrFAAM0JdH0_NYUxIMzInMPAg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google alt-svc clear content-type image/gif
GET H2	200	dr Show response ad4m.at/ad/ Frame B8C4	2 KB 2 KB	23ms 23ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3f6bf1f3c26dbd2e2a1a6f8594c3b2aa95ddc431c65e3dd5cf65fad6f857a6f Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox Request headers :method GET :authority ad4m.at :scheme https :path /ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding report-to {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400} nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"} expires 0 cache-control no-store, no-cache, must-revalidate, proxy-revalidate content-security-policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' referrer-policy same-origin pragma no-cache surrogate-control no-store x-fastcgi-cache BYPASS x-backend-server adsrv-7b12 via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 687520e2fc354a97-FRA content-encoding br
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2793	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 30 Aug 2021 12:12:35 GMT expires Tue, 31 Aug 2021 12:12:35 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 75500 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	dpixel cms.quantserve.com/ Frame 2793	35 B 462 B	11ms 9ms	Image image/gif	2620:116:800d:21:5a23:9c4e:e774:96c1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEL1tn9jPMxqok3g-8-TmcU8&google_cver=1&google_push=AYg5qPLmFEMny_PRe0VQwfA9Z9RAKjLVWZrk2lnTj23L2ONF_W6W4m1ZVsRfN8iU_u8bsx-jIQBEWPCMoCWL6wMaKEsFqiCOZtkx Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 2793 Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJuWBVCXdBK8u97skBmVBCvK9mwKiDYi5bgm_S... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMzeUh3QUFBV1B5aXc1SQ&google_push=AYg5qPJuWBVCXdBK8u97skBmVBCvK9mwKiDYi5bgm_SJj1Dey1NFeBc9lVIRPTnGKZFzFbGGPO9-3LvFWyA14VAJptN3JoLfbd5a	170 B 188 B	28ms 27ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMzeUh3QUFBV1B5aXc1SQ&google_push=AYg5qPJuWBVCXdBK8u97skBmVBCvK9mwKiDYi5bgm_SJj1Dey1NFeBc9lVIRPTnGKZFzFbGGPO9-3LvFWyA14VAJptN3JoLfbd5a Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMzeUh3QUFBV1B5aXc1SQ&google_push=AYg5qPJuWBVCXdBK8u97skBmVBCvK9mwKiDYi5bgm_SJj1Dey1NFeBc9lVIRPTnGKZFzFbGGPO9-3LvFWyA14VAJptN3JoLfbd5a Date Tue, 31 Aug 2021 09:10:55 GMT Server Apache Connection keep-alive Content-Length 391 Content-Type text/html; charset=iso-8859-1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 2793 Redirect Chain https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKe_Pyz3a2XtJFuGtGiDtz7_Msji9UfeVVPjXorcsC9X7EHdowyiZldQDnYg3NKR4TiIOivSRnaYzhpV9_ofA-iiFzfMWg&google_gid=CAESEC7bpIPPZBp1VV5Hmz8Blzk&goog... https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJ_kt4kGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLZV9QeXozYTJYdEpGdUd0R2lEdHo3X01zamk5VWZlVlZQalhvcmNzQzlYN0VIZG93eWlabGRRRG5ZZzNOS1I0VGlJT2l2U1JuYVl6aHBWOV... https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1lTV1pqYWFwbERiQVYtTjVjME5RQi1FZTlpMHEzWjB6aDZnQkJKWE9YOA==&google_push	170 B 188 B	26ms 26ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1lTV1pqYWFwbERiQVYtTjVjME5RQi1FZTlpMHEzWjB6aDZnQkJKWE9YOA==&google_push Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1lTV1pqYWFwbERiQVYtTjVjME5RQi1FZTlpMHEzWjB6aDZnQkJKWE9YOA==&google_push cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 2793 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFhllmwD_jF6z9sTqU1Aq50&google_cver=1&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw https://rtb.openx.net/sync/dds?google_gid=CAESEFhllmwD_jF6z9sTqU1Aq50&google_cver=1&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw&... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw&google_hm=OkW3hV8ryrcaPZ5TpALMOg==	170 B 188 B	25ms 24ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw&google_hm=OkW3hV8ryrcaPZ5TpALMOg== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 31 Aug 2021 09:10:54 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKTeBgL99U465F9bI8J8JuF4ViP3FdmiY3vXUK_eELJwrMaB03py4kgT_VcDmXueWQZtDzGahB2BnFMjyGWMmmXmnMOLUdw&google_hm=OkW3hV8ryrcaPZ5TpALMOg== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-request-id 6fpmimflsthofr6tac79ups1mvip7amr
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 2793 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkYXHvf9T_utiY7gcQ618g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	19ms 18ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkYXHvf9T_utiY7gcQ618g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIhwToH7USwl2QKx1icyh28retdL5atFTDdfG_990UqSb-ebo9juM3CAvLSOpP1WW3BmWFTsseoOsqiFsdThDYBHpsMS0sF Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mkYXHvf9T_utiY7gcQ618g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIhwToH7USwl2QKx1icyh28retdL5atFTDdfG_990UqSb-ebo9juM3CAvLSOpP1WW3BmWFTsseoOsqiFsdThDYBHpsMS0sF date Tue, 31 Aug 2021 09:10:55 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 2793 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEW1z-wYRvrzkDAmcSwC1MA&google_cver=1&google_push=AYg5qPLyithqEqT2gkpB4aEYAfAH8wSCGvpO4yVDrXbVOzqn-lOCK1La6I9ifMS6710T1cBHJHE... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaVU9YTTctOS01UkU4&google_push=AYg5qPLyithqEqT2gkpB4aEYAfAH8wSCGvpO4yVDrXbVOzqn-lOCK1La6I9ifMS6710T1cBHJHEPqzktZR81_VJKKkD_nUcMlqoU	170 B 188 B	19ms 18ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaVU9YTTctOS01UkU4&google_push=AYg5qPLyithqEqT2gkpB4aEYAfAH8wSCGvpO4yVDrXbVOzqn-lOCK1La6I9ifMS6710T1cBHJHEPqzktZR81_VJKKkD_nUcMlqoU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NaVU9YTTctOS01UkU4&google_push=AYg5qPLyithqEqT2gkpB4aEYAfAH8wSCGvpO4yVDrXbVOzqn-lOCK1La6I9ifMS6710T1cBHJHEPqzktZR81_VJKKkD_nUcMlqoU Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 78e3bdce5107450057bade54d54a0a7e Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 2793 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEL7VJ91yIheGTk3igbViW8w&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31V...	0 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 2793	0 49 B	16ms 15ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LewNWmpzlJV81rdpCbuIbUfRF1KeLiL9cWaWtkU5-wPLKfVipuBl09vJRLBQ4pvL4pq9b2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054631&bpp=1&bdt=295&idt=221&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=lZvrTpa8S8&p=https%3A//office365-login.co.il&dtd=225 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	default.css ad4m.at/0.1.124-320/style/one-ad/ Frame B8C4	58 KB 59 KB	20ms 18ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/0.1.124-320/style/one-ad/default.css Requested by Host: ad4m.at URL: https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880 Request headers Referer https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5524717 cf-polished origSize=59196 x-guploader-uploadid ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 58969 last-modified Mon, 28 Jun 2021 10:31:59 GMT server cloudflare etag "89accb82b2c3f55efa96d3f2495f234d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiFBLcBDLzRKKcJDwrY0FV7j3BY6prWrnNonK8SEfbDMAzXclAV3a8FSbdOyneKPpSBTA%2B%2BTTRZqXOXXee4trkQIfijf7uCH0OVSnnwa5P94%2FMIjLkjmaXoM7r5bXMEGaUSpG1g%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1624876319573767 content-type text/css expires Tue, 28 Jun 2022 10:32:18 GMT cache-control public, max-age=31536000, no-transform x-goog-stored-content-length 6688 accept-ranges bytes cf-ray 687520e3aa614a5b-FRA cf-bgj minify
GET H3-29	200	fxpcopuw.js Show response ad4m.at/ Frame B8C4	36 KB 13 KB	34ms 32ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: ad4m.at URL: https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Tue, 31 Aug 2021 09:10:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 13943 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGr2vaJlz9Yn0XH5%2FnC5SS7rGmZMI0G4PsjqvHNhZg6OLkpYhy0zgS1Mw0WqZPjE57HFpEeduv%2ByFUUiPBfrxXEWaxFEMjET0zKZE1ijKBpQS6i0X31xaaNyHRK6LTwOKCxoVxo%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Tue, 31 Aug 2021 05:18:32 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 687520e3aa634a5b-FRA cf-bgj minify
GET H3-29	200	frame.html Show response ad4m.at/ Frame FB50	2 KB 2 KB	15ms 15ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Tue, 31 Aug 2021 10:10:55 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 562496 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1zhw%2FEcx3LvBjiWLFdcJLN%2BZ05ciX5YxOQ3Opw1C%2Fd8%2BIOuwgRs7cjbwXtZB%2BpintF34TWE8aek4lcLUi6uvAO4FTm1RZWo3M0FjojoXhkm9LrbSj2LpvUieGrvBlSLID2Qsjs%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 687520e3fafb4a5b-FRA content-encoding br
GET H3-29	200	css fonts.googleapis.com/ Frame 48B2	3 KB 578 B	30ms 29ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 31 Aug 2021 08:01:37 GMT server ESF date Tue, 31 Aug 2021 09:10:55 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Aug 2021 09:10:55 GMT
GET H3-29	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 48B2	1 KB 857 B	15ms 13ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:07:43 GMT content-encoding gzip x-content-type-options nosniff age 192 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 830 x-xss-protection 0 server cafe etag 3558876194914413708 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 09:07:43 GMT
POST H3-29	200	rs Show response ad4m.at/ Frame B8C4	1 KB 2 KB	30ms 29ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5eb9853d43a9d9ae751f482adb126b449d0d8388ff3ee804367228df5bf7cc76 Request headers Referer https://ad4m.at/ad/dr?ed=1hth3j6fda5dtf4af7yk1m2mdt570qvy3bk6jbvhwv0p0jccandpak0jeph73fhypzgcn8gsrpybwdfm33pqcw2kcptbkk2c772n7am6csx889q7syr5nv2t7nzfs4etm7vk3e7cdvmvmvqy4yxgtewwbp7pcjfmczafqqbet3s47h42v8ezt6mpqgz9r4xqygaxpe8kngjgx7040k7btf46ak9an9z9kz0m2z6g5jvby0jasr7zd3t4s2d3f05xy7pzbzmwgzqavhtyqebxfn6v2d7yz7842r7821fqvybjy6w1eekahrzgxnvratqmzh5n759rt3qxg64dhc3qdpw59k2b23mcmtpqxf4a7422r7b43nhrp2xst459d5r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%26client%3Dca-pub-5857703812409507%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 687520e44b7c4a5b-FRA date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZS7K3s3GWtSBgND31KEPDrHlqCTMazbITM%2BG4eEZBPwPzmu0Aa43lykCqcFbUN5zDJV3MIxia4x10EU3pYlJRKv4JNFrfysiTR2DRLGE6KZtg1k2hmrrPooP4Y%2FrE6trKFJ5Hs%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-fgph
GET H3-29	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 48B2	18 KB 7 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:06:22 GMT content-encoding gzip x-content-type-options nosniff age 273 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7645 x-xss-protection 0 server cafe etag 13200147268341533873 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 09:06:22 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 48B2	2 KB 1 KB	14ms 12ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:43 GMT content-encoding gzip x-content-type-options nosniff age 12 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 09:10:43 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 48B2	122 KB 37 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:55 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 48B2	14 KB 6 KB	13ms 12ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:09:34 GMT content-encoding gzip x-content-type-options nosniff age 81 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 09:09:34 GMT
GET H3-29	200	bf370751b3c301aa27eddd739f5e1f7e.js Show response www.gstatic.com/mysidia/ Frame 48B2	26 KB 11 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 08:44:01 GMT content-encoding gzip x-content-type-options nosniff age 88014 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10800 x-xss-protection 0 last-modified Tue, 24 Aug 2021 06:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 28 Nov 2021 08:44:01 GMT
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 48B2	0 0	34ms 33ms	Fetch text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CzEL-HvItYZ27Mvu17_UPw_-r-ArpqKfaYuC2xefQDcCNtwEQASDM_N4hYJUCoAHh4-uwAcgBAakCDBNEveTTsz6oAwHIA8MEqgTDAU_QLHPrX5rNPDtR9HSqnzugX-ViFbrfTsdotRWHYDNqfjKorNmRUWgECz2xOcsmHfJvqRAySKS0Gws6PlIYQ9PXI2wHfykUNWojpDMTdmZ8mdGPlqU2jrGpFlBFFMe2_plWsjY3uYn3aVxgXJv1G0LB9K53ceNdApxoItylDoig9ej5t6aPnJ2On8X0iIlZ9bMj5DTQOHuGmR_SEixuzv9H5E-VGtzmS1NRFsQLDJYShxx49twlkHzsYUCFz7TofevZHsAE5crB4roDkgUECAQYAZIFBAgFGASgBlGAB4eclM8CqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBD-nRbSCAkIgOGAEBABGB-ACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNTg1NzcwMzgxMjQwOTUwNxgA&sigh=TrxFc1A6G8Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 31 Aug 2021 09:10:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	rar Show response as.ad4m.at/ad/ Frame 477D	9 KB 4 KB	23ms 22ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31fbb4f81705ae3979a7e0cd95c6e18422d4deb0b4e88a13cd38557313e4b041 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 687520e4af894a97-FRA content-encoding br
GET H3-29	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 250B	143 B 163 B	7ms 6ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software safe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/s?v=r20120211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkU2yzzPVyGQq-3Dx8h_ItSplKntcW-mAeB_vEC8mfbAPvJu3pa7DrqpHdviXs Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Response headers content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 31 Aug 2021 08:57:38 GMT server safe content-length 145 x-xss-protection 0 cache-control public, max-age=3600 age 797 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 48B2	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c4cf96e027e3b73ccbf225c775935b2b38310e1676e3ee6d16f5b2499541d6ce Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 fonts.gstatic.com/s/googlesans/v35/ Frame 48B2	21 KB 21 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://googleads.g.doubleclick.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 22:35:34 GMT x-content-type-options nosniff age 556521 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21660 x-xss-protection 0 last-modified Wed, 11 Aug 2021 00:01:04 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 22:35:34 GMT
GET H3-29	200	4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 fonts.gstatic.com/s/googlesans/v35/ Frame 48B2	21 KB 21 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://googleads.g.doubleclick.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 13:08:26 GMT x-content-type-options nosniff age 244949 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21424 x-xss-protection 0 last-modified Wed, 11 Aug 2021 00:00:52 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 13:08:26 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame D672	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:43 GMT content-encoding gzip x-content-type-options nosniff age 12 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 09:10:43 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D672	122 KB 37 KB	32ms 30ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:55 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame D672	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:09:34 GMT content-encoding gzip x-content-type-options nosniff age 81 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 14 Sep 2021 09:09:34 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame D672	0 0	15ms 14ms	Image text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0P7VmCA4Zb1WPqu0yz7XOB_sru0_5TmK7QSXLn_kyRx5NEM_vqQW7OV-5jR5ciuniESeqdhdjXkTAcycBdkn_bqkDhQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame D672	0 0	32ms 31ms	Fetch text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cza68HvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEtgFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPc-LsaAIZNQBQofGwbSMYgOO4oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU4NTc3MDM4MTI0MDk1MDcYAA&sigh=ClPsKAL6Gq8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 31 Aug 2021 09:10:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame D672	0 0	472ms 470ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1ktnpzp5vpa4hg8zs2qy93wex5fak8ytkmknfzk1jn8193aqq1dx8s56p4711gdg43atxv2k64cytqaffx703q0h5q74e1xt7zgj52a71ss39pdtg8rsc0mp3rms2p7c4bt09ynrdfr93yz2pxb5spd6ctrhx4s7xjsnt9w1cd0mwq76e9nhz8mfsne1mps35g8pxv5p706fc7fpqpatf4dyhnbr4tmqz1v61v003p9ys9gg8z0djx2v5f0sdqjxx5x2rgjdz4pbvhnyxtfkzxj46d7bs51hcysmd74msgdzzdcqtsat0pegg1px9w16jx1bt2397b9ygkngy6s3sznadxr8gskc7g3ncbqpdnkg165kq6j8wewsmmrs7batr5na3183bm&b=YS3yHgANHk0Iu-0xAAEmO8xkvyLnGpOrMuz4aA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google alt-svc clear content-type image/gif
GET H3-29	200	dr Show response ad4m.at/ad/ Frame 11E0	2 KB 2 KB	29ms 28ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f23d847fbb4417b82ede2edeebd05be3822f260d404d9c3d64749b5edb1bd27 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox Request headers :method GET :authority ad4m.at :scheme https :path /ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding report-to {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400} nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"} expires 0 cache-control no-store, no-cache, must-revalidate, proxy-revalidate content-security-policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' referrer-policy same-origin pragma no-cache surrogate-control no-store x-fastcgi-cache BYPASS x-backend-server adsrv-7b12 via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 687520e50cbd4a5b-FRA content-encoding br
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 404D	1 KB 749 B	6ms 6ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 30 Aug 2021 12:12:35 GMT expires Tue, 31 Aug 2021 12:12:35 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 75500 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 477D	64 KB 8 KB	21ms 15ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 1099217 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 18 Aug 2021 15:50:38 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 687520e52ce64a5b-FRA cf-bgj minify
GET H2	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame 477D	18 KB 19 KB	36ms 28ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 129027 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGOTWXKqPcg4m0gzqHljTNyt11Q2RsSOR7Z8CIUkJxRc8NAng8s06WDDPMc%2FJHwsx8cyXde8awXsF1btyc6XGi4nqPiIW8mgTc%2F1hC3iE68nNzzsuezVwC11FzOjXv7La%2Bl91bDIpnZBPXiE"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 687520e5286e4a97-FRA cf-bgj imgq:85,h2pri
GET H2	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame 477D	2 KB 2 KB	27ms 23ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 387556 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktc%2FE4PwixQp8RmHJm%2Bc7mY1%2B5F9JAosBIri0PtMoJPXTxOzT8XcwYb1TpicGIlF7X1g8ITBYGeIQ2Bv%2BFHToZ%2B2SW497vQQVTi4CWKmc37UQfa7vzi64tni9hZ3FnUCAzBKCn2sFc1CaMYh"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 687520e528774a97-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 477D	43 B 703 B	50ms 46ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame 477D	38 KB 39 KB	30ms 27ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 386876 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2B2FFyDtm91ftfPylScUF5hueKDjW8f1P7r4TPIk%2F6rZcy10wfsbVIhSGxK3EUPjFOc0KzlLYqb1gaX671mOJHuWtEh9Jnf9V6MIntyPc13i2cKFvyGLBoOzk%2FLF%2BVFCvvvGyp9D1UNW9Eci"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 687520e528794a97-FRA cf-bgj imgq:85,h2pri
GET H2	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame 477D	113 KB 113 KB	28ms 24ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 390860 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnOZzTfnaGKpgyckRiWX8VvllJudxIGIrm6P7wl1OVKrU1%2Btm7%2B7XV60TD3K70nfI716RxFv%2BQiNzG%2FHpXy%2FvvZwtj9daHIzG5d9I%2FSOTFlNrXgkuBxbSXorJ4QSKm1NMd5QR9FKQEogUFjQ"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 687520e5287b4a97-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 477D	43 B 704 B	54ms 51ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame 477D	8 KB 9 KB	27ms 24ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 394019 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2B96QulTvi4lXuw%2BgCye33IjaKoB2vca%2FLuFKJFiQftFo9DnOKmArjdOnnD%2BEdebMeFNdDEYknQsqFjFD6iEK2E0XtROFjZ1%2FAGRrJafVsrDV4HybY7De8VB4Iy5DCOsGmUPEVpP1Q8IMZeB"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 687520e5287f4a97-FRA cf-bgj imgq:85,h2pri
GET H2	200	FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B assets.ad4m.at/product_image/ Frame 477D	30 KB 30 KB	31ms 28ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 129230 cf-polished qual=85, origFmt=jpeg, origSize=81547 x-guploader-uploadid ADPycdshaSqQ24WpitH9jKkfFmURKTsmZPlBkDLtXQlt5GOx9BOsjNF_GQXRfV_MeQTdXbgICygfEUEbzTCJvQk7pGQTEMd_wQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 30226 last-modified Thu, 09 Apr 2020 08:50:22 GMT server cloudflare etag "f7c8b1c28756e1f042414e043a02e1fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmgzSQJCEg8aPcQwuKozLkme0NGTAqqJEmOts1w8k6frWnT9iJ591D6GFSfCmJzn5OuqMGiCQD9Bsc2r7DSKoDiyDEZ7CvQr4YmuKw6o%2BQRcbKnr5Z5U37e%2BQcRdqI23Q%2FOMxbnbpDiKo9BT"}],"group":"cf-nel","max_age":604800} x-goog-generation 1586422222365290 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 81547 accept-ranges bytes cf-ray 687520e528814a97-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame 477D Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CObch5712vICFbXuuwgdKNIKpw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_5923f640-0a3b-11ec-bfe3-692d0dec5663	0 518 B	34ms 11ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_5923f640-0a3b-11ec-bfe3-692d0dec5663 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=bf295bbbc422070b3fdd5c7f4252d223%2F3001985552633478623&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055378&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D22pd16b3tgbxadgktjp9bxbg0hxtcc7xe8wqgv8fyp1sdraa8r237d74gw107sc4p09c8w0nw8eymgen2n1fjppqbknn819bgvccx6e09vx2yb17znpzwypzy77hgwqpd5w182v9jmx803hg3xvk57w82ppnc0w01sk8p8kg72ezm3mrr2q3gsya4e2fd5xf41j7hmhx5j6nn10yhxt565v6cxqrxt8aygzg3fbqzhq1spcm06q2zbafbhbepm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCx7hUHvItYYG1NcWV9u8PpeiM4AmQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQIME0S95NOzPqgDAaoEuQFP0GXziEPQzuQZWW3LJ8K-DeA3HXsHZNYMz1WsFZ7ZqbsuoIxkYCldysjuWiVDwIsIRlWSnIopnGoLKYNZear_mG5e3_slwo4eGjXz8H9JSbhnE3PX7lWYnX7KmCat68OMacPbQutEhpY5ITxuS-W3h2PJXTFnKJhYhF80hVhb5QpNa6zfjYyjb9Ajq7E4yNFACD9BDvxmxCqSw0-kHPMFibO8qXlTrALOopJGBe3qeinsxqlFJPbnYYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3WVXECPeYLZVeBEqWahnzYMA2sWQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0 Redirect headers Date Tue, 31 Aug 2021 09:10:55 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_5923f640-0a3b-11ec-bfe3-692d0dec5663 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-29	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 250B Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 16 B	41ms 41ms	Document text/html	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software safe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/drt/si pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkU2yzzPVyGQq-3Dx8h_ItSplKntcW-mAeB_vEC8mfbAPvJu3pa7DrqpHdviXs Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 31 Aug 2021 09:10:55 GMT server safe content-length 0 x-xss-protection 0 set-cookie DSID=NO_DATA; expires=Tue, 31-Aug-2021 10:10:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 31 Aug 2021 09:10:55 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Tue, 31 Aug 2021 09:10:55 GMT server safe content-length 246 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response pagead2.googlesyndication.com/bg/ Frame 02A4	35 KB 13 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054605&bpp=25&bdt=269&idt=186&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWuJNQwCtT&p=https%3A//office365-login.co.il&dtd=203 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 29 Aug 2021 13:19:12 GMT content-encoding br x-content-type-options nosniff age 157903 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13381 x-xss-protection 0 last-modified Mon, 23 Aug 2021 08:38:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 29 Aug 2022 13:19:12 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 404D	35 B 210 B	19ms 8ms	Image image/gif	2620:116:800d:21:5a23:9c4e:e774:96c1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMQx8tnYjo300hkO8j83Ux0&google_cver=1&google_push=AYg5qPJkayDkS5mFbXDuC643pOGVOFQUrOPvqkYkqzYpjuCquxTU3Z8D2p6dZDdC4TgHOhuW8YXkY0xpkv5PRwtovBu6qwNpLvY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 strict-transport-security max-age=86400 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 404D Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEKspzYBfn-TSfcKK94wvo0g&google_cver=1&google_push=AYg5qPIFR9Y9BQNlGH8lxMRWNfzqxshbF_1rTSo0w_qAOFDgKp5HNuNaRpBOVJz5zyqsPGPc-wXVSSpoPByak7Me_NOq8FFaLqo https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFR9Y9BQNlGH8lxMRWNfzqxshbF_1rTSo0w_qAOFDgKp5HNuNaRpBOVJz5zyqsPGPc-wXVSSpoPByak7Me_NOq8FFaLqo&google_hm=Q0FFU0VLc3B6WUJmbi1UU2...	170 B 188 B	17ms 16ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFR9Y9BQNlGH8lxMRWNfzqxshbF_1rTSo0w_qAOFDgKp5HNuNaRpBOVJz5zyqsPGPc-wXVSSpoPByak7Me_NOq8FFaLqo&google_hm=Q0FFU0VLc3B6WUJmbi1UU2ZjS0s5NHd2bzBn Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIFR9Y9BQNlGH8lxMRWNfzqxshbF_1rTSo0w_qAOFDgKp5HNuNaRpBOVJz5zyqsPGPc-wXVSSpoPByak7Me_NOq8FFaLqo&google_hm=Q0FFU0VLc3B6WUJmbi1UU2ZjS0s5NHd2bzBn Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 404D Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI0W-_g... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPI0W-_g... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MzEwOTEwNTUwMDAxMjE1NzIwOTg5NA%3D%3D&google_push=AYg5qPI0W-_gT7ydejEZhiuAtCpRzOi3V8VnYEqy3TpOctjKauhuddEXND0AP4IqOWROJB...	170 B 188 B	19ms 16ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MzEwOTEwNTUwMDAxMjE1NzIwOTg5NA%3D%3D&google_push=AYg5qPI0W-_gT7ydejEZhiuAtCpRzOi3V8VnYEqy3TpOctjKauhuddEXND0AP4IqOWROJBfkWuILymS2ufZdSftd1n74jZzAMtg Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA4MzEwOTEwNTUwMDAxMjE1NzIwOTg5NA%3D%3D&google_push=AYg5qPI0W-_gT7ydejEZhiuAtCpRzOi3V8VnYEqy3TpOctjKauhuddEXND0AP4IqOWROJBfkWuILymS2ufZdSftd1n74jZzAMtg pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Tue, 31 Aug 2021 09:10:55 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 404D	43 B 324 B	58ms 16ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEEptKUCSaEeH7BqWaW2wmj0&google_push=AYg5qPJklgaFDOYbIGq3naM5bFAaxiMoixS_ZqB4llP0vE1mCzpSkrWCjZn-fNP-9tORRlSuf3NHdYwW1LzRbUhCi-Mk0nThlA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET		pixel cm.g.doubleclick.net/ Frame 404D Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdL...	0 0
GET H2	200	trk ag.innovid.com/ Frame 404D	43 B 296 B	27ms 18ms	Image image/gif	2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHJm5BaydSwrQGK57Y47cQA&google_cver=1&google_push=AYg5qPI-KL7icJEYGFHd2bmfN_EEtk22g4urB2A3dI8T6HL-KygI0pLQw0QYgbiop2likCekK4lCTbQbjnTu91bPUo6oI1Yz2cs Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT cache-control no-cache content-type image/gif content-length 43 request-time 1 expires -1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 404D Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFT_vBTy8w0PZ3MIJl4Hxik&google_cver=1&google_push=AYg5qPK9T1Nl-6hCrkOUxLr5... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9T1Nl-6hCrkOUxLr55S-_P17QGp0LJnpoLal9k3s8VGVqIA188QxiYHGPahAWqPr1gmI5qRj7ZfREMaC2VUr8TegRIdA&google_hm=	170 B 188 B	18ms 17ms	Image image/png	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9T1Nl-6hCrkOUxLr55S-_P17QGp0LJnpoLal9k3s8VGVqIA188QxiYHGPahAWqPr1gmI5qRj7ZfREMaC2VUr8TegRIdA&google_hm= Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 31 Aug 2021 09:10:55 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK9T1Nl-6hCrkOUxLr55S-_P17QGp0LJnpoLal9k3s8VGVqIA188QxiYHGPahAWqPr1gmI5qRj7ZfREMaC2VUr8TegRIdA&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Mon, 30 Aug 2021 09:10:55 GMT
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 404D	0 12 B	22ms 14ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMOtvaywKRY6fPK6pyWh9HLzSGjA4grmekrTepWsXCBwtctt49x_hXno6qJz5HRe6L8U5x2A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630401054630&bpp=1&bdt=295&idt=205&shv=r20210826&mjsv=m202108300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=5804319126209&frm=20&pv=1&ga_vid=618733851.1630401055&ga_sid=1630401055&ga_hid=186293382&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3446168567480585&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=pKo653rVQi&p=https%3A//office365-login.co.il&dtd=212 Protocol H3-29 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	default.css ad4m.at/0.1.124-320/style/one-ad/ Frame 11E0	58 KB 59 KB	24ms 17ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/0.1.124-320/style/one-ad/default.css Requested by Host: ad4m.at URL: https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880 Request headers Referer https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5524717 cf-polished origSize=59196 x-guploader-uploadid ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 58969 last-modified Mon, 28 Jun 2021 10:31:59 GMT server cloudflare etag "89accb82b2c3f55efa96d3f2495f234d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEP03yVI2TJcKDWB1EX8bic1Rkd3g6drZZTh8YL1GatGTTuI8hICBDgpDTYc%2BLCRyUlapHM5Zb%2BPqKxLgJ4RtJ4HSnsXeeSlGIj10SQMPfzKsl92iNOhqQ4UizjXHQOJhlDl5l4%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1624876319573767 content-type text/css expires Tue, 28 Jun 2022 10:32:18 GMT cache-control public, max-age=31536000, no-transform x-goog-stored-content-length 6688 accept-ranges bytes cf-ray 687520e5adef4a5b-FRA cf-bgj minify
GET H3-29	200	fxpcopuw.js Show response ad4m.at/ Frame 11E0	36 KB 13 KB	32ms 28ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: ad4m.at URL: https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Tue, 31 Aug 2021 09:10:55 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 13943 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um4BOn8deNeCDKThGBaIBa%2BDGQhOdJGOm8KYt62lnDApAAcdQI2pedF420SzWybhrtA9zi%2FBjY%2F%2BBJCvWfDmJboV%2BYHkoEmqprZLalELSNuOf2u46RGeeXlGFwNRUoVHYUei8x8%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Tue, 31 Aug 2021 05:18:32 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 687520e5adf34a5b-FRA cf-bgj minify
GET H3-29	200	frame.html Show response ad4m.at/ Frame 6A30	2 KB 2 KB	15ms 15ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Tue, 31 Aug 2021 10:10:55 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 562496 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FQrDjyFz1FfRQeUWY%2FIRhQtaLSUbl0UXdnJgwRaIWLZ8r6SYHqMojMz650Fbqtn4K1hSqlqgRz74AoHmjVswsuUcwiRnISRRpA%2FSiepSe58Dhd6SLdikgMemkJxksYyiR4yfM8%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 687520e62ed44a5b-FRA content-encoding br
POST H3-29	200	rs Show response ad4m.at/ Frame 11E0	1 KB 2 KB	34ms 34ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03bdffb6fabe6edcced1a8357f3987c4693a692cc11d765b4f503c7bfbd3400e Request headers Referer https://ad4m.at/ad/dr?ed=1kphq0ntr2v5xyrb51652m220jq8mqhwvnq42n9xyq5nxk4httn281cctfsej5hvhjc62c8mp7n6kfr0z7badtf4sgwax1ggd3fjcmjzkgsfwqyd4prp9pfzrhh7vzyn7w7zgwepq1ecvdfsx6vm2qbwn04szbv4wsrkmz852qhcphdbf52m0g3xrjspkmweyfyx7js0c0pmh9s5w4z4480gjfypg17jzvev3xqvvzpsn58g3vd9ef3jv30s5c8y994t32q8csmgf594phhbh5e0b2e83m8aagz5cf25ce1ce94kg94fc3f9c7bqxcxag5pvzp3bcxw367214dwffwye986fjkp3jd9f11p96qb3jfefdm9n732cns3wy80&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%26client%3Dca-pub-5857703812409507%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 687520e65f234a5b-FRA date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foc6MGYfFpnI8S74XszrnOpR9wnd9Jo6C14qv0HzA4dRovWyc3vm6ewkX3Uf2n95cjIEKnrLloRU%2Fm39qbDxIGvcUR3e9gEfbh0QjxYQ2duNM7sVYc5GSjz9wi9MIQAJEP5ixfQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-fgph
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	32ms 28ms	XHR application/json	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210826&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ed7053ae1c806326202e3334bc48ddf233902488b4b6631943cdcc6db6d5870 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Tue, 31 Aug 2021 09:10:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8574 x-xss-protection 0
GET H3-29	200	rar Show response as.ad4m.at/ad/ Frame DAAF	9 KB 4 KB	25ms 24ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 518b452ee06c8a84f4fbe264e66cac5a9f3ea710ec94f41ce2ba15761a625d2d Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 687520e69f924a5b-FRA content-encoding br
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	35ms 34ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:55 GMT
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame DAAF	64 KB 8 KB	19ms 19ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 09:10:55 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 1099217 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 18 Aug 2021 15:50:38 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 687520e6cff14a5b-FRA cf-bgj minify
GET H3-29	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame DAAF	18 KB 19 KB	17ms 17ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 129027 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUetP0dTqtlCMpgMEIg609Fw323zJMOXLu7Heg8TpwvfugnCp8m6Ta6u%2FdNLm0RWdtb6HYd%2FIi8s72kN%2FQzKm8jCn7ki937%2B6NlchDC2iF96mOQEhzk3O8jF4CJN5jBhNLK74bEa0QawOAsG"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 687520e6cff24a5b-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame DAAF	2 KB 2 KB	17ms 15ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 387556 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3JHILvzIChpgIic0916Y6Q4qAs4I4wQU%2Fu1NNsqgVK%2Bun3FblcOsBZU3M3srvQSksHgNye%2FAAiPGSZVgBYZYpvFbMIx0qtchrYnVCIkxJ4jK5dK1N09f6m3ietPkPYf0zpO6xFYbUkQMo2K"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 687520e6cffa4a5b-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame DAAF	43 B 703 B	54ms 51ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H3-29	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame DAAF	38 KB 39 KB	17ms 15ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 386876 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gp1yuzLHCKIAgYPEUrKo6ZHl%2BBGJHDT2I3eKIgu2oHHQ%2FMLke3QrFiTUJqqMSpoaysOzd0hCYsDbJtgD9bGcxGK80wrjhywuDDsmh9vseIlx6pYRQXHIbE2GyiNyYPegNjGpGMlN8q%2BcBsQ"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 687520e6cffd4a5b-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame DAAF	113 KB 114 KB	22ms 20ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 390860 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLNQx6p5sf06e3wQPnAIVbb56dZ1sVXziy5ix%2Fkcgh8UKJhZjhao%2B%2FQ6zi6ONkFEyJbxGOVpC1zr%2F8t%2FbR%2Fw6%2FiyyQLFBKic2Cla7iFo24RVD5cfv8BruC%2FxYk%2Bzth1VxDmJ9fuA7nBUdgfo"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 687520e6cffe4a5b-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame DAAF	43 B 704 B	55ms 53ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H3-29	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame DAAF	8 KB 9 KB	18ms 16ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 394019 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPXwUovgrr2wsx9gYEpTTHaadFma79jxzMNWc%2BOQhrRpmagfbFOWj1Y9Ws5MR0hHiL%2BNe5VXQBMdI2e14BHyMeJ2aDaeXO4sskjPVdZlZkJ%2FrxixVLflQ9ksG0QpHp8M0a8UW384uX7bnmdi"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 687520e6c8004a5b-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485 assets.ad4m.at/ Frame DAAF	35 KB 36 KB	25ms 23ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A== date Tue, 31 Aug 2021 09:10:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 482287 cf-polished qual=85, origFmt=jpeg, origSize=40264 x-guploader-uploadid ADPycdshetqKJwndrHOH-lFCXPqJhWewdUcIkQfLaob_OeIRhD69yNjft6_UWg4G8QIF6IJwHcgiACP4KXnOYTeFqnE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 35504 last-modified Wed, 19 Feb 2020 17:37:15 GMT server cloudflare etag "9eb405de815dd9d9e1f1e47322ddf6dc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PF3OCq%2FY8bSCfupgtwHMNYlLuWTWaNteagpm%2F8wK57B2bh9Nq8X4QaEQB%2By7SctOXFsgwUs5jpRvWuaA6qRpybtbn09VKESk2f76AVlb%2F%2F8pI2IHYNlUcegm7q7CCk4a0UbAhQMD8YvUU33"}],"group":"cf-nel","max_age":604800} x-goog-generation 1582133835673152 content-type image/webp expires Wed, 01 Sep 2021 09:10:55 GMT cache-control public, max-age=86400 x-goog-stored-content-length 40264 accept-ranges bytes cf-ray 687520e6c8024a5b-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame DAAF Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CMHfl5712vICFdnyuwgd3vEBXQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_594783d0-0a3b-11ec-a5ea-692d04ef6a29	0 517 B	13ms 11ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_594783d0-0a3b-11ec-a5ea-692d04ef6a29 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=&g=9bdac7688801e4ea22b68142e0c508f9%2F13461755580892183827&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630401055706&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D2310grb40c0bb1xqp9mh78rqcg998m2t2j4pzwjnew6medty5mr3m5dnr9haf9gb3c96yq1js2yv3a9nk066xzgrp26mp44q0ddj99mgppxpdbndmb4n6c6ycbfmhb3x7z7bgy6jhd34j3z6jzrvrfdc0cerd07brzewzbh2zr3407z3qmcv9zjejfp0rgcj6gew1gf3pq1mg8phb4b0ac1n11hfxv4ee8hra1g588kw4mrp1ks9ntgynr7103r%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5ktaHvItYc28NLHa7_UPu8yEgA-Q4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTU4NTc3MDM4MTI0MDk1MDegAcKu6N0DyAEJqQLSn7dTftSzPqgDAaoEuQFP0Cxig865741xT0IjKLkVyg1dkSOTSgRnpMRxFKP2rLYEmnRyfGLCfQakwRQxi74XYPDxITmjNVFNOBbHABnqBOY-A5NUz2jAV6xU1ewfR_78sc_rd3PyWPA6WV2Ntlp7u00o5iMlbIZtkjW9RiA4YclDd5MIAVxdwTwkZmsuOt6Bofii2eQ_7GkThHY_8T0ARqbFJ_jIgemdIKMTl1NyicYOPY2JvDLfsVNBigCOV27F8PG39m1P9oAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0Ov2LFLgwvodyn35YzqrpNZjPqMQ%2526client%253Dca-pub-5857703812409507%2526adurl%253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Aug 2021 09:10:55 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 0 Redirect headers Date Tue, 31 Aug 2021 09:10:55 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630401055_594783d0-0a3b-11ec-a5ea-692d04ef6a29 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3B2D	12 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Tue, 31 Aug 2021 09:08:08 GMT expires Wed, 31 Aug 2022 09:08:08 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 167 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame B76F	783 B 539 B	17ms 16ms	Document text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6ecd7a13e32df5959faab2b6b4df0f9b4040d0ccd18d30d191e9ed54bcbc2bb1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-W4aZoib3gMpPBG8SpQmz4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 31 Aug 2021 09:10:55 GMT date Tue, 31 Aug 2021 09:10:55 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-W4aZoib3gMpPBG8SpQmz4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response pagead2.googlesyndication.com/bg/ Frame 3B2D	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 29 Aug 2021 13:19:12 GMT content-encoding br x-content-type-options nosniff age 157903 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13381 x-xss-protection 0 last-modified Mon, 23 Aug 2021 08:38:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 29 Aug 2022 13:19:12 GMT
GET H3-29	204	sodar pagead2.googlesyndication.com/pagead/	0 0	96ms 96ms	Image text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210826&jk=3446168567480585&bg=!tbaltvLNAAZOkH6FTpA7ACkAdvg8WvCgTjKwm-Z3jjbfrvGNth5VUjsU_MuYEzU45mNVXz6ph2dxLAIAAABdUgAAAAxoAQcKAEjp0uDG8OVaSfRPGPoOFKh0RT8Y2BAhew1N8COYnhCB3BUxFocaWGFF3eQEo4f0Khqj6gZLRBmmdgAqiqYPgF2DMzqgllKqY8GZAnmL8VdxRIMGj5l85Ni8MJSLI-QHhzGMjK-KoxNbUHHa4asSL7Bkg3jQUXOe0X98Y6PqYswSCut1zlXFtnaEXOlMNfD7jLb9hqf2AhKWX1FNLykIY6Nk5FwYIEvIDty5cGfxceCxc-D-7uqMzzDEXTzTKZ8OGMpA3oWxHfkqO3DlKsQRzUKdzWRQsJwBRCbNAy-eq4ZUilHkTzOyu9hBf5ZKlR7y4vK6se5A0X_IBlV4iTgHnRqR0ucfAgggCaiExIuOI4hNQgnom9u9o1q5eXS2a8oIIFNVYrG0kiG2Aimbnf290jDKP5paoss3lVLC1qPTkQSJ3upEMlFkgbC_Z8cxvuoHr-fEgefsZCkuOy2w7xaoWDmmYJg0Y5JiN029AtIW4Evb5MW25T_7f52ud5b43x1ycjCad8IGt-UYKH0URNNnsLj05s0XyZVu1JaKN02wS7JJpaYbPlm7Qv_LAAI9PJkIUPa8PzOgNK8WDEI5zP9Wi8xJj_rXKj77u0Dp2CfLVWY_KwUpHTX7eWeG4MBAVRZ7IIScP47CxgLlLC1YKB17Craxo1CBJW3XOacuqK7DephUaSTfd6uP5XTqVSZppPEb1B47J90EOCEm2bKwH8Jl0DXZsaPPq3fAUL-8mwl_YG1bSFRECp4ABH-OQgyDGCavf58zVu5UOBWb_csYTe0vFElNFBOQV24BpTpP1mC9a8ulLlEvz2-I6lngiBg-BXn9FmUY2M3ZReiQIHhMlk7PVFvzbPtvwiewihadVOWBD-0jL43WMRxWciZcu9emc1K0D-Qwd-2UVkmJ-Lmt3irZ2GlA_LthQ5SyT1bdUP8plCwNAyR42EA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://office365-login.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 48B2	42 B 64 B	31ms 31ms	Fetch image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBWFK1tNKlXsvupAyWKH0RApQSqmIQ_tjlidxGTaRczpxJAo3Qlrmu7VIe394Z_OeJuQuFY69hcjBCvGpVVLGZY40WioBENPJ9jwqy3RZujh8_s6N9ImliJDzO7Q&sai=AMfl-YQ_WniU_D6FAZK9OkYN4E7ODFbhLGUinBy6BimHs13JEeCJlzJbqLMBR6xdvmVNYJbg17AzoZuD-Ozf&sig=Cg0ArKJSzFKS7tYLZfO0EAE&id=lidar2&mcvt=1000&p=198,650,448,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=614257545&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630401054809&rpt=739&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 31 Aug 2021 09:10:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.html Show response ws.sharethis.com/secure/ Frame 4AD8	7 KB 2 KB	12ms 12ms	Document text/html	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws.sharethis.com/secure/index.html Requested by Host: ws.sharethis.com URL: https://ws.sharethis.com/button/async-buttons.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720 Request headers :method GET :authority ws.sharethis.com :scheme https :path /secure/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://office365-login.co.il/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://office365-login.co.il/ Response headers content-type text/html content-length 2089 content-encoding gzip last-modified Thu, 11 Feb 2021 17:57:38 GMT server nginx/1.16.1 x-robots-tag noindex, nofollow date Mon, 30 Aug 2021 23:13:58 GMT etag W/"60257012-1ade" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id zpN1h03Atsw-xBg8xeODUfLCK0VUkyhs-hAu2SqQe1vwuVaVh_v0Xg== age 35818
GET H2	200	st.a9c2f47cfbd1f141fb724cef861110d7.js Show response ws.sharethis.com/secure/js/ Frame 4AD8	88 KB 23 KB	13ms 13ms	Script application/javascript	2600:9000:2190:3600:3:c04e:c780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws.sharethis.com/secure/js/st.a9c2f47cfbd1f141fb724cef861110d7.js Requested by Host: ws.sharethis.com URL: https://ws.sharethis.com/secure/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:3600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847 Request headers Referer https://ws.sharethis.com/secure/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 28 Jun 2021 16:36:52 GMT content-encoding gzip server nginx/1.16.1 age 5502844 etag W/"60257012-15e0f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 x-robots-tag noindex, nofollow content-length 23428 x-amz-cf-id kRY5gtst3qhca6UD6m7xYGdRS2RO3yOaIGNEob8xgndrYsFMJ_rGUQ== expires Tue, 28 Jun 2022 16:36:52 GMT
POST H3-29	200	log_event Show response www.youtube.com/youtubei/v1/ Frame F627	28 B 54 B	21ms 21ms	XHR application/json	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/7FxIRqhRa3w X-YouTube-Client-Version 1.20210829.0.0 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgtLTll1VE8xSDBDVSie5LeJBg%3D%3D X-YouTube-Ad-Signals dt=1630401054929&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C253&vis=1&wgl=true&ca_type=image&bid=ANyPxKrxF24LaMpMaf-JBrKHxuCmDVR_gA90xD3GqhaMwu7LcC1GqYFMwrhgjx6eEvkhap9TNqanKg-5yrAjj00atjHK4AXmhA Response headers date Tue, 31 Aug 2021 09:10:57 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Tue, 31 Aug 2021 09:10:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_push=AYg5qPKBI-EeQDZYtv8bkeChqPumd8al5kyuJuvCdkEqzI8E0QOmHP-3hpMCcxfe3j8CfsTNnufT8nxL4drrY2B31Vu9BR_YWxhf&google_cver=1&google_gid=CAESEL7VJ91yIheGTk3igbViW8w

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS3yH01KAy2hhiiENCox1QAABIkAAAIB&google_cver=1&google_push=AYg5qPJmi8GLxDPTZH1EwOv7pf486_wqX07M43oW61nnuK2cyx7kYQhxxyN_MbZOwrQKvBYRgPdLveb6vtVIu-DzNy2N6R_bztM&google_gid=CAESEBWfqCtb7vlX8U55Gc_P6fQ