vvd.bz Open in urlscan Pro
115.68.66.71  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 49

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE5sGx2VSMr7_1M-GR87eu4&google_cver=1&google_push=AXcoOmQk3iZj7_ZUYWh2n8xjY2fYXTzWkSskSuG_R8CX8YdnxJDPpFhQgA-vgSUR9oOnRllOBH7HkYTYFUGNDtgo4Hw1rt_BBFZUqM0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU0NTY2MjE2ODI1MDAzMDY1MA==&gdpr=&gdpr_consent=&process_consent=T HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE5sGx2VSMr7_1M-GR87eu4&google_cver=1

Request Chain 50

• https://um.simpli.fi/gp_match?google_gid=CAESENWvrY8OrNBJ1MUdgrimVvs&google_cver=1&google_push=AXcoOmQ7qUUDc79ljx-TBujtKIxtcP54MwFwdxwnVaqi2B8YhwiGn2M_P3Mm9AOiEv0bfaR1jqb9VOkE25fNG3Uj4T3Qb3eNvhxble0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CC21A55C424D74A7E42C8879A05DD7&google_push=AXcoOmQ7qUUDc79ljx-TBujtKIxtcP54MwFwdxwnVaqi2B8YhwiGn2M_P3Mm9AOiEv0bfaR1jqb9VOkE25fNG3Uj4T3Qb3eNvhxble0

Request Chain 51

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEID3eKrSi1EYuvkwdwBx2-8&google_cver=1&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAEYL2HZSfm-M0 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEID3eKrSi1EYuvkwdwBx2-8&google_cver=1&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAEYL2HZSfm-M0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAEYL2HZSfm-M0&google_hm=ejmGfkCfT9SXySwXHivPng==

Request Chain 52

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENWgUphC-wfIVlCEGof2-HA&google_cver=1&google_push=AXcoOmTWKDzMAg88GFgJ1qF9mdAbWGFOjBferrB3Mz7DlOPett2kU3zXTFbsWo7DpSD_p3ldLBD3-Ft7dbuMM-9Wn7gucTOLUtuBnZM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWKDzMAg88GFgJ1qF9mdAbWGFOjBferrB3Mz7DlOPett2kU3zXTFbsWo7DpSD_p3ldLBD3-Ft7dbuMM-9Wn7gucTOLUtuBnZM&google_hm=eS1HOWRJZmlGRTJwR05YelZkQ2txSkFrZVZQR01NdWlsMn5B

Request Chain 54

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMOp_oIJk5bE_oJikSyzfq0&google_cver=1&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWepNB5Zgh7uRJK-ROYtKXhFuB6U HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMOp_oIJk5bE_oJikSyzfq0&google_cver=1&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWepNB5Zgh7uRJK-ROYtKXhFuB6U HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA0ODk3MTY5OTg2MzE4OTI2NA&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWepNB5Zgh7uRJK-ROYtKXhFuB6U

Request Chain 55

• https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEPeLbGsOrB13PVQnLsgpCVE&google_cver=1&google_push=AXcoOmSkr656GGUPNu2AQkAJFls-hKnniKC191539kLha7plW0rLLnk92lSdgjtc3NSdTxIXPtwInqGRbPoswprM5bOnzkEl6Eikftvy HTTP 302
• https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEPeLbGsOrB13PVQnLsgpCVE&google_cver=1&google_push=AXcoOmSkr656GGUPNu2AQkAJFls-hKnniKC191539kLha7plW0rLLnk92lSdgjtc3NSdTxIXPtwInqGRbPoswprM5bOnzkEl6Eikftvy

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request dDOo Show response vvd.bz/	13 KB 5 KB	1328ms 336ms	Document text/html	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash e146c13282e1c03a70a0eba3e81d85390c3ab519d581746c9ef1d22064ed6fdd Security Headers Name Value Content-Security-Policy frame-ancestors * Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers accept-ch Sec-CH-UA-Model content-encoding gzip content-language en content-security-policy frame-ancestors * content-type text/html;charset=UTF-8 date Thu, 07 Mar 2024 13:35:24 GMT permissions-policy ch-ua-model=(self "https://vvd.bz") referrer-policy unsafe-url strict-transport-security max-age=31536000; includeSubdomains; preload vary Accept-Encoding origin,access-control-request-method,access-control-request-headers,accept-encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	mdb.min.css cdn.vivoldi.com/common/template/mdb/7.1.0/css/	484 KB 66 KB	1578ms 585ms	Stylesheet text/css	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/template/mdb/7.1.0/css/mdb.min.css Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 1b503a56fc05d43a0e509d79046fdbeaf299f2474ce53cb552857bc2b8ddef33 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	default.min.css cdn.vivoldi.com/common/css/	13 KB 3 KB	1866ms 874ms	Stylesheet text/css	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/css/default.min.css?ver=202312072 Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 9b55c19b1d0f6961dca18f322b53afd40d84c5e2c7d4c00664a3ee92e8006a80 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	ko.min.js Show response cdn.vivoldi.com/common/js/i18n/	1 KB 1008 B	2096ms 1104ms	Script application/javascript	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/js/i18n/ko.min.js?ver=202402131 Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 8956b1f2bd68be5aecabcd1e73f7d4825244226235e59667245c0539bb5e9975 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	jquery-3.7.1.min.js Show response cdn.vivoldi.com/common/js/	85 KB 30 KB	2096ms 1104ms	Script application/javascript	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/js/jquery-3.7.1.min.js Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	mdb.umd.min.js Show response cdn.vivoldi.com/common/template/mdb/7.1.0/js/	632 KB 178 KB	2095ms 1104ms	Script application/javascript	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/template/mdb/7.1.0/js/mdb.umd.min.js Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 218e91a3cde77fb8955534d018e1fa404e756c6fb19f5bca67f6ae6f874798a6 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	vivoldi.lib.min.js Show response cdn.vivoldi.com/common/js/	17 KB 5 KB	2095ms 1104ms	Script application/javascript	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/js/vivoldi.lib.min.js?ver=202402131 Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash ef171a448a0d2095c3ba64d87a3a86a3e3165d32ce26b6ad98f8c9fe1ec6a276 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	solid.min.js Show response cdn.vivoldi.com/common/plugin/font-awesome/6.5.1/js/	2 MB 645 KB	1885ms 894ms	Script application/javascript	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/plugin/font-awesome/6.5.1/js/solid.min.js Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 12aa860c6426e84fafb1481b4de824ae1c2e929850a80be096a736bfbec7d541 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	fontawesome.min.js Show response cdn.vivoldi.com/common/plugin/font-awesome/6.5.1/js/	56 KB 16 KB	2094ms 1104ms	Script application/javascript	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Full URL https://cdn.vivoldi.com/common/plugin/font-awesome/6.5.1/js/fontawesome.min.js Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 015dd1b789a4bb67a782e3deff4eb4e8119941022d948354e2066fc17cfaa49b Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers expires Fri, 07 Mar 2025 13:35:26 GMT date Thu, 07 Mar 2024 13:35:26 GMT content-encoding gzip vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,POST,DELETE,PATCH,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000, public access-control-allow-credentials true access-control-max-age 1728000 access-control-allow-headers * x-proxy-cache HIT
GET H2	200	logo.48x48.png cdn.vivoldi.com/image/logo/	19 KB 19 KB	761ms 760ms	Image image/png	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.vivoldi.com/image/logo/logo.48x48.png Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 3fa7ea49fc42632674c2ba180ef5370a7dff0d00f972f5136c9556e984ed2325 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-origin * date Thu, 07 Mar 2024 13:35:27 GMT cache-control max-age=31536000, public x-proxy-cache HIT expires Fri, 07 Mar 2025 13:35:27 GMT content-type image/png
GET H2	200	pic.denied.600.webp cdn.vivoldi.com/image/picture/	33 KB 33 KB	761ms 760ms	Image image/webp	115.68.66.71 SMILESERV-AS-KR S...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.vivoldi.com/image/picture/pic.denied.600.webp?ver=202401193 Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 115.68.66.71 , Korea, Republic Of, ASN38700 (SMILESERV-AS-KR SMILESERV, KR), Reverse DNS mail.vivoldi.com Software / Resource Hash 355784ee0e75cc9105f3f2b370f61f2b450a3124c2c9416be2dd8ae5fe97d3b7 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers access-control-allow-origin * date Thu, 07 Mar 2024 13:35:27 GMT cache-control max-age=31536000, public x-proxy-cache HIT expires Fri, 07 Mar 2025 13:35:27 GMT content-type image/webp
GET H2	200	js Show response www.googletagmanager.com/gtag/	252 KB 88 KB	378ms 147ms	Script application/javascript	142.250.185.168 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CDPWVDT08E Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.168 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f8.1e100.net Software Google Tag Manager / Resource Hash 330abe265d49f9612295ae83644d9431da260caf380eeb09971502c470e8890d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:28 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89374 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 07 Mar 2024 13:35:28 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 50 KB	391ms 158ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3311950788580475 Requested by Host: vvd.bz URL: https://vvd.bz/dDOo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 431cb9f2e4efabedce5c7d3391e1e5d0082e95234843a6b6a84199254b1f50ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo Origin https://vvd.bz accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:28 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51183 x-xss-protection 0 server cafe etag 13153476732105324190 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Thu, 07 Mar 2024 13:35:28 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/	405 KB 137 KB	402ms 175ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_fy2021.js?bust=31081641 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3311950788580475 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 78ec6274adb50d4291469a06ea81ae9315b3a35496f5ae62d9500dda4782dd79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:28 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140581 x-xss-protection 0 server cafe etag 11900847482959729016 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 07 Mar 2024 13:35:28 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 906F	9 KB 4 KB	343ms 112ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3311950788580475 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers age 22802 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4155 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 07:15:26 GMT etag 5035419970550746386 expires Thu, 21 Mar 2024 07:15:26 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect www.google-analytics.com/g/	0 248 B	356ms 120ms	Ping text/plain	172.217.16.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-CDPWVDT08E&gtm=45je4340v886240108za220&_p=1709818528030&gcd=13l3l3l3l1&npa=0&dma=0&cid=1517971139.1709818529&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709818528&sct=1&seg=0&dl=https%3A%2F%2Fvvd.bz%2FdDOo&dt=NO%20TITLE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4863 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CDPWVDT08E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s08-in-f206.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 13:35:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://vvd.bz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 189A	7 KB 935 B	294ms 294ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3311950788580475&output=html&adk=1812271804&adf=3025194257&lmt=1709818529&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fvvd.bz%2FdDOo&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818528537&bpp=11&bdt=3455&idt=664&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2703500514547&frm=20&pv=2&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=677 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_fy2021.js?bust=31081641 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 9a71317fc491c8bb88fbcd8140ed44b984037971ce9810524ec387c94c81ae92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 735 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 13:35:29 GMT expires Thu, 07 Mar 2024 13:35:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ca-pub-3311950788580475 Show response fundingchoicesmessages.google.com/i/	182 KB 61 KB	383ms 148ms	Script application/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-3311950788580475?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_fy2021.js?bust=31081641 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash aea7eb0e5692bc225a2b5d260e88972136f1d63e904973bac08260e557775706 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-VDDi7BPp6_6nWhGK9Au36w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:29 GMT content-security-policy script-src 'report-sample' 'nonce-VDDi7BPp6_6nWhGK9Au36w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi4VjYunw9m8CN_WsmMgMAi0cxdw" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	slotcar_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/	91 KB 32 KB	156ms 155ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/slotcar_library_fy2021.js?bust=31081641 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3311950788580475 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 61d0adcd5de6c8a64a1ab84dd2c2a4f0ff5c8f9bad7deaf6ba23a8238fd5ab00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32379 x-xss-protection 0 server cafe etag 2425196660148804691 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 07 Mar 2024 13:35:29 GMT
POST H2	204	ping pagead2.googlesyndication.com/pagead/	0 0	144ms 143ms	Fetch text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3311950788580475 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software / Resource Hash Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	AGSKWxUs9hcUfKZHzB9egx7e-71qW9taUBoMlK2Scl78GzsGPT0CU5mPljK80med9dUzaY_0suS-bOw19FbhJ58PsOEpsRi0ezZaRgMRszIinr8JApIrnvRcztrHpvnxmiFOPAE-JzI2VA== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	144ms 143ms	Script application/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUs9hcUfKZHzB9egx7e-71qW9taUBoMlK2Scl78GzsGPT0CU5mPljK80med9dUzaY_0suS-bOw19FbhJ58PsOEpsRi0ezZaRgMRszIinr8JApIrnvRcztrHpvnxmiFOPAE-JzI2VA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODE4NTMwLDI4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3Z2ZC5iei9kRE9vIixudWxsLFtbOCwiRjg4WGJocUxvalEiXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash d0d045fdf0e807da1e6bb91ae72141dd1989d02ca87cb9ac81a88304bec243a9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-swxehZSsxNTrmdVc73O8Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:30 GMT content-security-policy script-src 'report-sample' 'nonce-swxehZSsxNTrmdVc73O8Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi5ljUunw9m0BH9xQTAFdlMHs" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxXc6vAtjnGqg_WcfT4Ky98N_Pgj2ZlJ6_9setb8yjxqtyc-MEq5jSi33p_HquKWI9g70iAY5E-FN97Q-GUXspHcO2IHgZSZgAr2X-2n9CAJt4KcGbS2uKY7HhGphm4xzTloqHfKZw== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	151ms 150ms	Script application/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXc6vAtjnGqg_WcfT4Ky98N_Pgj2ZlJ6_9setb8yjxqtyc-MEq5jSi33p_HquKWI9g70iAY5E-FN97Q-GUXspHcO2IHgZSZgAr2X-2n9CAJt4KcGbS2uKY7HhGphm4xzTloqHfKZw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODE4NTMwLDE3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdnZkLmJ6L2RET28iLG51bGwsW1s4LCJGODhYYmhxTG9qUSJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash 5fdcba08dec524b0673495dd854a2c9e3b119a8cd1bb7e44d5258ba812b44e08 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-RaizfIPC-vu1etS6GVp9KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:30 GMT content-security-policy script-src 'report-sample' 'nonce-RaizfIPC-vu1etS6GVp9KQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonj60smCSBWA-IdPh4sfOums6oAseb66ayBQBzzfDprChA7pc9gDQBin_oZrFFA3HrzHOtkIBbi5ljUunw9m8CFY_vqAFpJMXM" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 41B8	122 KB 42 KB	1122ms 1121ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_fy2021.js?bust=31081641 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash f6910dfd68e69136e61be70be7112cbd7a83e2533f8510de32a9c7ec5dc25514 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 42648 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 13:35:31 GMT expires Thu, 07 Mar 2024 13:35:31 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	159ms 158ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_fy2021.js?bust=31081641 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 8fdf77261c434fa4cdefd3acdfe0242e1df942d88568be63eb7e9b40895b4a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12173 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	383ms 150ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403050101/show_ads_impl_fy2021.js?bust=31081641 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 07 Mar 2024 13:35:30 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame D41E	13 KB 5 KB	113ms 112ms	Document text/html	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers accept-ranges bytes age 9757 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 10:52:53 GMT expires Fri, 07 Mar 2025 10:52:53 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 1878	829 B 1 KB	361ms 125ms	Document text/html	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software GSE / Resource Hash 00cf595beb731bf43e6f928eba48d34d790f54cbb15d1b287863f13e409bc8b2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aQOydxA9cLZGBZt79TuAaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://vvd.bz/dDOo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-aQOydxA9cLZGBZt79TuAaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 13:35:31 GMT expires Thu, 07 Mar 2024 13:35:31 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	adsfix..php Show response fundingchoicesmessages.google.com/f/AGSKWxV-dzr4jXrbHAsCmgb8PEREsPk5WAV27k5KCG-sSfZfYcnDJyqdSN9-H9_ueYzSPuPcVeXi8bFQxSJqGzE7F8IPzd1rw-bdl-VJl7d3ftkM2zAgl5DZzKz-qkME_uzhmRCTxg9vf1oOa26MGWNBgPH7rJsUg...	54 B 110 B	127ms 126ms	Script application/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV-dzr4jXrbHAsCmgb8PEREsPk5WAV27k5KCG-sSfZfYcnDJyqdSN9-H9_ueYzSPuPcVeXi8bFQxSJqGzE7F8IPzd1rw-bdl-VJl7d3ftkM2zAgl5DZzKz-qkME_uzhmRCTxg9vf1oOa26MGWNBgPH7rJsUg0MQD-HbGviPniXQt1Z9tnWZxlAT5Pgs/_/googleadright./advPop.-advert_August./adsfix..php?adsid= Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx_WDxI7ImNSY8mazvOH5aCRAMyQg/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash f448f1c437ec21faba99452dfdcdd8abccaab68c9ce4906e803f5cdc772594b5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FIi9YDnJuzJZa2Bd13t6ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy script-src 'report-sample' 'nonce-FIi9YDnJuzJZa2Bd13t6ZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtHikmLw0ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ4-tLJgkgVgPiHT4eLHzrprOqALHm-umsgUAc83w6awoQO6XPYA0AYp_6GaxRQNx68xzrZCAW4uZY3Lp8PZvAin9TGAG8-zX0" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	30 KB 11 KB	113ms 113ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx_WDxI7ImNSY8mazvOH5aCRAMyQg/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 90e89f2727c94c302d09656e021dc280a25db38061c9188de704843fcc7549bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:28:35 GMT content-encoding br x-content-type-options nosniff age 415 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11522 x-xss-protection 0 server cafe etag 4248852404593429525 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Thu, 07 Mar 2024 14:28:35 GMT
POST H3	204	AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Show response fundingchoicesmessages.google.com/el/	0 29 B	363ms 133ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mxxzZyupdthDPSOnk2G--A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mxxzZyupdthDPSOnk2G--A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNsbh1-Xo2gQeXrxQAAHiNEUs" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://vvd.bz access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response pagead2.googlesyndication.com/bg/ Frame D41E	39 KB 15 KB	113ms 113ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 10:34:55 GMT content-encoding br x-content-type-options nosniff age 10836 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15541 x-xss-protection 0 last-modified Mon, 04 Mar 2024 15:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 07 Mar 2025 10:34:55 GMT
POST H3	204	AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Show response fundingchoicesmessages.google.com/el/	0 29 B	246ms 138ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-DP0OzEyr8a56UVqxU6T4zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy script-src 'report-sample' 'nonce-DP0OzEyr8a56UVqxU6T4zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw15BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNsbh1-Xo2gYb9ncUAd9MQmA" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://vvd.bz content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Show response fundingchoicesmessages.google.com/el/	0 29 B	242ms 139ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1PW24V8BXVm-hc24pLPzUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy script-src 'report-sample' 'nonce-1PW24V8BXVm-hc24pLPzUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNsbh1-Xo2gRUP9pQAAHd7EQs" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://vvd.bz content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Show response fundingchoicesmessages.google.com/el/	0 29 B	267ms 165ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-KGu-SVV1Mrvcadrq3y27uA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy script-src 'report-sample' 'nonce-KGu-SVV1Mrvcadrq3y27uA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsbh1-Xo2gRUPXzcwAgCJDxFI" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://vvd.bz access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxXrJ10hjO4d9rvFQWvZ9nlTfJUxjrrYdzY9D6RLEVKvch8EJ7EtLORZfI5jlDr9aZrt5QEuMJ1nE4bRZlBl0SNx9Ucxl9hG1ZHliqwO0gBw1OayWZdFp78hUYT7K8dUeaFeEzQXWA== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	144ms 144ms	Script application/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXrJ10hjO4d9rvFQWvZ9nlTfJUxjrrYdzY9D6RLEVKvch8EJ7EtLORZfI5jlDr9aZrt5QEuMJ1nE4bRZlBl0SNx9Ucxl9hG1ZHliqwO0gBw1OayWZdFp78hUYT7K8dUeaFeEzQXWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5ODE4NTMxLDY2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL3Z2ZC5iei9kRE9vIixudWxsLFtbOCwiRjg4WGJocUxvalEiXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash 6f2581c3afce7ed20ae26cc5d326fa01f61f2da947c3b3e73a98d147340df907 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-w4OlnfDpE8rFAD5psW60Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy script-src 'report-sample' 'nonce-w4OlnfDpE8rFAD5psW60Bg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtHikmJw1pBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ4-tLJgkgVgPiHT4eLHzrprOqALHm-umsgUAc83w6awoQO6XPYA0AYp_6GaxRQNx68xzrZCAW4uZY3Lp8PZvAgc4uDwC4uDXN" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame D41E	0 10 B	113ms 113ms	Image text/plain	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?QkV0eQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:31 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H3	204	AGSKWxVXtMZyPtNlyw3rTNkpNV1OG2Sh7rwIi7zxALfdPwSJw_GkD2bzetDRrNE_aSgy32AsX6XCQrQmBVnCdNhxYg7CAnH5mxdB1_gyzZLIUdrw-Be6zHsLGBr6rqyxvg6aA3hpQeoaRw== Show response fundingchoicesmessages.google.com/el/	0 29 B	130ms 129ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVXtMZyPtNlyw3rTNkpNV1OG2Sh7rwIi7zxALfdPwSJw_GkD2bzetDRrNE_aSgy32AsX6XCQrQmBVnCdNhxYg7CAnH5mxdB1_gyzZLIUdrw-Be6zHsLGBr6rqyxvg6aA3hpQeoaRw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A_Gc1m9uh6YYQKnvsxp1YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-A_Gc1m9uh6YYQKnvsxp1YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsbh1-Xo2gR1nfrUxAgCJFhFX" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://vvd.bz content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Show response fundingchoicesmessages.google.com/el/	0 29 B	135ms 134ms	XHR text/html	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUMcS-6mU8D7Y6fsKSGyGZtDkhYVcrfTgu8gsYmeT_-AiKxx3Cr8ebZAkQhRj70d2QN_FPoVoGiACAiAmnjqJv3P5tHwJ5UT_EbL0hlx3dh29imhOeHRhmewPGKLEQVX4E4o7NJ6g== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0b0ecij0OZJEakAfF_qw_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://vvd.bz/dDOo accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type text/plain Response headers date Thu, 07 Mar 2024 13:35:31 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0b0ecij0OZJEakAfF_qw_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDsbh1-Xo2gQn3lncxAgCHGxDv" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://vvd.bz access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1878	0 0	143ms 143ms	Image text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=3526026065023998&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers
GET H2	200	css fonts.googleapis.com/ Frame 41B8	14 KB 2 KB	359ms 122ms	Stylesheet text/css	142.250.186.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f10.1e100.net Software ESF / Resource Hash a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 07 Mar 2024 13:35:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 07 Mar 2024 13:13:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 07 Mar 2024 13:35:31 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 41B8	2 KB 822 B	113ms 113ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Mar 2024 14:23:09 GMT content-encoding br x-content-type-options nosniff age 83542 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 20 Mar 2024 14:23:09 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame 41B8	23 KB 9 KB	114ms 113ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Mar 2024 14:23:09 GMT content-encoding br x-content-type-options nosniff age 83542 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8947 x-xss-protection 0 server cafe etag 12299188824252842506 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 20 Mar 2024 14:23:09 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame F1D6	143 B 166 B	114ms 114ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers age 277 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 13:30:54 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 41B8	3 KB 1 KB	114ms 113ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Mar 2024 14:23:10 GMT content-encoding br x-content-type-options nosniff age 83541 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 20 Mar 2024 14:23:10 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2E93	1 KB 643 B	114ms 113ms	Document text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers age 42250 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 01:51:21 GMT etag 48472445140208031 expires Fri, 08 Mar 2024 01:51:21 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 41B8	20 KB 8 KB	113ms 113ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 06 Mar 2024 14:23:09 GMT content-encoding br x-content-type-options nosniff age 83542 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8212 x-xss-protection 0 server cafe etag 9277691884081322989 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 20 Mar 2024 14:23:09 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 41B8	0 0	123ms 122ms	Image text/html	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuh-o4qpzxnsTd0QzHkp0HN2rqVPHDo57JZF5nJvc9HfvKQeFfAmNcGqbfHYQhxbka0YfMrNoldl--Mn_Y7zBcMmDGwg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 41B8	207 KB 63 KB	113ms 112ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:34:54 GMT content-encoding br x-content-type-options nosniff age 37 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64070 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 07 Mar 2024 14:34:54 GMT
GET H2	200	fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response www.gstatic.com/mysidia/ Frame 41B8	36 KB 15 KB	350ms 115ms	Script text/javascript	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Mon, 04 Mar 2024 22:40:28 GMT content-encoding gzip x-content-type-options nosniff age 226503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15132 x-xss-protection 0 last-modified Mon, 04 Mar 2024 22:04:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 02 Jun 2024 22:40:28 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame F1D6 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	121ms 121ms	Document text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language he-IL,he;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 13:35:31 GMT expires Thu, 07 Mar 2024 13:35:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 07 Mar 2024 13:35:31 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2E93 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEE5sGx2VSMr7_1M-GR87eu4&google_cver=1&google_push=AXcoOmQk3iZj7_ZUYWh2n8xjY2fYXTzWkSskSuG_R8CX8YdnxJDPpFhQgA-vgSUR9oOnRllOBH7HkYTYFUGNDtgo4Hw1rt_BBFZUqM0 https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU0NTY2MjE2ODI1MDAzMDY1MA==&gdpr=&gdpr_consent=&process_consent=T https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE5sGx2VSMr7_1M-GR87eu4&google_cver=1	43 B 398 B	135ms 115ms	Image image/gif	46.228.164.11
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE5sGx2VSMr7_1M-GR87eu4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Server 46.228.164.11 -, , ASN (), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers content-type image/gif pragma no-cache date Thu, 07 Mar 2024 13:35:31 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Thu, 07 Mar 2024 13:35:32 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEE5sGx2VSMr7_1M-GR87eu4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2E93 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESENWvrY8OrNBJ1MUdgrimVvs&google_cver=1&google_push=AXcoOmQ7qUUDc79ljx-TBujtKIxtcP54MwFwdxwnVaqi2B8YhwiGn2M_P3Mm9AOiEv0bfaR1jqb9VOkE25fNG3Uj4T3Qb3eNvhxble0 https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CC21A55C424D74A7E42C8879A05DD7&google_push=AXcoOmQ7qUUDc79ljx-TBujtKIxtcP54MwFwdxwnVaqi2B8YhwiGn2M_P3Mm9AOiEv0bfaR1jqb9VOkE25fNG3U...	170 B 232 B	129ms 129ms	Image image/png	142.250.185.66
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CC21A55C424D74A7E42C8879A05DD7&google_push=AXcoOmQ7qUUDc79ljx-TBujtKIxtcP54MwFwdxwnVaqi2B8YhwiGn2M_P3Mm9AOiEv0bfaR1jqb9VOkE25fNG3Uj4T3Qb3eNvhxble0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Server 142.250.185.66 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 13:35:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 07 Mar 2024 13:35:32 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=85CC21A55C424D74A7E42C8879A05DD7&google_push=AXcoOmQ7qUUDc79ljx-TBujtKIxtcP54MwFwdxwnVaqi2B8YhwiGn2M_P3Mm9AOiEv0bfaR1jqb9VOkE25fNG3Uj4T3Qb3eNvhxble0 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Wed, 06 Mar 2024 13:35:32 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2E93 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEID3eKrSi1EYuvkwdwBx2-8&google_cver=1&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAE... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEID3eKrSi1EYuvkwdwBx2-8&google_cver=1&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-g... https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAEYL2HZSfm-M0&google_hm=ejmGfkCfT9SXySwXHivP...	170 B 232 B	124ms 124ms	Image image/png	142.250.185.66
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAEYL2HZSfm-M0&google_hm=ejmGfkCfT9SXySwXHivPng== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Server 142.250.185.66 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 13:35:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRO-a-CdrvDa73tTzu0kuZ8KKTLIuGUMCYq9Vd-UKTNfX9ysvbWm6UaBDMhputIGtaKxMWHdT7hynFQ-grPlkAEYL2HZSfm-M0&google_hm=ejmGfkCfT9SXySwXHivPng== Date Thu, 07 Mar 2024 13:35:32 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2E93 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENWgUphC-wfIVlCEGof2-HA&google_cver=1&google_push=AXcoOmTWKDzMAg88GFgJ1qF9mdAbWGFOjBferrB3Mz7DlOPett2kU3zXTFbsWo7DpSD_p3ldLBD3-Ft7dbuMM-9Wn7gucTO... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWKDzMAg88GFgJ1qF9mdAbWGFOjBferrB3Mz7DlOPett2kU3zXTFbsWo7DpSD_p3ldLBD3-Ft7dbuMM-9Wn7gucTOLUtuBnZM&google_hm=eS1HOWRJZmlGRTJwR05...	170 B 243 B	127ms 126ms	Image image/png	142.250.185.66
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWKDzMAg88GFgJ1qF9mdAbWGFOjBferrB3Mz7DlOPett2kU3zXTFbsWo7DpSD_p3ldLBD3-Ft7dbuMM-9Wn7gucTOLUtuBnZM&google_hm=eS1HOWRJZmlGRTJwR05YelZkQ2txSkFrZVZQR01NdWlsMn5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Server 142.250.185.66 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 13:35:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Thu, 07 Mar 2024 13:35:32 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTWKDzMAg88GFgJ1qF9mdAbWGFOjBferrB3Mz7DlOPett2kU3zXTFbsWo7DpSD_p3ldLBD3-Ft7dbuMM-9Wn7gucTOLUtuBnZM&google_hm=eS1HOWRJZmlGRTJwR05YelZkQ2txSkFrZVZQR01NdWlsMn5B content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame 2E93	43 B 363 B	346ms 115ms	Image image/gif	178.250.1.9
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTAHAOBQxrDXt-j2Vso87ApEpPVFM4B9surIkBgnwt7eYDzXi_PGdxFoZ5Y1eFP2woVt-8ABPhojRcZl7rf7czyyHn654IEb2k&google_gid=CAESECxWVgX6Xik1FBde6ToN-jw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 13:35:31 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 232115 expires Thu, 07 Mar 2024 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2E93 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMOp_oIJk5bE_oJikSyzfq0&google_cver=1&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWepN... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMOp_oIJk5bE_oJikSyzfq0&google_cver=1&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkB... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA0ODk3MTY5OTg2MzE4OTI2NA&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWe...	170 B 232 B	131ms 131ms	Image image/png	142.250.185.66
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA0ODk3MTY5OTg2MzE4OTI2NA&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWepNB5Zgh7uRJK-ROYtKXhFuB6U Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Server 142.250.185.66 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers pragma no-cache date Thu, 07 Mar 2024 13:35:32 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 07 Mar 2024 13:35:32 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjA0ODk3MTY5OTg2MzE4OTI2NA&google_push=AXcoOmR6q6dfCZUKB5BDYcWBgAwgL8InoQz-mzzgxhMqiEvNxLHlHHIsj7g4V0c3Kp5DIzTSUkBiWepNB5Zgh7uRJK-ROYtKXhFuB6U access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET		sync rtb.mfadsrvr.com/ul_cb/ Frame 2E93 Redirect Chain https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEPeLbGsOrB13PVQnLsgpCVE&google_cver=1&google_push=AXcoOmSkr656GGUPNu2AQkAJFls-hKnniKC191539kLha7plW0rLLnk92lSdgjtc3NSdTxIXPtwI... https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEPeLbGsOrB13PVQnLsgpCVE&google_cver=1&google_push=AXcoOmSkr656GGUPNu2AQkAJFls-hKnniKC191539kLha7plW0rLLnk92lSdgjtc3NSdTx...	0 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 2E93	0 139 B	361ms 121ms	Image text/html	142.250.185.66
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRjqRT5F_9i0rtTBkGmM4oYugXwcYfzlRPt5soCvh2DJlyoc5-Fj2rn0O_L5m6S1eD5OJmYw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3311950788580475&output=html&h=90&slotname=9681844904&adk=1260947428&adf=2347387144&pi=t.ma~as.9681844904&w=728&lmt=1709818530&format=728x90&url=https%3A%2F%2Fvvd.bz%2FdDOo&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709818530334&bpp=2&bdt=5252&idt=2&shv=r20240306&mjsv=m202403050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2703500514547&frm=20&pv=1&ga_vid=1517971139.1709818529&ga_sid=1709818529&ga_hid=930716402&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=324&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95325752%2C95326316%2C31081641%2C95323760%2C95324160%2C95325785%2C95326431%2C95326915&oid=2&pvsid=3526026065023998&tmod=1129994496&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 -, , ASN (), Reverse DNS Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language he-IL,he;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Thu, 07 Mar 2024 13:35:31 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 41B8	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ff2bc7fed66c2029ea12136034d22968096a6dd97797af6e20eb112699e45e1 Request headers accept-language he-IL,he;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	146ms 146ms	Image text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=3526026065023998&bg=!u7iluPfNAAZsmiNCTJo7ADQBe5WfOF24elg7PzdngOVEDpMPjFlcfJM7zR-ecD6TveCtBNU9OLjb36yJXzezXzKH9WZLAgAAAENSAAAABGgBBwoAHaiKmxwcVE9nR1ItIuf7fCLUgfhAq5Hx_bLEp7ttmQLBV6OOIRRv7gxJ-NWEU8ZTqOaw2xyn_yhdoykURoOP1tewdqLYtE85SexVagNTHj0Hu1KttjoKbLM9zBroOO-Y8jxZgOi-i1gbPBP8Yu7RyM4PMZCSGhN7DkeA4Bxgvj7Lv3FZu0Gg2FeiQpmxMRunkJ1ajSV9Zhnrw36S3ji_NEC8izjqyvJrynOncaFAZVnlxom3l7_cYPlJtk9Rko5ZYWWKAG0UW9Y1UNL4WFiV4_kxTWIU4Obh-S8W0qYC-0X60ilUVE8fcYC6WYOWIvKHM2Pp1NbSvFe9UAXAueQ5oKlTWe2sEoKcN6LI3fCjC_jF2W3c2lVtpXxQ9Wye8ORO-gram0BmO8aU05Ijr4DFAp8JwEg9Z0WKXyd58X7KjBgM90Whlz1bUMSVqjH-Aa6wClqwKLeYlB1JDxgiVAOzIaiz1GPrLMuaDterpUb1gyZwNjWhrSQO86FI7sjJzv_EVmkO48dX1AHlGW-PYaPahK4wlocsKRC0_GLYjaFew9IWbVJBoZ6Med1MaKQPUop4JhUwnw1wd900i7SWtK1LrI8hvqzfesep0uQSJ6HuBAKP6Gx_fX7y2Wwpl3IaGy8acyaMXl0ffDxonRzOZdUQdWvuJI78whe_F3vx6Yf_mXAvZJvKliSihUhSmDdagIub3fTWDhK7aluSIKwWHwjYCZEF4YBGKLbK3jKiY67OavKZqiEKpJ6mdOt_6JpgRrw4fu3R3JMc7Y8T8ydLuYjp56PoeCx4KNoaF6Ws2nO2Mv0o_ZYtKWPcrjRQ3_fX034NaLObGuyNRbqIzNpEaKUBEKFmEubRdsHZ4enAx6gRQc1gL5FXKKNWMW6seJuw-qbSwKnMjDsmhD5lf_B3eijQ6RIJlbcEBRy-w52fbWujSlJvwI5uUM092Dnllj8CuCdzknpwr_S8GN2Nqi6yR-5Irp_s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language he-IL,he;q=0.9 Referer https://vvd.bz/dDOo User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 41B8	33 KB 34 KB	367ms 113ms	Font font/woff2	142.250.185.195
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 -, , ASN (), Reverse DNS Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language he-IL,he;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 05 Mar 2024 04:01:15 GMT x-content-type-options nosniff age 207257 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 05 Mar 2025 04:01:15 GMT
GET		adview googleads.g.doubleclick.net/pagead/ Frame 41B8	0 0
GET		gZnWy8mTJh2nv19RYTdHYGEDJC1_M9D7HOMBQELlJo4.js pagead2.googlesyndication.com/bg/ Frame 3B3A	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

rtb.mfadsrvr.com

URL

https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEPeLbGsOrB13PVQnLsgpCVE&google_cver=1&google_push=AXcoOmSkr656GGUPNu2AQkAJFls-hKnniKC191539kLha7plW0rLLnk92lSdgjtc3NSdTxIXPtwInqGRbPoswprM5bOnzkEl6Eikftvy

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0uBJosLpZaTEHJjrrr4PgJCpgAXQkMXQde3crYOYD2QQASDRrt94YPm69IOcEKAB_ZKK_QPIAQGoAwHIA8sEqgSyAU_QS8vupUq7Mj8ez3V8QKDDqopZeBBVOe2jfIGblsWN2ZSmTx4FgD7haVd2Qwrrg7JP1bQfbk_k6rwfMOAXmh0WTi-YBfQ-nx51jXSOa2tTHO472EhnmsVkiomiayURH8jzOK3aDKJT5y6HPhAMy9zk0yUuuxvbJ0AxGjv-BOq015pBUF-E3Sdt14iyeugW8i5aOIDUKNhThomki7QXSE8mlB-9IrQfE3LSKsxzQ0h1Zr3ABJeMx9eNAogFwaeO7gaSBQQIBBgBkgUECAUYBIAHpracMqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEELXbV9IIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljO1YqxouKEA5oJKWh0dHBzOi8vd3d3Lmp1c3RhbnN3ZXIuY29tL3NpcC9qdXN0YW5zd2VygAoByAsB2gwQCgoQ4OHS7aeDmc8TEgIBA9gTC4gUAtAVAYAXAbIXHAoaCAASFHB1Yi0zMzExOTUwNzg4NTgwNDc1GAA&sigh=iKEiTRMSLMY&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwB7FLtqoHpBcEfpjTDZnXw0CSaOAUCZYq6vcRuNgUqIET_u4mylPB6q9usbDYvbipDU8Z5Xy57ycHE1GAE&cbvp=2&vis=1&nis=5

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/bg/gZnWy8mTJh2nv19RYTdHYGEDJC1_M9D7HOMBQELlJo4.js