www.vesty.co.il Open in urlscan Pro
2.18.235.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vesty.co.il/main/article/syrrynhgi
Submission: On September 07 via manual (September 7th 2022, 7:33:52 am UTC) from IL — Scanned from DE

Summary HTTP 450 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 41 domains to perform 450 HTTP transactions. The main IP is 2.18.235.16, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il. The Cisco Umbrella rank of the primary domain is 244733.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 13th 2022. Valid for: a year.

This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	2.18.235.16 2.18.235.16	16625 (AKAMAI-AS) (AKAMAI-AS)
26	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
71	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 1	2606:4700:20:... 2606:4700:20::681a:81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a02:26f0:6c0... 2a02:26f0:6c00:282::30bc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2600:9000:212... 2600:9000:2127:2e00:11:da61:a100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.48.23.44 23.48.23.44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.95.80 65.9.95.80	16509 (AMAZON-02) (AMAZON-02)
2	65.9.95.113 65.9.95.113	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.227.49.12 54.227.49.12	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700:20:... 2606:4700:20::ac43:473d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
25	52.34.171.162 52.34.171.162	16509 (AMAZON-02) (AMAZON-02)
1	54.74.111.76 54.74.111.76	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	65.9.95.21 65.9.95.21	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
29	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:612... 2600:1f18:612b:4232:b349:7e6b:417:1a78	14618 (AMAZON-AES) (AMAZON-AES)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
15 20	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
9 19	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 14	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
46	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
450	55

43 2.18.235.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-16.deploy.static.akamaitechnologies.com

www.vesty.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totalmedia2.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images1.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ynetnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

ynet-images1.yit.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hls-video-ynet.yit.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:81b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:26f0:6c00:282::30bc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:2e00:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.dxmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.44 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-44.deploy.static.akamaitechnologies.com

middycdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-80.prg50.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-113.prg50.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.227.49.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-49-12.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:473d (United States)

ASN13335 (CLOUDFLARENET, US)

js.nagich.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.34.171.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-171-162.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.111.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-111-76.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-21.prg50.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:b349:7e6b:417:1a78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.34 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.18.19.126 (None, ) 9 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.252.173.27 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1042 trc.taboola.com — Cisco Umbrella Rank: 918 vidstat.taboola.com — Cisco Umbrella Rank: 2985 am-trc-events.taboola.com — Cisco Umbrella Rank: 12654 images.taboola.com — Cisco Umbrella Rank: 1875 imprammp.taboola.com — Cisco Umbrella Rank: 8649 am-match.taboola.com — Cisco Umbrella Rank: 8600 am-vid-events.taboola.com — Cisco Umbrella Rank: 8062 sync-t1.taboola.com — Cisco Umbrella Rank: 1485 pips.taboola.com — Cisco Umbrella Rank: 397303 cds.taboola.com — Cisco Umbrella Rank: 2547	2 MB
74	googlesyndication.com 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	494 KB
50	doubleclick.net 15 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 ad.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373 pubads.g.doubleclick.net — Cisco Umbrella Rank: 368	386 KB
46	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	818 KB
36	vesty.co.il www.vesty.co.il — Cisco Umbrella Rank: 244733	276 KB
28	browsiprod.com events.browsiprod.com — Cisco Umbrella Rank: 12856 yield-manager.browsiprod.com — Cisco Umbrella Rank: 13393 cdn.browsiprod.com — Cisco Umbrella Rank: 16404	79 KB
26	yit.co.il ynet-images1.yit.co.il — Cisco Umbrella Rank: 32898 hls-video-ynet.yit.co.il — Cisco Umbrella Rank: 66195	2 MB
25	ynet.co.il totalmedia2.ynet.co.il — Cisco Umbrella Rank: 40274 www.ynet.co.il — Cisco Umbrella Rank: 27234 images1.ynet.co.il — Cisco Umbrella Rank: 36297	1 MB
19	casalemedia.com 9 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	15 KB
14	adnxs.com 9 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	13 KB
11	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	2 KB
7	gstatic.com fonts.gstatic.com	103 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120 imasdk.googleapis.com — Cisco Umbrella Rank: 456	335 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	220 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 305	109 KB
5	nagich.co.il js.nagich.co.il — Cisco Umbrella Rank: 26876	21 KB
5	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 3512	142 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 778	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	20 KB
3	o2online.de portal.o2online.de — Cisco Umbrella Rank: 41343	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5202 www.google.de — Cisco Umbrella Rank: 3469	1 KB
3	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1976 api.btloader.com — Cisco Umbrella Rank: 2175	6 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 486	529 B
2	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3283	365 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	54 KB
2	trinitymedia.ai trinitymedia.ai — Cisco Umbrella Rank: 15808 vd.trinitymedia.ai — Cisco Umbrella Rank: 23341	93 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	87 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 111	9 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 2214	1 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 18310 cdn.firstimpression.io — Cisco Umbrella Rank: 18740	93 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	132 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1811	41 KB
1	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2925
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1474	3 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 582	5 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 25212	5 KB
1	akamaihd.net middycdn-a.akamaihd.net — Cisco Umbrella Rank: 30673	12 KB
1	ynetnews.com www.ynetnews.com — Cisco Umbrella Rank: 227595	2 KB
1	dxmcdn.com cf.dxmcdn.com — Cisco Umbrella Rank: 58384	1 KB
1	yandex.ru yandex.ru — Cisco Umbrella Rank: 1024	80 KB
1	upapi.net 1 redirects mrb.upapi.net — Cisco Umbrella Rank: 39282	548 B
450	41

	Domain	Requested by
54	images.taboola.com
46	s0.2mdn.net	www.vesty.co.il s0.2mdn.net imasdk.googleapis.com
39	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
36	www.vesty.co.il	www.vesty.co.il ynet-images1.yit.co.il
29	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.vesty.co.il tpc.googlesyndication.com 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com s0.2mdn.net
25	events.browsiprod.com	middycdn-a.akamaihd.net cdn.browsiprod.com
23	ynet-images1.yit.co.il	www.vesty.co.il ynet-images1.yit.co.il
20	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net
19	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
19	www.ynet.co.il	www.vesty.co.il ynet-images1.yit.co.il www.ynet.co.il
14	ib.adnxs.com	9 redirects googleads.g.doubleclick.net
12	cdn.taboola.com	www.vesty.co.il cdn.taboola.com
11	googleads.g.doubleclick.net	5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com www.vesty.co.il
10	googleads4.g.doubleclick.net	www.vesty.co.il
9	www.google.com	1 redirects www.vesty.co.il tpc.googlesyndication.com 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	securepubads.g.doubleclick.net	www.vesty.co.il securepubads.g.doubleclick.net
5	www.googletagservices.com	5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	js.nagich.co.il	www.vesty.co.il js.nagich.co.il
5	yastatic.net	1 redirects yastatic.net
4	sync.search.spotxchange.com	4 redirects
4	fonts.googleapis.com	securepubads.g.doubleclick.net s0.2mdn.net
4	images1.ynet.co.il	www.vesty.co.il www.ynet.co.il
3	hls-video-ynet.yit.co.il	www.ynet.co.il
3	portal.o2online.de	s0.2mdn.net
3	am-trc-events.taboola.com
3	www.google-analytics.com	www.googletagmanager.com www.vesty.co.il
3	trc.taboola.com	cdn.taboola.com
2	imasdk.googleapis.com	www.ynet.co.il imasdk.googleapis.com
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
2	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
2	www.youtube.com	www.vesty.co.il www.youtube.com
2	cdn.browsiprod.com	middycdn-a.akamaihd.net cdn.browsiprod.com
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com
2	connect.facebook.net	www.vesty.co.il connect.facebook.net
2	www.facebook.com	www.vesty.co.il connect.facebook.net cdn.taboola.com
2	ad-delivery.net	www.vesty.co.il
2	www.googletagmanager.com	www.vesty.co.il www.googletagmanager.com
2	btloader.com	1 redirects www.vesty.co.il
2	totalmedia2.ynet.co.il	www.vesty.co.il
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	am-vid-events.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	www.google.de	www.vesty.co.il
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vd.trinitymedia.ai	trinitymedia.ai
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	www.googleoptimize.com	www.googletagmanager.com
1	cdn.permutive.com	cf.dxmcdn.com
1	widgets.outbrain.com	www.vesty.co.il
1	yield-manager.browsiprod.com	middycdn-a.akamaihd.net
1	static.xx.fbcdn.net	www.facebook.com
1	api.btloader.com	mrb.upapi.net
1	trinitymedia.ai	www.vesty.co.il
1	ad.doubleclick.net	www.vesty.co.il
1	ecdn.firstimpression.io	www.vesty.co.il
1	ecdn.analysis.fi	www.vesty.co.il
1	middycdn-a.akamaihd.net	www.vesty.co.il
1	www.ynetnews.com	www.vesty.co.il
1	cf.dxmcdn.com	www.vesty.co.il
1	yandex.ru	www.vesty.co.il
1	mrb.upapi.net	1 redirects
450	71

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
bit.ly
gsght.com
popup.taboola.com
pro-verbraucher.info
tops.easyvoyage.de
search.onetag.com
goo23.com
info.geers.de
track.click-governor.com
www.bereit-zu-reisen.de
www.stayfriends.de
thistimeforus.com
nackenschmerzen.behandeln.de
track.click-torrent.com
www.hausfrage.de
welighly-itario.icu
www.yit.co.il

Subject Issuer	Validity	Valid
qa.vesty.co.il DigiCert SHA2 Secure Server CA	`2022-02-13` - `2023-02-15`	a year	crt.sh
*.yit.co.il Sectigo RSA Domain Validation Secure Server CA	`2021-12-19` - `2022-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
cf.dxmcdn.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
analysis.fi Amazon	`2021-12-04` - `2023-01-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-16` - `2022-09-14`	3 months	crt.sh
trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2021-12-13` - `2022-12-15`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.gobrowsi.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
*.browsiprod.com Amazon	`2022-08-21` - `2023-09-18`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
vd.trinitymedia.ai Sectigo RSA Domain Validation Secure Server CA	`2021-12-13` - `2022-12-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-02-11` - `2023-03-08`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.vesty.co.il/main/article/syrrynhgi
Frame ID: F937BDDB6B4A583614FC6397F2CA32AD
Requests: 258 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvestyisrael&tabs=timeline&width=300&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1349386115096799
Frame ID: 2BE559002E948F077D16665469869CE4
Requests: 2 HTTP requests in this frame

Frame: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EBA35A84BFB5A96111384C36E5297A85
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32dab631e9994%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff4779d5551bac4%26relation%3Dparent.parent&container_width=490&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width=
Frame ID: CA418991215DA59797E9463E9C6B8FF5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32dab631e9994%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff4779d5551bac4%26relation%3Dparent.parent&container_width=490&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width=
Frame ID: 6274F793E1794DF727EE95AAAE1D4F20
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 5394A2EE31E4FEE47A55778F1FA7484B
Requests: 18 HTTP requests in this frame

Frame: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 20AFE44613CC49A71143848B20C06016
Requests: 15 HTTP requests in this frame

Frame: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EC2462D23834128233F1F6B83B6A6782
Requests: 14 HTTP requests in this frame

Frame: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0853ECD7209379EED1232F6EA654877
Requests: 14 HTTP requests in this frame

Frame: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9CC439A40AC3605A85FB994364DD0F37
Requests: 15 HTTP requests in this frame

Frame: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7282F64B00F3DF2DBD737421C00D39D9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CAFA95F3F92BEDB7E250290F7633548D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0D89963A2CDA26F29181E86B28514AF
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&cmcv=&pix=undefined&cb=1662536025459&uv=3223&tms=1662536025459&abt=amplean_vA!inc_all_video_vA!Noappq22_vB!spa2_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=35b9f63e-d192-4034-876a-3ab31ab745c4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2DC7F8891CC6AB5AAB24F009037D81DD
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 539BAA22853617E9106BB373D940EB9F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNU5Hsi-sEYQKt16fz21TDdzAENYbNjQrdouSsImiP-0p6kRJpAxntLcDnl6SWNCyoALZDQ6vBHMdVxDwgwA54KeV3NEZeilAkH3L8rkDvFbJ4ID5VtbfnZRvkDpA2KXxhfrJEX0Hwb37qgc5xX5_k6VhUD_tHWjiJIYOyVyxJlCIc4PEVI
Frame ID: 3691709B3E909C6CB2A08E36B4D871EC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXLPuh1w7RtNjQHpb2ZO5-b-IL_WwoYbRkoTWc4-g-1L4Z_pXQwN1BdQ23-lWc208p-fxjctGjOry8C_cQ-t1znLbU9wAj1ejkx3QsWTcvP6LSujnPj-fl9xpxrxlnOMAtsqN9-o5V2ZTlRLi-g_M73pAgLZcjGK4YE6kD0muXx8QIPHS8
Frame ID: EEBFB579E94AF487C50C83867AA65579
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXzMzXXqaLwStTPVdXvqEQm9GPk8LQLwBN7pm3H2yit1-qzzNOyxkm2pU2LWFqlSCl8H99PwnUdgxVwGcsnPlxt1KsFimQKWt89DTbbaDPYMTXI9qtpDF8CXLGVb7iZIiKzAAhyYyjaI0LN1S2TKEHjlbB382QHYbchwVTMSekWK97XC0U
Frame ID: 03FB0E1D565A6C510E84B9556041D09E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNWMVH4oztEvVig_3y1ljqghJyvK-qMEiAw0n6gitTJy_VuVCPtw9aOS77S1_kr_SGQEy6NN-w90lOTb5D_o_yP2iJY1X9jpiUxUDKn-GM-G9_lSLCqshIrJ2ekhn_FEuE4CytsPANZ6GImgfN0SYQ_NWLK6qf99F-Bi_5PdDPAGxTmEZ6w
Frame ID: 44D7E681C0C9FECA1C59AB633A488C9E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUgqJXBoueEWR3vGx8H1H2EFbAA-u7i3BQi82LUwirgzLARc5Tl5f2RZyTHm1GoPgW9MfbTUsym6hFFXjv06ryhzQFnlHuDac78ru6i2ansy5yzOU1RVRKsL1ELZWkACy2OuJdl_2mxs-d11bcfqO1mygsaysoibLtX6uBNZB-u49rxir0
Frame ID: 2C0507D33049BD525E3BB2423FA54B39
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0390C1D1A3F8D18D339AD8DD8AC22B5A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 46847720E1F46F55E59F87B5308630AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9FA646562E7B9FA97F37AB38781BA568
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 17F01139C71987DAB4181E4151C5A6E3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 46FB90127DCD9EF2AB420A8AE24D9403
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247
Frame ID: D3398F3FF3D3E91D4B2A7C718B06EA73
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Frame ID: 99473E201257186910513B6D2724DA56
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247
Frame ID: DE28BB0D1A506DC219FC74D326CDEA59
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
Frame ID: 1C3B5A01483480C3543C10A81FFF3811
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247
Frame ID: FBE51C0F0EE088DA91D396B2787FD979
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.528.0_ru.html
Frame ID: 618E9609B4C51050F815D1120AA5EAF9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: 49E490EC4F30659C08A6497650988EDB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: 7878DE1E2146343B4F6C9815D0B4A5C7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: 691437E9E43E337226D3DC81254BA7B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бой у Дженина: спецназ ЦАХАЛа ликвидировал террориста

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

450
Requests

94 %
HTTPS

57 %
IPv6

41
Domains

71
Subdomains

55
IPs

8
Countries

9195 kB
Transfer

23727 kB
Size

26
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/VestyIsrael/

Search URL Search Domain Scan URL

URL: http://bit.ly/2t1lsgR

Search URL Search Domain Scan URL

URL: https://gsght.com/c/hwjxfy?network_click_id=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCpykQoneWdiaS2zr4s&campaign=20684727&campaign_name=cc-de.au-tcpa5_vid&ad_group=1099209&ad_group_name=ynet-vesty&site_id=ynet-vesty&ad=3560108636&sub1=cc-de.au-tcpa5_vid&sub2=Webhit+jetzt+gratis+spielen&sub3=cr-3dmultiply25a.cn-1&destination_url=https://www.hero-wars.com/?hl=de&l=loot&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCpykQoneWdiaS2zr4s#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCpykQoneWdiaS2zr4s
Title: Hero Wars

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=organic-thumbnails-rr:Right%20Rail:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/zez-l2t-b/?utm_source=taboola&utm_medium=display&utm_campaign=6296_pZEZ_D-PRO-Lead-Outbound-Copy-Taboola_wac8247028_wmid667942213719691264&utm_term=vesty.co.il&utm_content=Krankenkassen+verheimlichen%3A+Kostenloser+Zahnersatz+mit+diesem+Trick&publisher=ynet-vesty&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCm0U8on-D4rabBwc-xAQ#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCm0U8on-D4rabBwc-xAQ
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://tops.easyvoyage.de/altere-promis/?utm_source=taboola&utm_campaign=19722192&utm_medium=ynet-vesty&utm_term=3440284168#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSD1pUUo0NzE0--x2KHBAQ
Title: Easy

Search URL Search Domain Scan URL

URL: https://search.onetag.com/search?q=birkenstock+sandalen+damen&source=taboola&tbc=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC9zlkokoHniojL79y4AQ&campaign_id=20190748&site_id=1099209&ad_id=3494615379&t=1&m=0&pa=1&st=b25ldGFnX24yc194bWxiXzI1OTBfcGFfYm9v&pal=list&pap=before&h=1&ts=40&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC9zlkokoHniojL79y4AQ#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC9zlkokoHniojL79y4AQ
Title: Birkenstock | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://goo23.com/click.php?key=o5l98m4th7dyoskxab9c&clickid=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDhz04ouu-88a_V7eJY&cost=Wo5t_Kr3H43wD0dw9oRVUDj9mkLsmWDNmos4OjTjiIM=&site=ynet-vesty&campaign=17064381&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F01b579960e6084ef0b219f4339f0ec0a.jpg&title=Wie+man+die+blaue+Pille+diskret+online+kaufen+kann+in+Deutschland+%28Morgen+geliefert%29.&campaign_name=ED_DE_Desktop_Young_Clean_14_3_22&campaign_item_id=3555604775&site_id=1099209&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDhz04ouu-88a_V7eJY#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDhz04ouu-88a_V7eJY
Title: Apomagazine

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbnails-lr:Left%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=alternating-thumbnails-dd:article%20mid%20page:
Title: от Taboola

Search URL Search Domain Scan URL

URL: https://info.geers.de/hoergeraete-ite-unsichtbar-testen/?utm_source=taboola&utm_medium=display&utm_campaign=PREMITE_DE_GEE_ACQ_DIS_TAB_DES_SLSA01_IMG_AUG2W&utm_content=3534528025&utm_term=ynet-vesty&utm_title=Berlin%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCDkFIo34vB_evw_qID&_ad_placement=ynet-vesty&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCDkFIo34vB_evw_qID#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCDkFIo34vB_evw_qID
Title: GEERS - Gutes Hören

Search URL Search Domain Scan URL

URL: https://track.click-governor.com/b45f53de-c89e-4ff2-b190-93b6d2a47271?site=ynet-vesty&title=Unverkaufte+Autos+werden+in+Berlin+fast+verschenkt&site_id=1099209&platform=Desktop&campaign_id=12079308&campaign_item_id=3424928892&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5d8dca41bdcf92e466f59d34f40e7ba4.jpeg&click_id=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCWl1UoucLpl7rYt_xQ&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCWl1UoucLpl7rYt_xQ#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCWl1UoucLpl7rYt_xQ
Title: Autos | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://pro-verbraucher.info/kostenlose-beerdigung-tb-l2t/?utm_source=taboola&utm_medium=display&utm_campaign=2592_pSGVE_D-PRO-Lead-Outbound-Taboola2_wac8294743_wmid592188347699433472&utm_term=vesty.co.il&utm_content=1949-1982+geboren%3F+Sie+haben+Anspruch+auf+diesen+Bestattungsschutz&publisher=ynet-vesty&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCm0U8o--iF5Lekheo9#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCm0U8o--iF5Lekheo9
Title: Pro Verbraucher

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.bereit-zu-reisen.de/?utm_source=taboola&utm_medium=cpc&utm_campaign=Twinrix_bereit-zu-reisen&utm_content=Dubai-Urlaub+geplant%3F+Impfempfehlungen+f%C3%BCr+Ihre+Reise.&utm_term=ynet-vesty&cc=de_cpc_oth_np-de-tvx-advt-210001_59608&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCF3Vcolcvk2r-SupcM#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCF3Vcolcvk2r-SupcM
Title: Bereit-zu-Reisen.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=exchange-thumbs-feed-01-new:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.stayfriends.de/sfvc/inboundlinks/ADB1Z?ABBZ=14531&AFBZ=89c938303f799c0bec23100fa0a895607870b094_&utm_source=taboola&utm_medium=referral&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSD8qT8or5aAlOqjkav2AQ#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSD8qT8or5aAlOqjkav2AQ
Title: StayFriends

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%204:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://thistimeforus.com/go/fb2cd443-747d-4899-b171-bcd20220cde7?click_id=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC5xlMo6__QmMW3hZybAQ&site=ynet-vesty&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3e2fffd2abc2a0d5ee065777a904f2b7.jpg&title=Unverkaufte+Sofas+werden+fast+umsonst+verteilt+%28Siehe+Preise%29&campaign_id=20142697&site_id=1099209&campaign_item_id=3479719569&utm_source=taboola&utm_medium=referral&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC5xlMo6__QmMW3hZybAQ#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC5xlMo6__QmMW3hZybAQ
Title: Couches & Sofas | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=organic-thumbs-feed-01-c-left:Below%20Article%20Thumbnails%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://nackenschmerzen.behandeln.de/chronische-nackenschmerzen.html?utm_source=taboola&utm_medium=cpc&utm_campaign=Voltaren-ChronicPain&utm_content=Chronische+Nackenschmerzen%3A+Was+wirklich+hilft.&utm_term=ynet-vesty&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDUtVQou4K5nO-k1Ox1#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDUtVQou4K5nO-k1Ox1
Title: behandeln.de

Search URL Search Domain Scan URL

URL: https://track.click-torrent.com/4e9daecd-066a-411a-b285-7d2bc787c3dd?site=ynet-vesty&title=Unverkaufte+Sofas+werden+f%C3%BCr+fast+nichts+verkauft+%28Klicken+Sie+f%C3%BCr+Ergebnisse%29&site_id=1099209&platform=Desktop&campaign_id=18108587&campaign_item_id=3429041911&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F68fb4d8f985b6e2fe1c137ceeb03fd08.jpeg&click_id=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDupVYo9raax_C8q6A2&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDupVYo9raax_C8q6A2#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSDupVYo9raax_C8q6A2
Title: Sofas | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.hausfrage.de/artikel/startup-story/?utm_source=taboola&utm_medium=referral&utm_campaign=20497207&utm_content=3556914920&utm_placement=ynet-vesty&TaboolaClickId=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC1-FEo3IWToMjPjMwF&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC1-FEo3IWToMjPjMwF#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSC1-FEo3IWToMjPjMwF
Title: Hausfrage.de

Search URL Search Domain Scan URL

URL: https://welighly-itario.icu/be9663d4-14ab-4c57-b89a-7af289963260?utm_campaign=TB-AFF-Derlia-DT-2&site_id=1099209&title=Warum+dieses+35+Euro+Kissen+alle+Verkaufsrekorde+in+Deutschland+bricht&platform=Desktop&campaign_id=20530434&campaign_item_id=3557757537&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7584e8ea5d3e1e28bef3fba3c3f9407b.jpeg&site=ynet-vesty&click_id=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCy31Ao3e6ho_DwgMdz&tblci=GiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCy31Ao3e6ho_DwgMdz#tblciGiC_RbJLS9TmU-uU_BHg61zoFLlogVAbbi6lKS9J-neJmSCy31Ao3e6ho_DwgMdz
Title: Derlia

Search URL Search Domain Scan URL

URL: https://www.yit.co.il/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
https://btloader.com/tag?w=5732901039636480&upapi=true

Request Chain 10

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 250

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=67d12327-2e7f-11ed-803c-129210fe0206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&

Request Chain 253

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=67d0df60-2e7f-11ed-9650-180e33a50206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&

Request Chain 293

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

Request Chain 296

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Request Chain 298

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

Request Chain 300

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Request Chain 302

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

Request Chain 304

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Request Chain 306

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

Request Chain 308

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Request Chain 310

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

Request Chain 315

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWUE9uXl3NMNvRDYPpwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Request Chain 317

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

450 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request syrrynhgi Show response
www.vesty.co.il/main/article/ 99 KB
28 KB 95ms
79ms Document
text/html 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/main/article/syrrynhgi

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

748fc50cc20fd7fecc7c5d9a5a96cc99fed42fcaf7e17626dfb9817fface72d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 28545
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2022 07:33:43 GMT
Last-Modified: Wed, 07 Sep 2022 07:31:09 GMT
OSV: c8
V-TTL: 0
VX-Cache: MISS
Vary: Accept-Encoding
WAI: 01
X-Frame-Options: SAMEORIGIN
X-me: ${S_HOSTNAME}
X-version: V3
YS-Cache: 1d7b11be9c0dc133b073273cc627cf87
backend-cache-control
vg_id: 2

GET
H2 200 vesty.3e37ef9c2f900d70c10f42a7a184b286.css
ynet-images1.yit.co.il/Common/frontend/site/prod/ 454 KB
105 KB 160ms
46ms Stylesheet
text/css 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8a6221880b6410d17970ff847e820d517a8af6a563e25bfb07e447e0de6e61c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:43 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 09:21:14 GMT
server: Microsoft-IIS/10.0
age: 74603
access-control-allow-methods: GET,POST
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 106970
x-llid: 8145d5d2fb6254fcfff225c973f3a863
expires: Thu, 06 Oct 2022 10:50:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 142ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8a1cfa42b4970ab6c8f62e7e21d9588ec450fad27df4665c26f0046ba4995d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28508
x-xss-protection: 0
server: sffe
etag: "1326 / 986 of 1000 / last-modified: 1662502538"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 07 Sep 2022 07:33:43 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ynet-images1.yit.co.il/Common/Api/Scripts/ 86 KB
36 KB 139ms
25ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/Api/Scripts/jquery-3.4.1.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:43 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 08:04:02 GMT
server: Microsoft-IIS/10.0
age: 1096165
access-control-allow-methods: GET,POST
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 37032
x-llid: 19db29cfdef717b92622425783474f71
expires: Sat, 24 Sep 2022 15:04:18 GMT

GET
H/1.1 200
OK gpt_script_yns_ynv.js Show response
totalmedia2.ynet.co.il/new_gpt/vesty/ 97 KB
21 KB 98ms
67ms Script
application/x-javascript 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dc3d45106d24333353604d863e28084cf0a66e99d9d4e155eacafbb6ae95f5fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 09:44:46 GMT
Server: AkamaiNetStorage
ETag: "35f958c8dbdcf725db1fe025b04d17f5:1609917348.719687"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 20834

GET
H/1.1 200
OK ynv_templates.js Show response
totalmedia2.ynet.co.il/gpt/ynv/ 110 KB
44 KB 95ms
64ms Script
application/x-javascript 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Feb 2019 09:15:22 GMT
Server: AkamaiNetStorage
ETag: "0d986196c56347b4af883296acc3ef7f:1549530922"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ynet-vesty/ 568 KB
44 KB 28ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1af3b38a51c687080e2e0c924cbe278cf9cf38069480e37db75f8a5d6bf72d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: clHXJq70qWkzIQ2m5EJPGrHUbRySWMHn
content-encoding: gzip
age: 9469
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 10
content-length: 44147
x-amz-id-2: nemiroVptrMSPYiDcZNmxk0JeQj2MG90xXJABxJ7wBLnTIvWyREaYPDI7J+A/isFf/kh7V48o8g=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 13:53:10 UTC
server: nginx
x-timer: S1662536024.993800,VS0,VE1
etag: "45bd6384f88cbe75518c0b4c699aa34aac63b370"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: KE1XNKCHMMPNHPCW
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Wed, 07 Sep 2022 07:33:43 GMT
abp: 31
x-cache-hits: 1

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://mrb.upapi.net/code?w=5732901039636480&uponit=true
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
https://btloader.com/tag?w=5732901039636480&upapi=true

13 KB
6 KB

22ms
22ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c45d5ba206b740050a665cf7210f75df3b9642d986fc4f7ce08eb8c1825be9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc206dadb90d6-FRA
date: Wed, 07 Sep 2022 07:33:44 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 07 Sep 2022 06:35:34 GMT
server: cloudflare
age: 3408
etag: W/"d85991899f79933b4b146964114c80b6"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr%2BuStwmwlBKeZpzAyd4uK5CNjNqTUO8PTCthswCjJOjPvNhkUuBARpi1coYvTKd3D%2FI3jZOnRiXxhtfXjHo4hcOsLbzZQCCD08jDYQjjIbANIEZPpwzmuohoygIrDftNhu%2Ftt6I6dkF1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

Redirect headers

date: Wed, 07 Sep 2022 07:33:44 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3363
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89cuqtF2qPS%2BUW%2FADKULjHAmpL0aKIseSOx5uXMasuOGUSdvNbdMFT5AZ%2FZbkzfq89b6%2FFF7rqu6mG0sNjzPjaQmWRDE1ucoYZrO7GOX1vT2VQdCUfxAoz4S6D0qJZD4s9l%2FtHHQXcAZSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?w=5732901039636480&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 746dc206aa9090d6-FRA

GET
H2 200 vendors-widgets.81738138db7fbf06462f.js Show response
ynet-images1.yit.co.il/Common/frontend/site/prod/ 2 MB
668 KB 24ms
24ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 92a85f93f18ea572688b8fd7b5c5ff1b9e69c4a61464d72764d833c42dc41c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 15:38:09 GMT
server: Microsoft-IIS/10.0
age: 1094590
access-control-allow-methods: GET,POST
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 683776
x-llid: 950ee3ee35c6d1fb8483801fb07276dc
expires: Sat, 24 Sep 2022 15:30:34 GMT

GET
H2 200 widgets.366e28cc38c5ff4f63bd.js Show response
ynet-images1.yit.co.il/Common/frontend/site/prod/ 3 MB
605 KB 23ms
23ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/widgets.366e28cc38c5ff4f63bd.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: bd61f80010cfb8b7f76b2ace43830cb6e3b67b436a5ac180ff69511d05a7d411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 09:21:14 GMT
server: Microsoft-IIS/10.0
age: 75773
access-control-allow-methods: GET,POST
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 619199
x-llid: d5f11adef586d0448821432ba8064785
expires: Thu, 06 Oct 2022 10:30:51 GMT

GET
H2 200 YitVideo.js Show response
www.ynet.co.il/Common/Api/Scripts/ 67 KB
17 KB 44ms
8ms Script
application/javascript 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9b5c5ba62f3273a3176c0d737a99b71456ec42a46f3f6edbc055dcc1f5cba677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:43 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 21:00:10 GMT
etag: "5e98ceee752d71:0"
vary: Accept-Encoding
content-type: application/javascript
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1862775
wai: 02
accept-ranges: bytes
content-length: 17325
expires: Wed, 28 Sep 2022 20:59:58 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

295 KB
80 KB

199ms
76ms

Script
text/javascript

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4bea8b472628d473bd0d4194da40cc39c45fd356290595b7c74799484a2f202c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1662536024037312-14725133737535692030-sas3-0783-515-sas-l7-balancer-8080-BAL-6890
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 07 Sep 2022 08:33:44 GMT

Redirect headers

date: Wed, 07 Sep 2022 07:33:43 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/context.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 vestywb.js Show response
cf.dxmcdn.com/dta/ 2 KB
1 KB 145ms
35ms Script
application/javascript 2600:9000:2127:2e00:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/vestywb.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2436d29de150accd2c12d8d0d9573a1a9eb737cf7d3367399c0cb16373350ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 14:35:02 GMT
server: AmazonS3
age: 21392
etag: W/"a435da4401729d31985da618671fc2cc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
date: Wed, 07 Sep 2022 01:47:33 GMT
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: rT9R2B0Mnj7tjVoQGvM1mF-hiwbPzCK0YrKeJCjZhc17hKL1Wp1LFQ==

GET
H2 200 2.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2019/09/08/H12UofG8r/ 7 KB
7 KB 32ms
22ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2019/09/08/H12UofG8r/2.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fb408a3f4c5c7ba9cd3672310df56a5a9a5f6e9fa36e73e20b54c643614f0af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Sun, 08 Sep 2019 06:12:06 GMT
server: Microsoft-IIS/10.0
age: 1104376
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7051
x-llid: 67b52e724e4df572444784710b0a731c
expires: Sat, 24 Sep 2022 12:47:28 GMT

GET
H/1.1 200
OK logo-menu_vesti.png
www.vesty.co.il/images/ynetnewsresp/ 3 KB
3 KB 22ms
15ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/logo-menu_vesti.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5d46a3aec6cdde85198eef50041bf346ecf8dc3b5a06e03329da7998f475143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 24 Aug 2022 05:55:57 GMT
ETag: "0128c803c30d21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2739

GET
H2 200 1220.png
www.ynet.co.il/Cnt/Images/Weather/ 771 B
986 B 20ms
10ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/Cnt/Images/Weather/1220.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bbec6ad5fcc7993fa87de6e94b777d3c85c133e760873d9360379f9fa0d64a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Thu, 25 Aug 2022 07:31:10 GMT
etag: "9a826d31d827d41:0"
content-type: image/png
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1468533
wai: 01
accept-ranges: bytes
content-length: 771
expires: Sat, 24 Sep 2022 07:29:17 GMT

GET
H/1.1 200
OK nagishot.png
www.vesty.co.il/images/ 2 KB
2 KB 32ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/nagishot.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d819ca91e194a55f3763ce322ba88e7447cac67fbe81d85872045a1432db5b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Tue, 02 Aug 2022 13:38:28 GMT
ETag: "5a34512025ccd41:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1719

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/ 1 KB
2 KB 34ms
25ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8550ea63cdf2144d6663541355a2c22d39d55092bff6bb559b33b5596269aa34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1200440
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1461
x-llid: 7ef3d0d3b7dccb3434d613cca5e97503
expires: Fri, 23 Sep 2022 10:06:24 GMT

GET
H/1.1 200
OK mivzakim_menu_item.png
www.vesty.co.il/images/ynetnewsresp/ 22 KB
23 KB 42ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/mivzakim_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b81870c09e4546205428647dffb99435bfaeea2a481b8932dfd37b76a0654b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Tue, 30 Aug 2022 07:01:07 GMT
ETag: "02b2552e30d21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 02
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22778

GET
H2 200 comments_menu_item_200x200_RGB.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/ 5 KB
6 KB 34ms
25ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/comments_menu_item_200x200_RGB.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: dc4506aa970b6143b290a9fc2109bd70ccf4d1782428aedf2591b40f1434ef82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 15:17:54 GMT
server: Microsoft-IIS/10.0
age: 1200440
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5365
x-llid: 6d38609e8f4c25c07baa55016a2ea26a
expires: Fri, 23 Sep 2022 10:06:24 GMT

GET
H2 200 money_menu_item.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/ 1 KB
1 KB 34ms
25ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/money_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2e13e2b9a9478f68c39346a7155b90321b2fb8a865eb8804781a75815b004d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1104374
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1165
x-llid: 28de71aeba8c94fee9e9e59ce9037ffa
expires: Sat, 24 Sep 2022 12:47:30 GMT

GET
H2 200 community_menu_item.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/ 22 KB
23 KB 35ms
26ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/community_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 37053f01142cbe1f55a25ba58d820579027647a4da0794209783b3dd609078cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1200440
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22990
x-llid: bd9f25dd8636f2433a87d492f30f7cbf
expires: Fri, 23 Sep 2022 10:06:24 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/ 23 KB
23 KB 37ms
28ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b759a63aa4d7af11cf52d9e2a1910662595a3b59fc1a4b8b5e5644c39f74e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 1124200
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23041
x-llid: 6037b45c10c4c369536e957af3ffc10d
expires: Sat, 24 Sep 2022 07:17:04 GMT

GET
H2 200 ______.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/ 22 KB
22 KB 37ms
28ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e97600804f99d9b0a37ca25349cafea3ca90c75498a4967afbdc616f7133059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1104374
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22734
x-llid: ece750a11116120ce2bae05ae2a8af73
expires: Sat, 24 Sep 2022 12:47:30 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/ 1 KB
2 KB 35ms
26ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1cc6304316c75c71feb79060ebcbdaec27b18b67a1d6fafffa7881a9655e65fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 1200440
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1454
x-llid: 5ba49e87eb238ac8960ff949d6352ce3
expires: Fri, 23 Sep 2022 10:06:24 GMT

GET
H2 200 ______.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/ 1 KB
2 KB 38ms
30ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 62d3dc98c507a16e8dc5d9815eee29add7bfce141c25b844e0f6d57afd1cdd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 1200439
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1397
x-llid: 0d303cb655f4a93f0a6e2ccd8638f91c
expires: Fri, 23 Sep 2022 10:06:25 GMT

GET
H2 200 ____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/ 22 KB
23 KB 38ms
30ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e1c563384b96de069dbd94b764088e9c6b4cb6031b393d8ffa775e5b44e7b781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1200440
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22866
x-llid: 7ecac4d307b9742c7d02413d8af7b2d4
expires: Fri, 23 Sep 2022 10:06:24 GMT

GET
H2 200 ______.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/ 22 KB
23 KB 52ms
44ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e92539e06df96dc2373cc3cdfe2fc0bddb434cdcbdd6216def27ed76f916408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 1124200
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22853
x-llid: eec38db1b0c3ef0238efe655581882b6
expires: Sat, 24 Sep 2022 07:17:04 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/ 23 KB
23 KB 53ms
46ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f2fb2516957cf9e8fcba382836cd3f5ca0b6dae9446611e577b2d1dbb10ce95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1104374
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23090
x-llid: efd9b93250fa113a7f5d0f988a3fdd80
expires: Sat, 24 Sep 2022 12:47:30 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/ 1 KB
1 KB 54ms
46ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: bfac01f1e0a8417d76b572c6c01e3459e4b026c3cddbeb12a335bc033adb9a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 1200439
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178
x-llid: e0d40cc76870b7eee3b0d3eeca42dcff
expires: Fri, 23 Sep 2022 10:06:25 GMT

GET
H/1.1 200
OK currency_ruble.png
www.vesty.co.il/images/ 251 B
531 B 39ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/currency_ruble.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 738b9cd36fe5bcf159ab463801ed5f9791d64629cb7b51defcc7061485a98500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Mon, 29 Aug 2022 01:17:03 GMT
ETag: "053fe4eb94fd21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 251

GET
H/1.1 200
OK currency_dollar.png
www.vesty.co.il/images/ 316 B
598 B 46ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/currency_dollar.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0016393da9ef1a445e63bc833c3806423336f0c85926cb3035cdd55fdc702052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Thu, 25 Aug 2022 14:35:47 GMT
ETag: "0ded2d1b84fd21:0"
Content-Type: image/png
VX-Cache: HIT
V-TTL: 3636
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316

GET
H/1.1 200
OK currency_euro.png
www.vesty.co.il/images/ 331 B
611 B 45ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/currency_euro.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e248d1f1d1cd34170a12a1a6577c78ad6ded463820430e30620c37c3ace79f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Tue, 09 Aug 2022 06:40:15 GMT
ETag: "0c9ae5fb94fd21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 331

GET
H/1.1 200
OK mainsearch_sep.png
www.vesty.co.il/images/ 118 B
398 B 13ms
11ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/mainsearch_sep.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e89e9cf76acc420ce8014fb5752eb639a3ddab8b5683f523a13ed1f9bca122bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Mon, 01 Aug 2022 23:12:11 GMT
ETag: "809e52bb5f2cf1:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 02
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118

GET
H/1.1 200
OK rssIconVesty.png
www.vesty.co.il/images/ 2 KB
2 KB 12ms
11ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/rssIconVesty.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55f7554cc7b33c97e2cda88237977f58ee7bdec0006d1db1579f9debe8321bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Fri, 05 Aug 2022 19:52:44 GMT
ETag: "08817210e8d21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1698

GET
H/1.1 200
OK emailVestyIcon.png
www.vesty.co.il/images/ 1 KB
1 KB 15ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/emailVestyIcon.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d4bef38d102f950ca16ac71a8fb77eac9840c6bbbd85cd1fc43ce12578ff8ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Mon, 29 Aug 2022 15:55:05 GMT
ETag: "095808b3046d21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217

GET
H/1.1 200
OK faceVesty.png
www.vesty.co.il/images/ 2 KB
2 KB 12ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/faceVesty.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3da550d33721ae136835c223328e06a02f9377a1415d16869bbff8360b699f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Thu, 28 Jul 2022 04:01:45 GMT
ETag: "805caa162a46d21:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1904

GET
H/1.1 200
OK 1220.png
www.vesty.co.il/Cnt/Images/Weather/ 771 B
1 KB 9ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/Cnt/Images/Weather/1220.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bbec6ad5fcc7993fa87de6e94b777d3c85c133e760873d9360379f9fa0d64a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Fri, 26 Aug 2022 08:34:10 GMT
ETag: "9a826d31d827d41:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 771

GET
H2 200 DOAR_ADOM_A.gif
images1.ynet.co.il//PicServer5/2019/05/13/9242159/ 9 KB
9 KB 76ms
8ms Image
image/gif 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ynet.co.il//PicServer5/2019/05/13/9242159/DOAR_ADOM_A.gif
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Mon, 13 May 2019 09:21:28 GMT
server: Microsoft-IIS/10.0
etag: "b27baa3e6d9d51:0"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1496231
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9053
expires: Sat, 24 Sep 2022 15:10:55 GMT

GET
H2 200 HktcdtU0000_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/05/10/HktcdtU0000/ 8 KB
8 KB 53ms
47ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/05/10/HktcdtU0000/HktcdtU0000_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b1cee7dfcc18a026988558dee0c6226299a18928d5b3c72cc1f36836da6ea9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Tue, 04 Jan 2022 09:11:06 GMT
server: Microsoft-IIS/10.0
age: 1104372
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7835
x-llid: aec0104628d20c26996b01d720383ebf
expires: Sat, 24 Sep 2022 12:47:32 GMT

GET
H2 200 HyyDejBlj_0_0_850_479_0_large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/09/07/HyyDejBlj/ 186 KB
186 KB 54ms
48ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/09/07/HyyDejBlj/HyyDejBlj_0_0_850_479_0_large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e69034b40a97f0287927ae02aadcb72dbe26e4d2b7ebaf9cb2e2933d5d98198

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 07 Sep 2022 06:10:27 GMT
server: Microsoft-IIS/10.0
age: 4923
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 190125
x-llid: da08de7c09ac90d60a6d0fe67abb4784
expires: Fri, 07 Oct 2022 06:11:41 GMT

GET
H/1.1 200
OK mailme.png
www.vesty.co.il/images/ 1 KB
2 KB 12ms
12ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/mailme.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f3235e9bf4c052c68b18533e2df4e0ac23cc6fe9cced74f9c5164337f70fdab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Sat, 30 Jul 2022 15:11:46 GMT
ETag: "802bbe42b645d31:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1451

GET
H/1.1 200
OK twit.png
www.vesty.co.il/images/ 2 KB
2 KB 9ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/twit.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b71acad0dfb12aea811ad43eb6ffc6bbc6f0608a4b800dfccd91578b635b0a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Thu, 28 Jul 2022 00:00:19 GMT
ETag: "098e12db645d31:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1543

GET
H/1.1 200
OK fb.png
www.vesty.co.il/images/ 1 KB
2 KB 10ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/fb.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0bc18f63f01eb720a40417ecb71668194eede9c286f6df56a33362477d7cde81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Fri, 29 Jul 2022 23:12:51 GMT
ETag: "80fbd055b645d31:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 02
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1391

GET
H/1.1 200
OK telegram50x50.png
www.vesty.co.il/images/ 4 KB
4 KB 9ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/telegram50x50.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e06e90ffc052c36460d323b1f805209381164312d3943df8c0e1361f9bfc3f4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Thu, 25 Aug 2022 01:01:38 GMT
ETag: "ffa1997d298bd61:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4260

GET
H/1.1 200
OK footer-whats.png
www.vesty.co.il/images/ynetnewsresp/ 10 KB
10 KB 10ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/footer-whats.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f72191af85455a05276109c064ed8ca67ab4c724c8ab2c50830e21cdfde8b4c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Mon, 05 Sep 2022 00:20:58 GMT
ETag: "80756cf57794d11:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10377

GET
H/1.1 200
OK facebook_icon.png
www.vesty.co.il/images/ynetnewsresp/ 8 KB
9 KB 7ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/facebook_icon.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb073c448ce4ccbe4368b8942f85b9541f317c686392ac158446ec290f3a4e7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Sat, 30 Jul 2022 19:01:24 GMT
ETag: "80756cf57794d11:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8517

GET
H/1.1 200
OK send_icon.png
www.vesty.co.il/images/ynetnewsresp/ 9 KB
9 KB 8ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/send_icon.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3988fad39f0546ee2da0f837682e67af79a37b60eb39b12bf5719db80ac73fa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Tue, 09 Aug 2022 11:34:42 GMT
ETag: "80756cf57794d11:0"
Content-Type: image/png
VX-Cache: HIT
V-TTL: 2858
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8941

GET
H2 200 facebook-s.png
www.ynet.co.il/Common/Api/Scripts/youtube/ 588 B
802 B 17ms
11ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/facebook-s.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95830431420ad52a28ca356b624b46b3a64ba68ab877e34f19f7a3779c1e2e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Thu, 25 Aug 2022 18:21:55 GMT
etag: "9189ba5ba4d51:0"
content-type: image/png
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1507697
wai: 01
accept-ranges: bytes
content-length: 588
expires: Sat, 24 Sep 2022 18:22:01 GMT

GET
H2 200 twitter-s.png
www.ynet.co.il/Common/Api/Scripts/youtube/ 5 KB
5 KB 17ms
12ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/twitter-s.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e5fbb75d9a459a3b07cbcdeaa0c1d29da5d8efa904dc0a1ba3f2fce6a09ada5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Thu, 11 Aug 2022 11:29:25 GMT
etag: "a62b9463a4d51:0"
content-type: image/png
v-ttl: 7854
vx-cache: HIT
cache-control: private, max-age=281152
wai: 01
accept-ranges: bytes
content-length: 5240
expires: Sat, 10 Sep 2022 13:39:36 GMT

GET
H2 200 white_icon.png
www.ynetnews.com/images/ 1 KB
2 KB 62ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynetnews.com/images/white_icon.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c9c8fdfce46e567be13f3c2069ab3d6de3deb66237932fcfd82bb04f4709208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Tue, 06 Sep 2022 03:05:15 GMT
etag: "0a956cd2173d31:0"
content-type: image/png
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=502312
wai: 03
accept-ranges: bytes
content-length: 1443
expires: Tue, 13 Sep 2022 03:05:36 GMT

GET
H/1.1 200
OK yit_logo_footer.png
www.vesty.co.il/images/ 1 KB
2 KB 9ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/yit_logo_footer.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c0546498737a8547c8529a34eefdb32c02e492e0dc5784e4211ead8d00105667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Sat, 30 Jul 2022 18:52:39 GMT
ETag: "0de24cc038d31:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1402

GET
H/1.1 200
OK bootstrap.js Show response
middycdn-a.akamaihd.net/bootstrap/ 41 KB
12 KB 78ms
10ms Script
application/javascript 23.48.23.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.44 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-44.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f9bb36e54614efd34ba6db6564d906e246879807e9d40c73a253c211b81731d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: bPvzABhl4j526xQUiZ0nuLh2XCJVE8xS
Content-Encoding: gzip
ETag: "28388a86e295165ba4293efc0edef4cc"
x-amz-request-id: 5HD5Y1BV6SPQ6YSD
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 11631
x-amz-id-2: Ut2VI8yrQSrPpOdtAy+iCHkx3JLLVZa44ZiY3+9VxlAkwUUiJk3hhy2jCu9h9yamIiq7lO/B8Ok=
Last-Modified: Wed, 17 Aug 2022 12:09:26 GMT
Server: AmazonS3
Date: Wed, 07 Sep 2022 07:33:44 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 07 Sep 2022 08:33:44 GMT

GET
H3 200 pubads_impl_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 113ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131916
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Sep 2023 07:23:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 66 B
93 B 143ms
70ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de0529d3c675751b762e820612467f5df0c8c3d293602e0d20179e0aafcd6b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
expires: Wed, 07 Sep 2022 07:33:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
59 KB 142ms
56ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7edb22e9bf89f482e0661ea57a329b571f820c1fed8b119c76190efdfd0d89a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60310
x-xss-protection: 0
expires: Wed, 07 Sep 2022 07:33:44 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
5 KB 80ms
20ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-80.prg50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:39:51 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
age: 3234
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 4240
x-amz-cf-id: PIJdpv3He42lns9zefnUBDd6_VReoL7d0nWVLTaazig0c9n9zg-aXA==
expires: Wed, 07 Sep 2022 07:39:50 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 83ms
23ms Script
application/javascript 65.9.95.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-113.prg50.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

9c275d2a43e649ad7db7bc49df329e8ff366a4c916ae3ae0b325bca3437811ca

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:33:46 GMT
content-encoding: br
etag: W/"d8236dc7a41b176c1d692c112a848a5a"
last-modified: Wed, 07 Sep 2022 06:33:46 UTC
server: nginx/1.20.0
age: 3598
x-powered-by: PHP/8.0.14
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: VOfMVWJuSzmXKxndRUx81VqlvuxPtexteZ8cLI2tZUUGQpajvm1aiA==
x-xss-protection: 0

GET
H2 200 impl.20220906-5-RELEASE.js Show response
cdn.taboola.com/libtrc/ 682 KB
141 KB 17ms
11ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6e85f228af344ce1946241c71c8f17853fc6a260030e1ac313410a75e28972b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: MCmQBiKPwBuOxKGMiHEecl8j8f7fZ3ce
content-encoding: br
etag: "2531c0131ed343ed9e2b345d04ae44a1"
age: 23399
x-cache: HIT
content-length: 144474
x-amz-id-2: WKmUYSrmJCToGiMfcojZ13j468CAKU4kTEeFf61IM4aZelnuEpbmFFN9QrKN0FT3iCoxPRxYBno=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 08:56:18 GMT
server: AmazonS3-br
x-timer: S1662536024.253814,VS0,VE0
date: Wed, 07 Sep 2022 07:33:44 GMT
vary: Accept-Encoding
x-amz-request-id: M4MGH679ZWWQ9MBT
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 74
x-cache-hits: 12011

GET
H2 200 px.gif
ad-delivery.net/ 43 B
945 B 64ms
23ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Wed, 07 Sep 2022 07:33:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400705
x-guploader-uploadid: ADPycdse5asXrTV7KacSC9CsVztbGifpfcI6HXD5NFRC92fSV5W61ivFGwJk37iqGf4-ggDWX2avzgvGTkaPSVRKMm_cm9ss_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nX8%2FJahYcThklx9LYB7emDRUMRb%2Bw%2Fav%2FwqYTgx%2BOddzLJVdFfW9IzWo8QHiVAWOBJRi6SrqnFFgtPqFUVOuL36JJTxX3HuPh4dNtFecCIeVB88ykKabq0BkHVsW9wtWYj9JmWfzipR2BfXezw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 746dc207e84e9b5b-FRA
expires: Fri, 02 Sep 2022 16:32:17 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 115ms
32ms Image
image/x-icon 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 15:11:29 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
335 B 20ms
19ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.19440414865841227
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Wed, 07 Sep 2022 07:33:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400705
x-guploader-uploadid: ADPycdse5asXrTV7KacSC9CsVztbGifpfcI6HXD5NFRC92fSV5W61ivFGwJk37iqGf4-ggDWX2avzgvGTkaPSVRKMm_cm9ss_g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZtHk1ZriNfGeixalMraDcP8cGulP87CaHh0jQZeVk1q5Bc4LvO0aTP9gWkj92B87bb4J8SZiVZSVELEswzVDRQg7ChcTCwcaxaixvNz%2FrRqwcca91Ft8kBquWG%2Ffocl1XEeTe7dysmRRluJMg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 746dc207f8659b5b-FRA
expires: Fri, 02 Sep 2022 16:32:17 GMT

GET
H2 200 638cebf1cad2d7eb3472.js Show response
yastatic.net/partner-code-bundles/643738/ 13 KB
5 KB 44ms
39ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/643738/638cebf1cad2d7eb3472.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a50c99aafacbe6eb3b1da3a0aa9ca22498ef73cb49d488165b6c6726960d6a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4461
last-modified: Mon, 05 Sep 2022 15:53:05 GMT
server: nginx/1.17.9
etag: "7417c347aac541f36195b9e76130a1d7"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2052 14:05:54 GMT

GET
H2 200 0d813d7f6983d2fa340f.js Show response
yastatic.net/partner-code-bundles/643738/ 88 KB
19 KB 58ms
53ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/643738/0d813d7f6983d2fa340f.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

548c17fc7fc34b8cd4600f616c2e51f94623f27e28f88f64daaebea95b130dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 18652
last-modified: Mon, 05 Sep 2022 15:53:04 GMT
server: nginx/1.17.9
etag: "8b4cccfbf87744005b0eddc1eaea76c6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2052 14:05:54 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 80ms
75ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2052 14:08:23 GMT

GET
H2 200 a599fb4e32d87fcf897c.js Show response
yastatic.net/partner-code-bundles/643738/ 540 KB
109 KB 95ms
91ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/643738/a599fb4e32d87fcf897c.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1e5f73d80cd0bd5fc941c1d65a3a3ea3491a1bc1f221cd9e4089108747a38461

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 110684
last-modified: Mon, 05 Sep 2022 15:53:06 GMT
server: nginx/1.17.9
etag: "f883ea04cfbaa855c3b0c338d46d732e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2052 14:05:54 GMT

GET
H2 200 go_vesti.png
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 36ms
30ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/go_vesti.png
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f0c4029e2ea812d0f8abfa9038646761e57c3438ca491289aa2d3d628150dd5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Thu, 13 Oct 2016 08:12:52 GMT
server: Microsoft-IIS/10.0
age: 1200441
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1703
x-llid: f1cca3f37a5b8bdccad99607019b40c8
expires: Fri, 23 Sep 2022 10:06:23 GMT

GET
H2 200 110mainsearch_weather_bg2.gif
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 38ms
33ms Image
image/gif 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/110mainsearch_weather_bg2.gif
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2d77263a48ea0f8d2903e95c94e176bfe23a032a627dda23077a708ffc5d854d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Sun, 13 Mar 2016 14:35:18 GMT
server: Microsoft-IIS/10.0
age: 1104376
access-control-allow-methods: GET,POST
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1865
x-llid: bda79565c10caa11c11d8756a01c80e5
expires: Sat, 24 Sep 2022 12:47:28 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 2BE5 15 KB
9 KB 133ms
93ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvestyisrael&tabs=timeline&width=300&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1349386115096799

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1acbf5976da684e47382f858b20e6ceb222a96b0dbad5eb527feb16518044a8

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 07 Sep 2022 07:33:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: man/+RlH5o0KrsG8o5zICbUOKevmoezsu7XZh+743SSoK3rS5+pITph9BY1FhIQ6dAodRdYf+T9+jroLtfth0w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 115mainsearch_weather_bg2.gif
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 27ms
26ms Image
image/gif 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/115mainsearch_weather_bg2.gif
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0ab577cc741322a238c8c5d22617155f4d2f3351ddfcb4af5fab3f95e2ce1362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Sun, 13 Mar 2016 14:35:18 GMT
server: Microsoft-IIS/10.0
age: 1094796
access-control-allow-methods: GET,POST
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1883
x-llid: 678610023df449d165eda20774b792f7
expires: Sat, 24 Sep 2022 15:27:08 GMT

GET
H2 200 tgr_arrow_right.png
www.ynet.co.il/images/ 186 B
400 B 9ms
8ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/images/tgr_arrow_right.png
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 18c7d9d199a3f0dbb1a093cbeecdf22c2b4266798c51a4f200c79fd7c20ca9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Fri, 26 Aug 2022 20:28:27 GMT
etag: "09353fcb773d11:0"
content-type: image/png
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1601662
wai: 02
accept-ranges: bytes
content-length: 186
expires: Sun, 25 Sep 2022 20:28:06 GMT

GET
DATA 200
OK truncated
/ 681 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77360f19ad0f3bd8f123473bf21e142fe7546b8290af33745144ba8715b958c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 511 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ca088540c7b9a598900b2e92d609c4377fb2d4ab03514c2e2596d695db664a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 511 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f1808960febfa1afc1f1909aa3ddc32ef9247c739298931ff18d8ebc6003de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 27ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4ae74653704f5c9ee71848b1e7b3b960dc899f57ee62e4fe2edb4cdd13f8572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CjicH3O6hjtGIAUxa5/xYw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 8kMhNBCebC/LgscnXROuqUcRinmO2Jxw/5Cb+8284pv8KhFLuMEzlTjP+DjljesLlBPzw6kp7C/Q5HZoiGw9Uw==
x-fb-trip-id: 917726464
x-fb-content-md5: db17e22a6dffee755f9a20fbb5c5f1bb
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 07:33:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e038da64c12d5d8a684f46d58f1e79c5"
timing-allow-origin: *
expires: Wed, 07 Sep 2022 07:49:49 GMT

GET
H2 200 article_v15.png
www.ynet.co.il/PicServer5/2017/08/22/sprites/ 14 KB
14 KB 17ms
17ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/PicServer5/2017/08/22/sprites/article_v15.png
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.3e37ef9c2f900d70c10f42a7a184b286.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6e267014a3a1a17e33bf410e7ddca6f1273814cbc66747b723b7aa1bad570800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Tue, 22 Aug 2017 14:09:07 GMT
etag: "80c3b737501bd31:0"
content-type: image/png
cache-control: private, max-age=1825188
accept-ranges: bytes
content-length: 13969
expires: Wed, 28 Sep 2022 10:33:32 GMT

GET
H2 200 youtube.css
www.ynet.co.il/Common/Api/Scripts/youtube/ 21 KB
5 KB 18ms
16ms Stylesheet
text/css 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/youtube.css?v=03.01
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
last-modified: Fri, 15 Jul 2022 15:43:34 GMT
etag: "3edfd0279666d71:0"
vary: Accept-Encoding
content-type: text/css
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=2549807
wai: 03
accept-ranges: bytes
content-length: 4519
expires: Thu, 06 Oct 2022 19:50:31 GMT

GET
H2 200 youtube.css
www.ynet.co.il/Common/Api/Scripts/youtube/ 21 KB
5 KB 26ms
24ms Stylesheet
text/css 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/youtube.css
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
last-modified: Mon, 04 Jul 2022 18:58:29 GMT
etag: "3edfd0279666d71:0"
vary: Accept-Encoding
content-type: text/css
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1574091
wai: 01
accept-ranges: bytes
content-length: 4519
expires: Sun, 25 Sep 2022 12:48:35 GMT

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001404/ 5 KB
2 KB 357ms
118ms Script
application/javascript 54.227.49.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001404/?pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.227.49.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-227-49-12.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 5d560f4c2cf5456fd153583835853949d67874f5d02bc30f4af03df93dc899f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 1983

GET
H2 200 accessibility.js Show response
js.nagich.co.il/core/4.2.2/ 40 KB
14 KB 62ms
22ms Script
application/javascript 2606:4700:20::ac43:473d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1354945
x-powered-by: ASP.NET
access-control-allow-methods: GET
last-modified: Mon, 27 Dec 2021 12:02:00 GMT
server: cloudflare
etag: W/"0eca68d19fbd71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Abhdx6805yDocR5UBhhlQkRZpu0wGlJ9a5X9bM7rd5PtvUNS2SwPNuiz0ofrWdlZoMvvKFL5dERKn1zkyEotq6uI5FF88MhjKYIbAzteM2RvM7HqetZMzHVeIw8m3cHKstJJSylJnJm6iX1ypQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 746dc2084a6bbb71-FRA

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/ 1 KB
2 KB 11ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 8550ea63cdf2144d6663541355a2c22d39d55092bff6bb559b33b5596269aa34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1ad693f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1461

GET
H/1.1 200
OK comments_menu_item_200x200_RGB.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/ 5 KB
5 KB 12ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/comments_menu_item_200x200_RGB.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: dc4506aa970b6143b290a9fc2109bd70ccf4d1782428aedf2591b40f1434ef82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 15:17:54 GMT
Server: Microsoft-IIS/10.0
ETag: "fa8c1e99b7e1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5365

GET
H/1.1 200
OK money_menu_item.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/ 1 KB
1 KB 10ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/money_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 2e13e2b9a9478f68c39346a7155b90321b2fb8a865eb8804781a75815b004d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "6c8fb5f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1165

GET
H/1.1 200
OK community_menu_item.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/ 22 KB
23 KB 14ms
12ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/community_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 37053f01142cbe1f55a25ba58d820579027647a4da0794209783b3dd609078cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "260b8f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22990

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/ 23 KB
23 KB 10ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b759a63aa4d7af11cf52d9e2a1910662595a3b59fc1a4b8b5e5644c39f74e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "de375f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23041

GET
H/1.1 200
OK ______.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/ 22 KB
22 KB 11ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e97600804f99d9b0a37ca25349cafea3ca90c75498a4967afbdc616f7133059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "20799f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22734

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/ 1 KB
2 KB 10ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1cc6304316c75c71feb79060ebcbdaec27b18b67a1d6fafffa7881a9655e65fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "c88171f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1454

GET
H/1.1 200
OK ______.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/ 1 KB
2 KB 14ms
14ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 62d3dc98c507a16e8dc5d9815eee29add7bfce141c25b844e0f6d57afd1cdd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "885673f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1397

GET
H/1.1 200
OK ____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/ 22 KB
23 KB 11ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e1c563384b96de069dbd94b764088e9c6b4cb6031b393d8ffa775e5b44e7b781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "408baef7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22866

GET
H/1.1 200
OK ______.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/ 22 KB
23 KB 21ms
21ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e92539e06df96dc2373cc3cdfe2fc0bddb434cdcbdd6216def27ed76f916408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "94a473f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22853

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/ 23 KB
23 KB 9ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f2fb2516957cf9e8fcba382836cd3f5ca0b6dae9446611e577b2d1dbb10ce95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "56a290f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23090

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/ 1 KB
1 KB 20ms
20ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: bfac01f1e0a8417d76b572c6c01e3459e4b026c3cddbeb12a335bc033adb9a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:44 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "8e33a9f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1178

GET
H/1.1 200
OK B1eiYbRfnt Show response
www.vesty.co.il/iphone/json/api/auto_ticker/ 45 KB
10 KB 17ms
8ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/auto_ticker/B1eiYbRfnt

Requested by

Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

b04c3edab0547d21ad681e49bac2554b7db1e60355fa306911381781b365869b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main/article/syrrynhgi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
X-me: ${S_HOSTNAME}
Date: Wed, 07 Sep 2022 07:33:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
VX-Cache: HIT
WAI: 03
Connection: keep-alive
V-TTL: 51
X-version: V3
Accept-Ranges: bytes
Last-Modified: Wed, 07 Sep 2022 07:31:41 GMT
OSV: c8
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
vg_id: 2
Content-Length: 9933

GET
H/1.1 200
OK B1eiYbRfnt Show response
www.vesty.co.il/iphone/json/api/auto_ticker/ 45 KB
10 KB 17ms
8ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/auto_ticker/B1eiYbRfnt

Requested by

Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

b04c3edab0547d21ad681e49bac2554b7db1e60355fa306911381781b365869b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main/article/syrrynhgi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
X-me: ${S_HOSTNAME}
Date: Wed, 07 Sep 2022 07:33:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
VX-Cache: HIT
WAI: 03
Connection: keep-alive
V-TTL: 51
X-version: V3
Accept-Ranges: bytes
Last-Modified: Wed, 07 Sep 2022 07:31:41 GMT
OSV: c8
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
vg_id: 2
Content-Length: 9933

GET
H/1.1 200
OK 0 Show response
www.vesty.co.il/iphone/json/api/talkbacks/list/syrrynhgi/end_to_start/ 24 B
400 B 99ms
90ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/talkbacks/list/syrrynhgi/end_to_start/0

Requested by

Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

048a6099e10c5ac79ff998eb79a4b5d5679e9dbef7cada30c224dfbc262c7fdb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main/article/syrrynhgi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
X-me: ${S_HOSTNAME}
Date: Wed, 07 Sep 2022 07:33:44 GMT
VX-Cache: MISS
WAI: 02
Connection: keep-alive
V-TTL: 0
X-version: V3
Accept-Ranges: bytes
Last-Modified: Wed, 07 Sep 2022 07:33:41 GMT
OSV: c8
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Access-Control-Allow-Origin: *
vg_id: 2
Content-Length: 24

GET
H2 200 image.png
ynet-images1.yit.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/ 235 KB
235 KB 35ms
32ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/image.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d9db27d4ca79f2af0936f4a1ab1c13ddb8a8203173710c43c659cf4d1e0ccfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Wed, 07 Sep 2022 04:41:37 GMT
server: Microsoft-IIS/10.0
age: 9832
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 240657
x-llid: c3aa7af59d05d7e605df6782e6b95e81
expires: Fri, 07 Oct 2022 04:49:52 GMT

GET
H2 200 card-interference-detector.20220906-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 11ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20220906-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23b53b894e3eb0be8c3c5af2cbd921cccc96635c70d1d75a13d3ff2b6c881cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: tCodbA3X3cV1dxhbSOP4HvddZjPJ2y._
content-encoding: gzip
etag: "f5a4340495793f19b3f402c175bbfcc1"
age: 36
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2181
x-amz-id-2: o+0R0k7Z0I0VMNVThjfAOEMrSrdH7KhR4y4C/SzGpXokzpFbftawfYI0LJHuhZ5I6Sh78sDHvYY=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 10:34:04 GMT
server: AmazonS3
x-timer: S1662536025.559951,VS0,VE0
date: Wed, 07 Sep 2022 07:33:44 GMT
vary: Accept-Encoding
x-amz-request-id: H80K0QF1NN47649D
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 13

GET
H2 200 json Show response
trc.taboola.com/ynet-vesty/trc/3/ 94 KB
28 KB 473ms
465ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/trc/3/json?tim=07%3A33%3A44.546&lti=deflated&data=%7B%22id%22%3A223%2C%22ii%22%3A%22%2Fmain%2Farticle%2Fsyrrynhgi%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1662456343425%2C%22vi%22%3A1662536024544%2C%22cv%22%3A%2220220906-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi%22%2C%22vpi%22%3A%22%2Fmain%2Farticle%2Fsyrrynhgi%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2612%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22alternating-thumbnails-dd%3Aabp%3D0%22%2C%22uip%22%3A%22article%20mid%20page%22%2C%22orig_uip%22%3A%22article%20mid%20page%22%2C%22cd%22%3A1122.515625%2C%22mw%22%3A490%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22organic-thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%22%2C%22orig_uip%22%3A%22Right%20Rail%22%2C%22cd%22%3A2000%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-lr%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Left%20Rail%20Thumbnails%22%2C%22cd%22%3A512%2C%22mw%22%3A150%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbs-feed-1x1%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1573.515625%2C%22mw%22%3A490%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmain%2Farticle%2Fsyrrynhgi%2CBelow%20Article%20Thumbnails%3Dthumbs-feed-1x1%3Aabp%3D0%2C%2CLeft%20Rail%20Thumbnails%3Dthumbnails-lr%3Aabp%3D0%2C%2CRight%20Rail%3Dorganic-thumbnails-rr%3Aabp%3D0%2C%2Carticle%20mid%20page%3Dalternating-thumbnails-dd%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6d6e99440ef346f3b99fb32adde3516fd20f9e478f4c6ef779ea50c0cf3cc6a

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 455
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
server: nginx
x-timer: S1662536025.566923,VS0,VE455
x-served-by: cache-hhn4020-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 youtube.js Show response
www.ynet.co.il/Common/Api/Scripts/youtube/ 10 KB
10 KB 10ms
7ms Script
application/javascript 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/youtube.js?v=03.01
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 749886f0c7b06a4df622b00a061a33b7b7343bc1987941c26f8b455e6a63a54c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Thu, 09 Jun 2022 16:52:07 GMT
etag: "88766456ed21d61:0"
content-type: application/javascript
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1847896
wai: 02
accept-ranges: bytes
content-length: 9815
expires: Wed, 28 Sep 2022 16:52:00 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
128 B 214ms
143ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=vvhQhzichX&w=5732901039636480&o=6244355308257280&cv=2.0.9-1-g2cac8e3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Sep 2022 07:33:44 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 FkQjqY8x90V.css
static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/ Frame 2BE5 19 KB
5 KB 28ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/l/0,cross/FkQjqY8x90V.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvestyisrael&tabs=timeline&width=300&height=500&small_header=true&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=1349386115096799

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62eec41f1904765b1d973e774e6b3dee84f1037459149eb858547822ce89f996

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vjh0jDgDzAEgEL+5WMIAaQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5034
x-fb-rlafr: 0
x-fb-debug: MiCvaltpn+m9JFlhublUD+p0rSlx7Fkr5bT02PrSUXD5To+pt5RlOWIki7uzVYoaIDvs5610wBOxAGSXXoGQTg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 05 Sep 2023 15:27:26 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
101 B 516ms
171ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=zBdVHDm$KK
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:44 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 5 KB
2 KB 108ms
38ms XHR
application/json 54.74.111.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=vesty&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&bid=zBdVHDm%24KK%23VFyJIXqL_&at=%D0%91%D0%BE%D0%B9%20%D1%83%20%D0%94%D0%B6%D0%B5%D0%BD%D0%B8%D0%BD%D0%B0%3A%20%D1%81%D0%BF%D0%B5%D1%86%D0%BD%D0%B0%D0%B7%20%D0%A6%D0%90%D0%A5%D0%90%D0%9B%D0%B0%20%D0%BB%D0%B8%D0%BA%D0%B2%D0%B8%D0%B4%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%20%D1%82%D0%B5%D1%80%D1%80%D0%BE%D1%80%D0%B8%D1%81%D1%82%D0%B0&sw=1600&sh=1200
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.111.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-111-76.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: 550aa3c6bb3966bb571284a76fbc22430f5f02dbcb1baa89d9c5e2a4aa589522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: application/json

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 37ms
7ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 07 Oct 2022 07:33:44 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 300 KB
85 KB 21ms
10ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=3f1694079d809b93d6e10527fbcd4c22

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb966a500230295d966ef222294e88eda03a73c4d4bb46a95edb7b11f73c8c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jIku65/TO3mIoPOWFCvwKQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86930
x-fb-rlafr: 0
x-fb-debug: lABi9FpBWraWrINNVD7CUW+mvnTLzpMGnvTpDdIpusXHpJMBa/dtCbpnkJbUl1CvL6WE6rRP3UuOvTci6FHQ6w==
x-fb-content-md5: 8cf18d03d5623620506b76d30783624b
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 07 Sep 2022 07:33:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "02180be9aea1d4d70993cd4af1d3d09d"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 07 Sep 2023 05:49:45 GMT

GET
H2 403 6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js
cdn.permutive.com/ 0
0 57ms
20ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js?d=2022-09-07
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/vestywb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
73 KB 132ms
58ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af6cbb7f3fd7f842a1412ccedc7d64c82a3178b146bc2ed9df7b80747d25ac92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74487
x-xss-protection: 0
expires: Wed, 07 Sep 2022 07:33:44 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 103 KB
41 KB 124ms
45ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KXPKGJR

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

875797be92884b7d6c3b652838fb5814f2b2ba251115af1bd8f53672dfb83c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41182
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Sep 2022 07:33:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 117ms
37ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1066
date: Wed, 07 Sep 2022 07:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 07 Sep 2022 09:15:58 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 2 KB
1 KB 78ms
68ms XHR
application/json 65.9.95.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7787&url=%2Fmain%2Farticle%2Fsyrrynhgi&charset=UTF-8&ch=7&ref=www.vesty.co.il&viewerId=null&referer=&_firid=19520808
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-113.prg50.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: e0171f98bcce5db650e9cc7f6820fae1801e348c305497f374623e8dd5573000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://www.vesty.co.il
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: lboru-3MenUVnlSyEElTPyjWEaG7fCyl1OOSMrEpbPaxY5NE7lx5lA==
expires: 0

GET
H2 200 style.css Show response
js.nagich.co.il/style/ 15 KB
4 KB 25ms
24ms Fetch
text/css 2606:4700:20::ac43:473d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/style/style.css
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1043058
x-powered-by: ASP.NET
access-control-allow-methods: GET
last-modified: Wed, 15 Dec 2021 11:05:22 GMT
server: cloudflare
etag: W/"04554a7a3f1d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VT7NZ0hPHKTrfdKLm66dyvbKq2LLiM7VpFIQeSLehX80%2BsnkFZ2BRLWbfEKZ7LGjkL4Hvy%2Fm0v8i%2BEvMA9lGVL4srNKruq5G1aVY9VWzQr2qD6%2FfR0DjjLg3Ip1j%2FAPny7UxSFc%2F%2Bbe7p0hYew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 746dc20a1cf2bb71-FRA

GET
H2 200 btncolor.css Show response
js.nagich.co.il/style/ 103 B
427 B 32ms
32ms Fetch
text/css 2606:4700:20::ac43:473d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/style/btncolor.css
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1357646
x-powered-by: ASP.NET
access-control-allow-methods: GET
last-modified: Mon, 11 Feb 2019 10:07:59 GMT
server: cloudflare
etag: W/"e97d81aaf1c1d41:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aa0FhN3BDqn%2B1iQSSNkm1dh6uMVz1BYETw9ovc57Fp2XbHZXs%2F%2BWMvMkA9o25HZ5ohM2OCNAT4aAWcq3S2r5xUNZmKa4%2BAYZijds1PRBeVVJ9clb3IBpUAdwwNXvF6tnVPcvyrk%2BNZzvHNk81A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 746dc20a1cf5bb71-FRA

GET
H2 200 ru.json Show response
js.nagich.co.il/assets/locale/ 2 KB
976 B 79ms
78ms Fetch
application/json 2606:4700:20::ac43:473d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/assets/locale/ru.json
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Jun 2021 15:40:37 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: W/"ef1e2c9fc61d71:0"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ngvCP0d0qA59xQB7mycSpCBcv3YwW3IgKY6kRHWjD3NoErAQb3WSzAWimn709bamQ6ZlKg5bBJhRl4t%2BVkH%2FWCGQHkavFhgAM4AFukKvw4d3mZP1yz61GzGFO5J4Utt36uBz4fK231N5NfJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 746dc20a1cf6bb71-FRA

GET
H2 200 pdf.js Show response
js.nagich.co.il/assets/scripts/ 7 KB
2 KB 22ms
21ms Fetch
application/javascript 2606:4700:20::ac43:473d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/assets/scripts/pdf.js
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:473d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1043058
x-powered-by: ASP.NET
access-control-allow-methods: GET
last-modified: Sun, 23 Feb 2020 12:50:59 GMT
server: cloudflare
etag: W/"80fb6ce547ead51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpBLmTTGaYlGQf67w%2Bxngd95J5LzreZCKpB7MWjRoCkhsm%2BgJJnNzg4dCNK3%2BiLC8TG5AHOO7xCNFEjWzwoL7Qkoai3txeQqooQE91N3d2hidSni%2FWOUFA%2F9fQQYOm%2FZK9lfR7y9fRZJ%2BFnzVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 746dc20a1cf7bb71-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 128ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 146ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 127 KB
35 KB 662ms
662ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226214640806927&correlator=1691868763476874&eid=31062930&output=ldjh&gdfp_req=1&vrg=2022090101&ptt=17&impl=fifs&iu_parts=6870%2Cvesty%2Cdesktop%2Cinterstitial.adx%2Ctop%2Cnews%2Cisrael%2Cbox.1%2Cbox.2%2Cbox.3%2Cskyscraper.left%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2F6%2C%2F0%2F1%2F2%2F7%2F5%2F6%2C%2F0%2F1%2F2%2F8%2F5%2F6%2C%2F0%2F1%2F2%2F9%2F5%2F6%2C%2F0%2F1%2F2%2F10%2F5%2F6%2C%2F0%2F1%2F2%2F11%2F5%2F6&prev_iu_szs=1x1%2C970x90%7C970x250%7C770x350%7C970x350%2C300x250%2C300x250%2C300x250%2C160x600%7C160x601%2C160x600%7C160x601&ifi=1&adks=2106902652%2C3316214643%2C2719528268%2C4167763920%2C3688776979%2C943949322%2C434469519&sfv=1-0-38&ists=64&fas=8%2C0%2C0%2C0%2C0%2C0%2C0&fsapi=false&cust_params=ynfi%3D0%26dckw%3D0%26ngch%3D0%26yrca%3D0%26dcTag%3D%26ynch%3D50.Vesti-13147.VNews-13229.VIsrael%26dcPath%3D50.Vesti-13147.VNews-13229.VIsrael%26dccg%3Darticle%26ynvc%3D0%26yncd%3Dsyrrynhgi%26callType%3DGPT%26dcsch%3Dnull%26dccw%3Dhigh_res%26dcsw%3D1600%26dcunigpt%3Dview1%26charset%3DUTF-8%26permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1662536024677&lmt=1662535869&dlt=1662536023775&idt=812&adxs=-9%2C315%2C990%2C990%2C990%2C0%2C1440&adys=-9%2C5%2C191%2C971%2C1321%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&frm=20&vis=1&psz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C1600x2612%7C1600x2612&msz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C160x-1%7C160x-1&fws=2%2C0%2C0%2C0%2C0%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1105187979.1662536025&ga_sid=1662536025&ga_hid=1948537989&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce8ff1c78273c1bccb85d85b6a591cd0030c06e49b59dde944449c136f47f6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35440
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EBA3 6 KB
4 KB 158ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:44 GMT
expires: Thu, 07 Sep 2023 07:33:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022090101.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022090101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8711ce39ae7100d4581624cb8acfc6f9b120929ee00e8a981a771854963533d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13591
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 08:36:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Sep 2023 16:36:00 GMT

GET
H2 200 middy-desktop-4.6.20.js Show response
cdn.browsiprod.com/sd/apps/middy/ 315 KB
72 KB 75ms
22ms Script
application/javascript 65.9.95.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-21.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 671b805cb047ef3dd389def0085c32602e0d79de568ccf339fb12f18de803616

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 05:59:26 GMT
content-encoding: br
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2079259
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 11:14:32 GMT
server: AmazonS3
etag: W/"2b7ed88db52002db8cfb9123fd4d4248"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: t9BeKoqcKBqYd31GXR57V4f8D5n1csQ2
via: 1.1 65dc50162b685d34f2ac712298bb090c.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000
x-amz-cf-pop: PRG50-C1
content-type: application/javascript
x-amz-cf-id: VIo-oKbYs3l7xcdeYkMt-FW0rqunTMCiA43QOFNIUwSvqg3laC8RDg==

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20220906_7f43ada2e8c00f4e0adba510625161ea59a9ebe9/ 627 KB
91 KB 142ms
17ms Script
application/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20220906_7f43ada2e8c00f4e0adba510625161ea59a9ebe9/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001404/?pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: AmazonS3 /
Resource Hash: 4e565290e0611e2aeaeb83d809fcb9610d6791d8c14489f56c39b49073709d59

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:44 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 14:50:26 GMT
server: AmazonS3
x-amz-request-id: 86WTJAPBSVB0T6YR
etag: "c9e740e1b8e910de93be215eccfef1ea"
x-hw: 1662536024.dop145.am5.t,1662536024.cds318.am5.hn,1662536024.cds227.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 92271
x-amz-id-2: ptL/LGJ3lilDW5MDR0b8Mnz+tjZmjqBki66MEyATRmbctX7U20TiqK1LB67WwwWXBrP9mdFjPrE=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5536870-20&cid=1105187979.1662536025&jid=392699501&gjid=2118530370&_gid=1116705052.1662536025&_u=aChAgEABQAAAAE~&z=51890132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 07 Sep 2022 07:33:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 109ms
36ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1948537989&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&dp=%2Fmain%2Farticle%2Fsyrrynhgi%3Fprof%3D50.Vesti-13147.VNews-13229.VIsrael&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=%D0%91%D0%BE%D0%B9%20%D1%83%20%D0%94%D0%B6%D0%B5%D0%BD%D0%B8%D0%BD%D0%B0%3A%20%D1%81%D0%BF%D0%B5%D1%86%D0%BD%D0%B0%D0%B7%20%D0%A6%D0%90%D0%A5%D0%90%D0%9B%D0%B0%20%D0%BB%D0%B8%D0%BA%D0%B2%D0%B8%D0%B4%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%20%D1%82%D0%B5%D1%80%D1%80%D0%BE%D1%80%D0%B8%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgEABQ~&jid=392699501&gjid=2118530370&cid=1105187979.1662536025&uid=0&tid=UA-5536870-20&_gid=1116705052.1662536025&gtm=2wg8v0NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2022%2F09%2F08%2008%3A33%3A45&cd12=Article&cd14=50.Vesti-13147.VNews-13229.VIsrael&cd15=%D0%92%D0%B5%D1%81%D1%82%D0%B8-Ynet&cd16=2022-09-07%2009%3A44%3A28&cd17=2022-09-07%2009%3A44%3A28&cd18=&cd19=syrrynhgi&cd21=250&cd23=Guy%20M&z=873790148

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 15:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59263
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 104ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=2oe8v0&_p=1948537989&cid=1105187979.1662536025&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662536024&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&dt=%D0%91%D0%BE%D0%B9%20%D1%83%20%D0%94%D0%B6%D0%B5%D0%BD%D0%B8%D0%BD%D0%B0%3A%20%D1%81%D0%BF%D0%B5%D1%86%D0%BD%D0%B0%D0%B7%20%D0%A6%D0%90%D0%A5%D0%90%D0%9B%D0%B0%20%D0%BB%D0%B8%D0%BA%D0%B2%D0%B8%D0%B4%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%20%D1%82%D0%B5%D1%80%D1%80%D0%BE%D1%80%D0%B8%D1%81%D1%82%D0%B0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
101 B 210ms
171ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:44 GMT
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 20ms
20ms Script
application/javascript 65.9.95.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-21.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: br
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
age: 15378
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
date: Wed, 07 Sep 2022 07:10:13 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 65dc50162b685d34f2ac712298bb090c.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 8wOrxCNDIGT7yPTcObXtyD085bHM0iamZKshcAHunklXqFvDSfj-kg==

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
102 B 202ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:44 GMT
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
63ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5536870-20&cid=1105187979.1662536025&jid=392699501&_u=aChAgEABQAAAAE~&z=1802684203

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5536870-20&cid=1105187979.1662536025&jid=392699501&_u=aChAgEABQAAAAE~&z=1802684203

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 180ms
84ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f163e7511da59cb7dce0c04126f9c11ecd8cb5007f4dc2a0d09c59158b80ddd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11092
x-xss-protection: 0

GET comments.php
www.facebook.com/v5.0/plugins/ Frame CA41 0
0

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.4/ 104 KB
30 KB 15ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42563be911565fd363167dff5b610f5ee8a1906d1a8f6a25ec9e4f7183ecf240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront), 1.1 varnish
age: 87988
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 30376
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 07:06:43 GMT
server: AmazonS3
x-timer: S1662536025.072997,VS0,VE0
etag: "bb32c4047dcba4a14695639e75de7712"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Y8caKPsxP0DZzngu_3mn46untCu3eXIIV38WyglnX0rZT3F7tzlyTg==
x-cache-hits: 1116

GET
H2 200 feed-card-placeholder.20220906-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220906-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67579f2c15089ef1a68ee6e11442a06d0400e233e39e01a1318e497e5728c6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: K9ucI7yNSMQYn35bc134ytBGbUQJYFNd
content-encoding: gzip
etag: "d2913f22972660696d329c1674fa8aa2"
age: 25
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: y7B3kmLNuOxeox8tFf3AWUJT1UFFBSnuqQv4rTqAisB6uFPdhdv1vzZxjF9I9De3ZaL/+nVYJVk=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 10:34:19 GMT
server: AmazonS3
x-timer: S1662536025.067822,VS0,VE0
date: Wed, 07 Sep 2022 07:33:45 GMT
vary: Accept-Encoding
x-amz-request-id: RSFAEZKVMR1MK4KA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 12

GET
H2 200 distance-from-article.20220906-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20220906-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 815b46bdc7cd1bbb99562c03ccdaaca91d4175a4f247be1eb433b8929ab9e4b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: NkMWd6A8uTO8wjtE0vqv8hvpFT5_zjLZ
content-encoding: gzip
etag: "7aa61b2deafbc9777a74eaac6c86f105"
age: 26
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1012
x-amz-id-2: c/s8nCbDKkLWgeLjtvfs4sbUURI0qpG5UPsJZv50uElR/1fPHzMcUrskjerdKVbnqL6w4AitiQg=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 10:34:10 GMT
server: AmazonS3
x-timer: S1662536025.070675,VS0,VE0
date: Wed, 07 Sep 2022 07:33:45 GMT
vary: Accept-Encoding
x-amz-request-id: GADSSVNFCE55JWSK
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 8

GET
H2 200 article-detection.20220906-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20220906-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e11caaf484e214c0f2b093c33666fdabf2f98188bda6f2e0c583d6fd965e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: HR_z6LjKgOJRSHnvL0nhziw.Dp_Xwbnh
content-encoding: gzip
etag: "cd7b6c174b1cce77f6752e90f26056f9"
age: 21986
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1236
x-amz-id-2: cEwCzfdoh9+QqovjW4SArmt/vVoDhOGL3D8lkcFGKfFEBguTT2Km0Mt/ihOv0gCq3yMNqDZ23Ik=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 10:33:58 GMT
server: AmazonS3
x-timer: S1662536025.070764,VS0,VE0
date: Wed, 07 Sep 2022 07:33:45 GMT
vary: Accept-Encoding
x-amz-request-id: 2BAD9G5NDPY7RVC9
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 8946

GET
H2 200 userx.20220906-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220906-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f4f92225c9cf118d39c77d0b67cf98c0d1e6885daa9a16ef1b15f4e6a1140d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: jRBlab2RCk7G0BY6ghSEp6UzCoTNPFcK
content-encoding: gzip
etag: "1a98f4cbbe48db06b975a5ff1bdb7d23"
age: 70
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: nSrINQzfH1lUz8XEDmxScggJO1yizi7Lp4Ls4Z2o6LISOJRH2Mh6GYnzDTezm5i1MFhYv1ooC38=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 10:35:20 GMT
server: AmazonS3
x-timer: S1662536025.076291,VS0,VE0
date: Wed, 07 Sep 2022 07:33:45 GMT
vary: Accept-Encoding
x-amz-request-id: MP96V203H2WB5N2P
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 30

GET
H2 200 cta-component.20220906-5-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220906-5-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05dafb17a340674bb1ac8a8a5a83a10633580e70b24dd2955a3730cc5a2c28fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: LCkNeAB_B91PAuaQt9Vyaili5dCgUiRH
content-encoding: gzip
etag: "b5bd81e5c9e61fb135b5fcecbe643832"
age: 26207
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5107
x-amz-id-2: RUeP7m9ZJB8h3CNlx0YJiPsC1AeaPL3iTQiE5VRBNu65SwkbzdGk4qzSxbFu5yZ3I7zUtRsbs/c=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 06 Sep 2022 10:34:07 GMT
server: AmazonS3
x-timer: S1662536025.079679,VS0,VE0
date: Wed, 07 Sep 2022 07:33:45 GMT
vary: Accept-Encoding
x-amz-request-id: JV80GX3QDB0Y2E1C
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 16213

GET
H3 200 comments.php
www.facebook.com/v5.0/plugins/ Frame 6274 0
0 54ms
53ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32dab631e9994%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff4779d5551bac4%26relation%3Dparent.parent&container_width=490&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 07:33:45 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: 1iBKj4pbGv7o0TtFatr5/d5OoHCnzMkRSDNKMw0mkxah8BYfS7PXX/wknJP2ihkqeEtANafVzMjVWuaa8cL5iA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 204 debug
am-trc-events.taboola.com/ynet-vesty/log/2/ 0
90 B 58ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ynet-vesty/log/2/debug?tim=07%3A33%3A45.067&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=9586&cv=20220906-5-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13623

GET
H2 204 debug
am-trc-events.taboola.com/ynet-vesty/log/2/ 0
89 B 59ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ynet-vesty/log/2/debug?tim=07%3A33%3A45.068&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=3856&cv=20220906-5-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13623

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 6ms
6ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 43
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: W5r38P7RnsYGQTZTOzYLdrIl07j1n3VeG+jjXzE0H7pP1Z/sHx2Z62uZnjVlGuWKMuEy5OnNwQ8=
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1662536025.088536,VS0,VE0
date: Wed, 07 Sep 2022 07:33:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 05T8PN245H91JTT3
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 74
x-cache-hits: 16

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
35ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1948537989&t=timing&_s=2&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&dp=%2Fmain%2Farticle%2Fsyrrynhgi%3Fprof%3D50.Vesti-13147.VNews-13229.VIsrael&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=%D0%91%D0%BE%D0%B9%20%D1%83%20%D0%94%D0%B6%D0%B5%D0%BD%D0%B8%D0%BD%D0%B0%3A%20%D1%81%D0%BF%D0%B5%D1%86%D0%BD%D0%B0%D0%B7%20%D0%A6%D0%90%D0%A5%D0%90%D0%9B%D0%B0%20%D0%BB%D0%B8%D0%BA%D0%B2%D0%B8%D0%B4%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BB%20%D1%82%D0%B5%D1%80%D1%80%D0%BE%D1%80%D0%B8%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1352&pdt=7&dns=0&rrt=0&srt=78&tcp=16&dit=743&clt=838&_gst=958&_gbt=1113&_cst=305&_cbt=907&_u=aChAgEABQAAAAE~&jid=&gjid=&cid=1105187979.1662536025&uid=0&tid=UA-5536870-20&_gid=1116705052.1662536025&gtm=2wg8v0NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2022%2F09%2F08%2008%3A33%3A45&cd12=Article&cd14=50.Vesti-13147.VNews-13229.VIsrael&cd15=%D0%92%D0%B5%D1%81%D1%82%D0%B8-Ynet&cd16=2022-09-07%2009%3A44%3A28&cd17=2022-09-07%2009%3A44%3A28&cd18=&cd19=syrrynhgi&cd21=250&cd23=Guy%20M&z=615696944

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Sep 2022 15:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59264
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H1ygQgKJs_0_0_850_479_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/28/H1ygQgKJs/ 11 KB
12 KB 17ms
17ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/28/H1ygQgKJs/H1ygQgKJs_0_0_850_479_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70a0a740482247ad2b47ad763236fb5e8c1a0d98991d8b97e618f30ce810d81c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 838806
edge-cache-tag: 476629604869019114670059538259416805027,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 476629604869019114670059538259416805027,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 81
x-cache: MISS, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/28/H1ygQgKJs/H1ygQgKJs_0_0_850_479_0_large.jpg
content-length: 11236
x-request-id: 3a81bafa39f9c875a5c344d55ad11474
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Sun, 28 Aug 2022 14:24:46 GMT
server: nginx
x-timer: S1662536025.107577,VS0,VE10
etag: "f7669aa08685ea48e657edb11a0a1ef1"
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kiad7000165-IAD, cache-sna10738-LGB, cache-iad-kiad7000126-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 1

GET
H2 200 d962c1242248d4e44166459e47451ec5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d962c1242248d4e44166459e47451ec5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3616439bf6cbe812465a3ce4f519dc6aa2e11ec95217d92295e4fc8507bfa8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1289319
edge-cache-tag: 423061373897082045223095860441176721329,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 423061373897082045223095860441176721329,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 176
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d962c1242248d4e44166459e47451ec5.jpg
content-length: 17690
x-request-id: b2236db82e94512f0f0c9bdf2564cae3
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 23 Aug 2022 09:25:05 GMT
server: nginx
x-timer: S1662536025.135134,VS0,VE1
etag: "289b5e7bbdb9ffb5b755319825aeac99"
x-served-by: cache-iad-kiad7000173-IAD, cache-iad-kiad7000104-IAD, cache-sna10733-LGB, cache-iad-kiad7000148-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 f33538d3a052b7e966518751ae0ae8e5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
14 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f33538d3a052b7e966518751ae0ae8e5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c74de497342d76d9c19ca59a9699102611f1d919c6148c4249c99ad3847979c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1707319
edge-cache-tag: 478322159327010912684616058327589942126,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 478322159327010912684616058327589942126,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 100
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f33538d3a052b7e966518751ae0ae8e5.jpg
content-length: 13948
x-request-id: 44cf0ab955368211af229b49b46ab90b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 17 Aug 2022 13:47:50 GMT
server: nginx
x-timer: S1662536025.135413,VS0,VE1
etag: "2d548fe9646bdc6dd679f35de48fb6a3"
x-served-by: cache-iad-kiad7000178-IAD, cache-iad-kjyo7100166-IAD, cache-sna10731-LGB, cache-iad-kjyo7100050-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 f06b8e11e166ca18de28dec31f364a56.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 12ms
11ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75c9854d938554f553b75fc6b966362ec21aad405e987b9d5c129aeff9de3cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3114161
edge-cache-tag: 306513147387022570637336144701606807403,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306513147387022570637336144701606807403,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 156
expiration: expiry-date="Thu, 11 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.vesty.co.il/
x-cache: HIT, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
content-length: 4726
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 11 Jul 2022 15:38:29 GMT
server: nginx
x-timer: S1662536025.135477,VS0,VE2
etag: "93d3eceb04be1b4073e3cad1a6dc5a98"
x-served-by: cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100154-IAD, cache-sna10745-LGB, cache-iad-kjyo7100126-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 1, 1

GET
H2 200 52832d4a6f8f61dcf9571ea644e0ec14.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 49 KB
50 KB 11ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52832d4a6f8f61dcf9571ea644e0ec14.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ece6eaf12b85e046260a872eb08c6578e85f9c3c7c15caf4fb98590967c2edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1221887
edge-cache-tag: 439899686043410467326057067215539168213,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 439899686043410467326057067215539168213,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 179
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52832d4a6f8f61dcf9571ea644e0ec14.jpg
content-length: 50428
x-request-id: 4139729a500b32d01a77ee0f04cb134e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 11 Aug 2022 22:34:00 GMT
server: nginx
x-timer: S1662536025.135585,VS0,VE1
etag: "78c7e7c42ad476acbad3cbc0f5b0511c"
x-served-by: cache-iad-kiad7000106-IAD, cache-iad-kcgs7200020-IAD, cache-bur-kbur8200087-BUR, cache-iad-kjyo7100082-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 3e2fffd2abc2a0d5ee065777a904f2b7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e2fffd2abc2a0d5ee065777a904f2b7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e87f45f61b25df8df5466d592f6d89b8c6b3f81a5659be31d33dd343ae5c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3368940
edge-cache-tag: 598970410878581582470626249968159676202,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 598970410878581582470626249968159676202,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 221
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e2fffd2abc2a0d5ee065777a904f2b7.jpg
content-length: 14854
x-request-id: 68df7c72d653d871e4f81de3185c0bb7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 28 Jul 2022 16:52:01 GMT
server: nginx
x-timer: S1662536025.135767,VS0,VE1
etag: "545a9b35dd5ff094f5c15803256d371c"
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200167-IAD, cache-sna10721-LGB, cache-iad-kiad7000044-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 1

GET
H2 200 Skw5pSEli_0_0_850_479_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Skw5pSEli/ 10 KB
11 KB 11ms
11ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Skw5pSEli/Skw5pSEli_0_0_850_479_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2dbd0aa03ec9d3bf431ba942c130ee7a069d7c4fee1f2f0cd401e8f5d40bf11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 92422
edge-cache-tag: 360243812971787804567063257710796625721,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 360243812971787804567063257710796625721,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 31
x-cache: MISS, HIT, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Skw5pSEli/Skw5pSEli_0_0_850_479_0_large.jpg
content-length: 10624
x-request-id: 621fd3561ec5c70d3bbe0b98f5b7c43f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 06 Sep 2022 04:45:12 GMT
server: nginx
x-timer: S1662536025.135772,VS0,VE1
etag: "fcd3d1ef0a14b19c6c7d2520cfa0de6d"
x-served-by: cache-iad-kjyo7100152-IAD, cache-iad-kiad7000060-IAD, cache-bur-kbur8200068-BUR, cache-iad-kcgs7200026-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 68fb4d8f985b6e2fe1c137ceeb03fd08.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68fb4d8f985b6e2fe1c137ceeb03fd08.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 612584a834662335f321a867fc27e03419d3620c90db08026c3a25a98383424f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 7305494
edge-cache-tag: 384888262847208676802027017756092150982,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384888262847208676802027017756092150982,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 211
expiration: expiry-date="Fri, 15 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://d-5153215384232706580.ampproject.net/
x-cache: HIT, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68fb4d8f985b6e2fe1c137ceeb03fd08.jpeg
content-length: 49640
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Tue, 14 Jun 2022 04:03:10 GMT
server: nginx
x-timer: S1662536025.181959,VS0,VE1
etag: "783184e1ae80aee15ae0920cb2a5d569"
x-served-by: cache-iad-kjyo7100103-IAD, cache-iad-kjyo7100112-IAD, cache-lga21963-LGA, cache-iad-kiad7000129-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 1, 1

GET
H2 200 BJZR9fmeo_0_381_720_405_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/05/BJZR9fmeo/ 3 KB
4 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/05/BJZR9fmeo/BJZR9fmeo_0_381_720_405_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 36ca7ad2109fca0330c8302c3d82c7b74cdfd82c809d251e58270949ad65f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 166158
edge-cache-tag: 537886669615611819327084038243019409048,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537886669615611819327084038243019409048,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 251
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/05/BJZR9fmeo/BJZR9fmeo_0_381_720_405_0_large.jpg
content-length: 3196
x-request-id: f09cf9d4b68b63ffe1c04082383087bf
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 05 Sep 2022 09:23:30 GMT
server: nginx
x-timer: S1662536025.182350,VS0,VE1
etag: "f65655a71be2842280e2bed9bd6068d5"
x-served-by: cache-iad-kiad7000026-IAD, cache-iad-kjyo7100025-IAD, cache-chi-klot8100073-CHI, cache-iad-kiad7000120-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 1200e3416ce7a49e77c4d6cef6657bf4.jpg
images.taboola.com/taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_594,y_269/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 10ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_594,y_269/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1200e3416ce7a49e77c4d6cef6657bf4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a4ed2abe3225f35c7c8d7b5977a3efc17f8fec639ae76b7c7d38981a4cb1a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3706745
edge-cache-tag: 367084809985675494876070275933879661681,436553038414555955994715860306057977836,29ecf9b93bbf306179626feeda1fab70
cache-tag: 367084809985675494876070275933879661681,436553038414555955994715860306057977836,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 203
expiration: expiry-date="Tue, 02 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_594,y_269/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1200e3416ce7a49e77c4d6cef6657bf4.jpg
content-length: 5432
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Sat, 02 Jul 2022 21:17:09 GMT
server: nginx
x-timer: S1662536025.182600,VS0,VE1
etag: "591dfd063da0b879b16758e1397fef71"
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kiad7000109-IAD, cache-bur-kbur8200083-BUR, cache-iad-kiad7000106-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1, 1

GET
H2 200 Hk0BQOVej_0_0_3000_1688_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Hk0BQOVej/ 2 KB
3 KB 10ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Hk0BQOVej/Hk0BQOVej_0_0_3000_1688_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5ca0625e7d4f72a60746bed59dc1e1e2c2b3d902126070e72631577b595ca8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 82980
edge-cache-tag: 503980853839572914176944164347871730654,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 503980853839572914176944164347871730654,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 258
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Hk0BQOVej/Hk0BQOVej_0_0_3000_1688_0_large.jpg
content-length: 2400
x-request-id: 6a2a759d5c57aef0b263d55c05fd5b2b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 06 Sep 2022 08:27:17 GMT
server: nginx
x-timer: S1662536025.182679,VS0,VE1
etag: "1b2533c4c319cf24dff878cbf4610d49"
x-served-by: cache-iad-kcgs7200127-IAD, cache-iad-kiad7000160-IAD, cache-chi-klot8100037-CHI, cache-iad-kcgs7200136-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 5787a8c6f2ac22f4cf786b9a01a45bfe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 11ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5787a8c6f2ac22f4cf786b9a01a45bfe.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 193bdfc0d445a36fae5eb4708fb3dbd060d9e63de7be798bc7397328ceba2a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3029146
edge-cache-tag: 558162314493728202709430617110659392522,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 558162314493728202709430617110659392522,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 201
expiration: expiry-date="Sun, 21 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5787a8c6f2ac22f4cf786b9a01a45bfe.jpg
content-length: 3104
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 21 Jul 2022 01:01:06 GMT
server: nginx
x-timer: S1662536025.182900,VS0,VE1
etag: "937394808fcb2a38799473d9a1022cb1"
x-served-by: cache-iad-kcgs7200022-IAD, cache-iad-kcgs7200027-IAD, cache-sna10736-LGB, cache-iad-kjyo7100038-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 9615236_0_0_500_282_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/11/24/9615236/ 2 KB
3 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/11/24/9615236/9615236_0_0_500_282_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e4d599bba150242446d53f6eb120f588f2ccabf4d1ba4979c2ae5478c2d01a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 48539
edge-cache-tag: 589718736320599375127840211625652357535,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 589718736320599375127840211625652357535,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 274
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/11/24/9615236/9615236_0_0_500_282_0_large.jpg
content-length: 2516
x-request-id: baf44fdcf277731320e10d72d64f709b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 06 Sep 2022 17:53:45 GMT
server: nginx
x-timer: S1662536025.183080,VS0,VE0
etag: "faed15f757e3f192af7dfa200d25c982"
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kiad7000095-IAD, cache-bur-kbur8200131-BUR, cache-iad-kiad7000154-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H2 200 62e7a8d00134b49efb802d50
images.taboola.com/taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_579,y_613/https%3A//search.onetag.com/uploads/ 2 KB
3 KB 10ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_579,y_613/https%3A//search.onetag.com/uploads/62e7a8d00134b49efb802d50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7eb756847f6edc4a8ff3954b9a9a316f16ff99518fad5f0d5397160c6e6d9922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2934530
edge-cache-tag: 293659998602926265144319390155828059136,625889008987891826944734318314543939542,29ecf9b93bbf306179626feeda1fab70
cache-tag: 293659998602926265144319390155828059136,625889008987891826944734318314543939542,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1391
x-cache: HIT, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_579,y_613/https%3A//search.onetag.com/uploads/62e7a8d00134b49efb802d50
content-length: 2536
x-request-id: a4cc63a1ad9b9f215b36757299dc246f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 02 Aug 2022 07:03:49 GMT
server: nginx
x-timer: S1662536025.194644,VS0,VE1
etag: "ef018e6c1124abbf3c24c94ecc60a549"
x-served-by: cache-iad-kjyo7100068-IAD, cache-iad-kiad7000174-IAD, cache-bur-kbur8200112-BUR, cache-iad-kcgs7200174-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 1, 1

GET
H2 200 9157875_0_134_1280_720_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/04/01/9157875/ 2 KB
3 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/04/01/9157875/9157875_0_134_1280_720_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a4c9e589c88830e29cc1c9391505165d9c6801b3f5da053b6fdd023537f76d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3078974
edge-cache-tag: 426567767284329199863829747426778469974,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426567767284329199863829747426778469974,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 157
expiration: expiry-date="Sun, 21 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/04/01/9157875/9157875_0_134_1280_720_0_large.jpg
content-length: 2406
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 21 Jul 2022 05:04:09 GMT
server: nginx
x-timer: S1662536025.194622,VS0,VE1
etag: "9990894463de2f63c0d1b0a223eb2ecc"
x-served-by: cache-iad-kcgs7200168-IAD, cache-iad-kiad7000041-IAD, cache-lga21975-LGA, cache-iad-kjyo7100126-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 01b579960e6084ef0b219f4339f0ec0a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 10ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b579960e6084ef0b219f4339f0ec0a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 312eb29d1fba194163b2f770a30e7b00e28b36e4d3fae0f37fc874d8b07c6ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2398268
edge-cache-tag: 593198733210123277685229483224230028876,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 593198733210123277685229483224230028876,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 91
x-cache: HIT, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b579960e6084ef0b219f4339f0ec0a.jpg
content-length: 3058
x-request-id: e388d072f63ce44c59108e5e8cb080ea
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sat, 30 Jul 2022 14:12:50 GMT
server: nginx
x-timer: S1662536025.194973,VS0,VE1
etag: "d4eca17cae3f2dfaa0ac62c1a349ff3f"
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kiad7000111-IAD, cache-lga21976-LGA, cache-iad-kjyo7100179-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 1, 1

GET
H2 200 7c28abc25ee9eebb77dfe2e1aec4ee2d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c28abc25ee9eebb77dfe2e1aec4ee2d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 69ff500b18c6067cd38c882b4ddc0a30ffb98d55532bc23d0be525924e80249b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 4277584
edge-cache-tag: 496817096518470172301534367524279162810,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 496817096518470172301534367524279162810,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 160
expiration: expiry-date="Tue, 16 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c28abc25ee9eebb77dfe2e1aec4ee2d.jpeg
content-length: 12750
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Sat, 16 Jul 2022 08:08:18 GMT
server: nginx
x-timer: S1662536025.195406,VS0,VE0
etag: "05e919ca84278bd055ee5d7cdc0eef4c"
x-served-by: cache-iad-kjyo7100136-IAD, cache-iad-kcgs7200178-IAD, cache-sna10737-LGB, cache-iad-kcgs7200058-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 2

GET
H2 200 B1OgBMJej_171_0_1110_624_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/02/B1OgBMJej/ 14 KB
15 KB 11ms
10ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/02/B1OgBMJej/B1OgBMJej_171_0_1110_624_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bf4a58df7e3ef2dc782e5a6dead98fec04dc1b74a57b3e6ee0eee7cb1d75aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 403783
edge-cache-tag: 449561886042137600588862918578635480071,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449561886042137600588862918578635480071,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 318
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/02/B1OgBMJej/B1OgBMJej_171_0_1110_624_0_large.jpg
content-length: 14204
x-request-id: 3b5d554a7730e0cca22c373068240cec
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 02 Sep 2022 15:20:25 GMT
server: nginx
x-timer: S1662536025.195457,VS0,VE1
etag: "9daf60b6171c5b1185cc80401dfb2618"
x-served-by: cache-iad-kcgs7200148-IAD, cache-iad-kjyo7100072-IAD, cache-chi-kigq8000031-CHI, cache-iad-kjyo7100087-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 7584e8ea5d3e1e28bef3fba3c3f9407b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7584e8ea5d3e1e28bef3fba3c3f9407b.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 26524ef302fb603ad0ed898edb691f2c52c0914363f8acae8164b17cc8f73845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1129406
edge-cache-tag: 357331489714538408294376832781341804770,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 357331489714538408294376832781341804770,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 461
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7584e8ea5d3e1e28bef3fba3c3f9407b.jpeg
content-length: 7722
x-request-id: 47a4ddf2382a12809789769ba8aff330
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Wed, 24 Aug 2022 08:40:19 GMT
server: nginx
x-timer: S1662536025.195485,VS0,VE0
etag: "5d439064b5d42721ff97e1e72ec52105"
x-served-by: cache-iad-kjyo7100111-IAD, cache-iad-kiad7000155-IAD, cache-bur-kbur8200077-BUR, cache-iad-kcgs7200153-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H2 200 ryDr6xMlo_0_111_1133_638_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/04/ryDr6xMlo/ 10 KB
11 KB 8ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/04/ryDr6xMlo/ryDr6xMlo_0_111_1133_638_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ee68df82990cfc34bcd8b498b2c261103d7e5f42545da5de8ecf9e125642063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 229734
edge-cache-tag: 374050155413677304367730635496676555836,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 374050155413677304367730635496676555836,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 337
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/04/ryDr6xMlo/ryDr6xMlo_0_111_1133_638_0_large.jpg
content-length: 10210
x-request-id: d696bcde97681994fa250af6494664c6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 04 Sep 2022 15:42:13 GMT
server: nginx
x-timer: S1662536025.206223,VS0,VE1
etag: "75f39669c1b9861e857550d47113adc2"
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kiad7000051-IAD, cache-chi-klot8100099-CHI, cache-iad-kjyo7100092-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 HydurOVli_0_0_850_479_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/HydurOVli/ 6 KB
6 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/HydurOVli/HydurOVli_0_0_850_479_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 309061cc3757ad90fa28fd99c230d7d398f4b68298b8eb93662b766dddd0d790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 77041
edge-cache-tag: 610564261805752875140594295387676517880,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 610564261805752875140594295387676517880,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 42
x-cache: MISS, HIT, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/HydurOVli/HydurOVli_0_0_850_479_0_large.jpg
content-length: 5806
x-request-id: 79d0d6a2f98c1dfde957121e45904790
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 06 Sep 2022 10:07:27 GMT
server: nginx
x-timer: S1662536025.206550,VS0,VE1
etag: "c9e6b4f5eb9fbda8a31db3172a4dec6d"
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200159-IAD, cache-bur-kbur8200033-BUR, cache-iad-kjyo7100154-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 4b1c1717abdbe9a9b4acd5876270bb0e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
9 KB 7ms
7ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b1c1717abdbe9a9b4acd5876270bb0e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 467c04ccde791556bdfd275e4690ad3ccfcf64784c8089cd5137f3e4f89551b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 483251
edge-cache-tag: 338797889939612366057911288516401416236,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 338797889939612366057911288516401416236,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 484
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b1c1717abdbe9a9b4acd5876270bb0e.jpg
content-length: 9034
x-request-id: 69892896271f0fed10c178c34f29bf4c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 01 Sep 2022 15:13:00 GMT
server: nginx
x-timer: S1662536025.206550,VS0,VE0
etag: "00b501d48c12a634dbb75ca9e5b0272c"
x-served-by: cache-iad-kiad7000114-IAD, cache-iad-kcgs7200159-IAD, cache-lga21920-LGA, cache-iad-kiad7000096-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 5

GET
H2 200 87f57c351b3626ee96b86b923499a7ca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
8 KB 14ms
14ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4eb18db5d95001c3ee1735748bebeaebc3a73adb5cdd3f30ae5d0e5188f17bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 7
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 4210454
edge-cache-tag: 529855673185721302426545584578276134058,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 529855673185721302426545584578276134058,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 91
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
content-length: 7814
x-request-id: efe54bf3debb4e3a6dbff1861a5db000
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Wed, 20 Jul 2022 12:40:13 GMT
server: nginx
x-timer: S1662536025.206517,VS0,VE7
etag: "6caa6916b31a1a9673284e0b1585601a"
x-served-by: cache-iad-kiad7000100-IAD, cache-iad-kiad7000035-IAD, cache-sna10722-LGB, cache-iad-kcgs7200078-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 1

GET
H2 200 5d8dca41bdcf92e466f59d34f40e7ba4.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 9ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8dca41bdcf92e466f59d34f40e7ba4.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd0bd9e5cf6b6bdb20992bb456abbbfd644d699b0ab336c63d87cc97774151ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3693322
edge-cache-tag: 392446927500064269142340507206868835302,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 392446927500064269142340507206868835302,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 111
expiration: expiry-date="Tue, 16 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8dca41bdcf92e466f59d34f40e7ba4.jpeg
content-length: 13660
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sat, 16 Jul 2022 17:40:20 GMT
server: nginx
x-timer: S1662536025.206498,VS0,VE2
etag: "b2a503d8e02bffb92bebba1162bf728a"
x-served-by: cache-iad-kcgs7200034-IAD, cache-iad-kcgs7200037-IAD, cache-bur-kbur8200039-BUR, cache-iad-kjyo7100131-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 Sk2eAcrAZ3F_975_275_2026_1140_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/01/04/Sk2eAcrAZ3F/ 2 KB
3 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/01/04/Sk2eAcrAZ3F/Sk2eAcrAZ3F_975_275_2026_1140_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba9357d36854fc9622246e4bfdbc75bd488fee568aa9649691f8934f2c2337cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 75068
edge-cache-tag: 547874782220533838762160016026879787444,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
cache-tag: 547874782220533838762160016026879787444,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 25
x-cache: MISS, MISS, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/01/04/Sk2eAcrAZ3F/Sk2eAcrAZ3F_975_275_2026_1140_0_large.jpg
content-length: 2206
x-request-id: 1ec118b32a5df84d4dbe73991e2aae9f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 06 Sep 2022 10:41:14 GMT
server: nginx
x-timer: S1662536025.206491,VS0,VE1
etag: "004d0d5f0269b2463a127fb256e62878"
x-served-by: cache-iad-kjyo7100121-IAD, cache-iad-kiad7000109-IAD, cache-sna10722-LGB, cache-iad-kjyo7100173-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 45ea5d9cc21e5acb9aa17d4a4cddbfb4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 10ms
9ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45ea5d9cc21e5acb9aa17d4a4cddbfb4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f8cc14fa1943b870223103093e977718cf5ec42cbc95671af684e83be1c8908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2396024
edge-cache-tag: 537063874361979870823702968662968443341,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537063874361979870823702968662968443341,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 146
expiration: expiry-date="Thu, 25 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.insuedthueringen.de/
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45ea5d9cc21e5acb9aa17d4a4cddbfb4.jpg
content-length: 4950
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 25 Jul 2022 15:12:59 GMT
server: nginx
x-timer: S1662536025.213370,VS0,VE3
etag: "a164d0f396215b1b0324fbb1b513b7b7"
x-served-by: cache-iad-kcgs7200041-IAD, cache-iad-kiad7000087-IAD, cache-lga21959-LGA, cache-iad-kjyo7100171-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 S1UjqFqJi_0_64_1600_900_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/29/S1UjqFqJi/ 6 KB
7 KB 8ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/29/S1UjqFqJi/S1UjqFqJi_0_64_1600_900_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c63f535398b243ce95a9eaafa6f72126eb3ae3993c822f6b0c4bd959f67bcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 695966
edge-cache-tag: 346402365499315799428598336542510893954,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 346402365499315799428598336542510893954,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 313
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/29/S1UjqFqJi/S1UjqFqJi_0_64_1600_900_0_large.jpg
content-length: 6198
x-request-id: 66f1836e750657675a70e6156f27f0eb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 30 Aug 2022 06:10:50 GMT
server: nginx
x-timer: S1662536025.215400,VS0,VE1
etag: "065ab9286ecf77952febd7ae26a9de26"
x-served-by: cache-iad-kjyo7100091-IAD, cache-iad-kiad7000079-IAD, cache-lga21983-LGA, cache-iad-kcgs7200165-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 206 gsopmbi2asr91j5nivrb.mp4
cdn.taboola.com/libtrc/static/video/v1662149992/ 1 MB
1 MB 7ms
7ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1662149992/gsopmbi2asr91j5nivrb.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19bddac07d05157736cce2e79ed4c75020148794a2d8483fa975565e9d386bf5

Request headers

Referer: https://www.vesty.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: 0VJ.ykF03jSsA4FV0ZTp1yyS1ZMggsuN
via: 1.1 varnish
etag: "a5a28f600845dc9260deb041826abf2d"
age: 14
x-cache: HIT
Content-Range: bytes 0-1217266/1217267
x-amz-replication-status: COMPLETED
Content-Length: 1217267
x-amz-id-2: 03I6xV5P5VQNFP3NSlDUfjR6cX1ZeedgK7InvA1TjYIoIzArch8b+5ay/hwagTo8DUNdPKAKgYo=
x-served-by: cache-hhn4020-HHN
last-modified: Fri, 02 Sep 2022 20:20:02 GMT
server: AmazonS3
x-timer: S1662536025.224275,VS0,VE1
date: Wed, 07 Sep 2022 07:33:45 GMT
x-amz-request-id: 4M9VYQR738K279EJ
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: video/mp4;codecs=avc1
abp: 74
x-cache-hits: 0

GET
H2 200 / Show response
www.ynet.co.il/3rdparty/mobile/json/video/609132/ 615 B
856 B 28ms
14ms XHR
application/json 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ynet.co.il/3rdparty/mobile/json/video/609132/

Requested by

Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eb56b76369e01bc12c66895f9efab18841ae8b3fe2cb755e29d4077fd87c4f7a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control: s-maxage=300
date: Wed, 07 Sep 2022 07:33:45 GMT
last-modified: Wed, 07 Sep 2022 07:29:44 GMT
content-length: 615
osv: c8
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
vx-cache: MISS
cache-control: private, max-age=51
wai: 03
accept-ranges: bytes
v-ttl: 0
expires: Wed, 07 Sep 2022 07:34:36 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/28/H1ygQgKJs/H1ygQgKJs_0_0_850_479_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 70a0a740482247ad2b47ad763236fb5e8c1a0d98991d8b97e618f30ce810d81c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 838806
edge-cache-tag: 476629604869019114670059538259416805027,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 476629604869019114670059538259416805027,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 81
x-cache: MISS, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/28/H1ygQgKJs/H1ygQgKJs_0_0_850_479_0_large.jpg
content-length: 11236
x-request-id: 3a81bafa39f9c875a5c344d55ad11474
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Sun, 28 Aug 2022 14:24:46 GMT
server: nginx
x-timer: S1662536025.229370,VS0,VE0
etag: "f7669aa08685ea48e657edb11a0a1ef1"
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kiad7000165-IAD, cache-sna10738-LGB, cache-iad-kiad7000126-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d962c1242248d4e44166459e47451ec5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3616439bf6cbe812465a3ce4f519dc6aa2e11ec95217d92295e4fc8507bfa8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1289319
edge-cache-tag: 423061373897082045223095860441176721329,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 423061373897082045223095860441176721329,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 176
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d962c1242248d4e44166459e47451ec5.jpg
content-length: 17690
x-request-id: b2236db82e94512f0f0c9bdf2564cae3
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 23 Aug 2022 09:25:05 GMT
server: nginx
x-timer: S1662536025.229528,VS0,VE0
etag: "289b5e7bbdb9ffb5b755319825aeac99"
x-served-by: cache-iad-kiad7000173-IAD, cache-iad-kiad7000104-IAD, cache-sna10733-LGB, cache-iad-kiad7000148-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f33538d3a052b7e966518751ae0ae8e5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c74de497342d76d9c19ca59a9699102611f1d919c6148c4249c99ad3847979c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1707319
edge-cache-tag: 478322159327010912684616058327589942126,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 478322159327010912684616058327589942126,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 100
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f33538d3a052b7e966518751ae0ae8e5.jpg
content-length: 13948
x-request-id: 44cf0ab955368211af229b49b46ab90b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 17 Aug 2022 13:47:50 GMT
server: nginx
x-timer: S1662536025.229705,VS0,VE0
etag: "2d548fe9646bdc6dd679f35de48fb6a3"
x-served-by: cache-iad-kiad7000178-IAD, cache-iad-kjyo7100166-IAD, cache-sna10731-LGB, cache-iad-kjyo7100050-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52832d4a6f8f61dcf9571ea644e0ec14.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ece6eaf12b85e046260a872eb08c6578e85f9c3c7c15caf4fb98590967c2edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1221887
edge-cache-tag: 439899686043410467326057067215539168213,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 439899686043410467326057067215539168213,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 179
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52832d4a6f8f61dcf9571ea644e0ec14.jpg
content-length: 50428
x-request-id: 4139729a500b32d01a77ee0f04cb134e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 11 Aug 2022 22:34:00 GMT
server: nginx
x-timer: S1662536025.229689,VS0,VE0
etag: "78c7e7c42ad476acbad3cbc0f5b0511c"
x-served-by: cache-iad-kiad7000106-IAD, cache-iad-kcgs7200020-IAD, cache-bur-kbur8200087-BUR, cache-iad-kjyo7100082-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e2fffd2abc2a0d5ee065777a904f2b7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e87f45f61b25df8df5466d592f6d89b8c6b3f81a5659be31d33dd343ae5c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3368940
edge-cache-tag: 598970410878581582470626249968159676202,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 598970410878581582470626249968159676202,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 221
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e2fffd2abc2a0d5ee065777a904f2b7.jpg
content-length: 14854
x-request-id: 68df7c72d653d871e4f81de3185c0bb7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 28 Jul 2022 16:52:01 GMT
server: nginx
x-timer: S1662536025.229669,VS0,VE0
etag: "545a9b35dd5ff094f5c15803256d371c"
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kcgs7200167-IAD, cache-sna10721-LGB, cache-iad-kiad7000044-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 2

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 147ms
48ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:45 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75c9854d938554f553b75fc6b966362ec21aad405e987b9d5c129aeff9de3cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3114161
edge-cache-tag: 306513147387022570637336144701606807403,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306513147387022570637336144701606807403,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 156
expiration: expiry-date="Thu, 11 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.vesty.co.il/
x-cache: HIT, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f06b8e11e166ca18de28dec31f364a56.jpg
content-length: 4726
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Mon, 11 Jul 2022 15:38:29 GMT
server: nginx
x-timer: S1662536025.232511,VS0,VE0
etag: "93d3eceb04be1b4073e3cad1a6dc5a98"
x-served-by: cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100154-IAD, cache-sna10745-LGB, cache-iad-kjyo7100126-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Skw5pSEli/Skw5pSEli_0_0_850_479_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2dbd0aa03ec9d3bf431ba942c130ee7a069d7c4fee1f2f0cd401e8f5d40bf11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 92422
edge-cache-tag: 360243812971787804567063257710796625721,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 360243812971787804567063257710796625721,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 31
x-cache: MISS, HIT, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Skw5pSEli/Skw5pSEli_0_0_850_479_0_large.jpg
content-length: 10624
x-request-id: 621fd3561ec5c70d3bbe0b98f5b7c43f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 06 Sep 2022 04:45:12 GMT
server: nginx
x-timer: S1662536025.257104,VS0,VE0
etag: "fcd3d1ef0a14b19c6c7d2520cfa0de6d"
x-served-by: cache-iad-kjyo7100152-IAD, cache-iad-kiad7000060-IAD, cache-bur-kbur8200068-BUR, cache-iad-kcgs7200026-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 2

GET
H2 204 supply-feature
am-trc-events.taboola.com/ynet-vesty/log/3/ 0
230 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ynet-vesty/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=2b19a40bb6e7550027d3e9767a4056be&sd=v2_8c536a682e8ce7907ac27e7a802af6ca_d4f08415-8fee-4b43-a831-405f49ab8fed-tucta11ced8_1662536024_1662536024_CNawjgYQyYtDGOCD-raxMCABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGjg0Mbs38-HxldwAA&ui=d4f08415-8fee-4b43-a831-405f49ab8fed-tucta11ced8&pi=/main/article/syrrynhgi&wi=5953644462697249478&pt=text&vi=1662536024544&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A3749.8289184570312%2C%5C%22articleClasses%5C%22%3A%5C%22animationDiv%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22100%5C%22%7D%22%7D&tim=07%3A33%3A45.259&id=4616&llvl=2&cv=20220906-5-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/HydurOVli/HydurOVli_0_0_850_479_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 309061cc3757ad90fa28fd99c230d7d398f4b68298b8eb93662b766dddd0d790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 77041
edge-cache-tag: 610564261805752875140594295387676517880,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 610564261805752875140594295387676517880,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 42
x-cache: MISS, HIT, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/HydurOVli/HydurOVli_0_0_850_479_0_large.jpg
content-length: 5806
x-request-id: 79d0d6a2f98c1dfde957121e45904790
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 06 Sep 2022 10:07:27 GMT
server: nginx
x-timer: S1662536025.285998,VS0,VE0
etag: "c9e6b4f5eb9fbda8a31db3172a4dec6d"
x-served-by: cache-iad-kjyo7100118-IAD, cache-iad-kcgs7200159-IAD, cache-bur-kbur8200033-BUR, cache-iad-kjyo7100154-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 2

GET
H2 200 4b1c1717abdbe9a9b4acd5876270bb0e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 21ms
17ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b1c1717abdbe9a9b4acd5876270bb0e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 467c04ccde791556bdfd275e4690ad3ccfcf64784c8089cd5137f3e4f89551b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 483251
edge-cache-tag: 338797889939612366057911288516401416236,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 338797889939612366057911288516401416236,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 484
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b1c1717abdbe9a9b4acd5876270bb0e.jpg
content-length: 9034
x-request-id: 69892896271f0fed10c178c34f29bf4c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 01 Sep 2022 15:13:00 GMT
server: nginx
x-timer: S1662536025.285895,VS0,VE0
etag: "00b501d48c12a634dbb75ca9e5b0272c"
x-served-by: cache-iad-kiad7000114-IAD, cache-iad-kcgs7200159-IAD, cache-lga21920-LGA, cache-iad-kiad7000096-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/05/BJZR9fmeo/BJZR9fmeo_0_381_720_405_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 36ca7ad2109fca0330c8302c3d82c7b74cdfd82c809d251e58270949ad65f964

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 166158
edge-cache-tag: 537886669615611819327084038243019409048,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537886669615611819327084038243019409048,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 251
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/05/BJZR9fmeo/BJZR9fmeo_0_381_720_405_0_large.jpg
content-length: 3196
x-request-id: f09cf9d4b68b63ffe1c04082383087bf
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 05 Sep 2022 09:23:30 GMT
server: nginx
x-timer: S1662536025.285958,VS0,VE0
etag: "f65655a71be2842280e2bed9bd6068d5"
x-served-by: cache-iad-kiad7000026-IAD, cache-iad-kjyo7100025-IAD, cache-chi-klot8100073-CHI, cache-iad-kiad7000120-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_594,y_269/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1200e3416ce7a49e77c4d6cef6657bf4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2a4ed2abe3225f35c7c8d7b5977a3efc17f8fec639ae76b7c7d38981a4cb1a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3706745
edge-cache-tag: 367084809985675494876070275933879661681,436553038414555955994715860306057977836,29ecf9b93bbf306179626feeda1fab70
cache-tag: 367084809985675494876070275933879661681,436553038414555955994715860306057977836,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 203
expiration: expiry-date="Tue, 02 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_594,y_269/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1200e3416ce7a49e77c4d6cef6657bf4.jpg
content-length: 5432
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Sat, 02 Jul 2022 21:17:09 GMT
server: nginx
x-timer: S1662536025.285943,VS0,VE0
etag: "591dfd063da0b879b16758e1397fef71"
x-served-by: cache-iad-kiad7000107-IAD, cache-iad-kiad7000109-IAD, cache-bur-kbur8200083-BUR, cache-iad-kiad7000106-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Hk0BQOVej/Hk0BQOVej_0_0_3000_1688_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5ca0625e7d4f72a60746bed59dc1e1e2c2b3d902126070e72631577b595ca8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 82980
edge-cache-tag: 503980853839572914176944164347871730654,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 503980853839572914176944164347871730654,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 258
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/06/Hk0BQOVej/Hk0BQOVej_0_0_3000_1688_0_large.jpg
content-length: 2400
x-request-id: 6a2a759d5c57aef0b263d55c05fd5b2b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Tue, 06 Sep 2022 08:27:17 GMT
server: nginx
x-timer: S1662536025.285935,VS0,VE0
etag: "1b2533c4c319cf24dff878cbf4610d49"
x-served-by: cache-iad-kcgs7200127-IAD, cache-iad-kiad7000160-IAD, cache-chi-klot8100037-CHI, cache-iad-kcgs7200136-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5787a8c6f2ac22f4cf786b9a01a45bfe.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 193bdfc0d445a36fae5eb4708fb3dbd060d9e63de7be798bc7397328ceba2a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3029146
edge-cache-tag: 558162314493728202709430617110659392522,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 558162314493728202709430617110659392522,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 201
expiration: expiry-date="Sun, 21 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5787a8c6f2ac22f4cf786b9a01a45bfe.jpg
content-length: 3104
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Thu, 21 Jul 2022 01:01:06 GMT
server: nginx
x-timer: S1662536025.285914,VS0,VE0
etag: "937394808fcb2a38799473d9a1022cb1"
x-served-by: cache-iad-kcgs7200022-IAD, cache-iad-kcgs7200027-IAD, cache-sna10736-LGB, cache-iad-kjyo7100038-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/11/24/9615236/9615236_0_0_500_282_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e4d599bba150242446d53f6eb120f588f2ccabf4d1ba4979c2ae5478c2d01a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 48539
edge-cache-tag: 589718736320599375127840211625652357535,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 589718736320599375127840211625652357535,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 274
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/11/24/9615236/9615236_0_0_500_282_0_large.jpg
content-length: 2516
x-request-id: baf44fdcf277731320e10d72d64f709b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 06 Sep 2022 17:53:45 GMT
server: nginx
x-timer: S1662536025.285890,VS0,VE0
etag: "faed15f757e3f192af7dfa200d25c982"
x-served-by: cache-iad-kcgs7200115-IAD, cache-iad-kiad7000095-IAD, cache-bur-kbur8200131-BUR, cache-iad-kiad7000154-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_579,y_613/https%3A//search.onetag.com/uploads/62e7a8d00134b49efb802d50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7eb756847f6edc4a8ff3954b9a9a316f16ff99518fad5f0d5397160c6e6d9922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2934530
edge-cache-tag: 293659998602926265144319390155828059136,625889008987891826944734318314543939542,29ecf9b93bbf306179626feeda1fab70
cache-tag: 293659998602926265144319390155828059136,625889008987891826944734318314543939542,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1391
x-cache: HIT, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_90,w_180,c_fill,g_xy_center,x_579,y_613/https%3A//search.onetag.com/uploads/62e7a8d00134b49efb802d50
content-length: 2536
x-request-id: a4cc63a1ad9b9f215b36757299dc246f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 02 Aug 2022 07:03:49 GMT
server: nginx
x-timer: S1662536025.301798,VS0,VE0
etag: "ef018e6c1124abbf3c24c94ecc60a549"
x-served-by: cache-iad-kjyo7100068-IAD, cache-iad-kiad7000174-IAD, cache-bur-kbur8200112-BUR, cache-iad-kcgs7200174-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/04/01/9157875/9157875_0_134_1280_720_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a4c9e589c88830e29cc1c9391505165d9c6801b3f5da053b6fdd023537f76d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3078974
edge-cache-tag: 426567767284329199863829747426778469974,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 426567767284329199863829747426778469974,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 157
expiration: expiry-date="Sun, 21 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2019/04/01/9157875/9157875_0_134_1280_720_0_large.jpg
content-length: 2406
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Thu, 21 Jul 2022 05:04:09 GMT
server: nginx
x-timer: S1662536025.301775,VS0,VE0
etag: "9990894463de2f63c0d1b0a223eb2ecc"
x-served-by: cache-iad-kcgs7200168-IAD, cache-iad-kiad7000041-IAD, cache-lga21975-LGA, cache-iad-kjyo7100126-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b579960e6084ef0b219f4339f0ec0a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 312eb29d1fba194163b2f770a30e7b00e28b36e4d3fae0f37fc874d8b07c6ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2398268
edge-cache-tag: 593198733210123277685229483224230028876,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
cache-tag: 593198733210123277685229483224230028876,347755193103894433903193064834391852909,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 91
x-cache: HIT, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_90%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b579960e6084ef0b219f4339f0ec0a.jpg
content-length: 3058
x-request-id: e388d072f63ce44c59108e5e8cb080ea
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Sat, 30 Jul 2022 14:12:50 GMT
server: nginx
x-timer: S1662536025.301977,VS0,VE0
etag: "d4eca17cae3f2dfaa0ac62c1a349ff3f"
x-served-by: cache-iad-kiad7000160-IAD, cache-iad-kiad7000111-IAD, cache-lga21976-LGA, cache-iad-kjyo7100179-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8dca41bdcf92e466f59d34f40e7ba4.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd0bd9e5cf6b6bdb20992bb456abbbfd644d699b0ab336c63d87cc97774151ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3693322
edge-cache-tag: 392446927500064269142340507206868835302,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 392446927500064269142340507206868835302,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 111
expiration: expiry-date="Tue, 16 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8dca41bdcf92e466f59d34f40e7ba4.jpeg
content-length: 13660
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Sat, 16 Jul 2022 17:40:20 GMT
server: nginx
x-timer: S1662536025.285856,VS0,VE0
etag: "b2a503d8e02bffb92bebba1162bf728a"
x-served-by: cache-iad-kcgs7200034-IAD, cache-iad-kcgs7200037-IAD, cache-bur-kbur8200039-BUR, cache-iad-kjyo7100131-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/01/04/Sk2eAcrAZ3F/Sk2eAcrAZ3F_975_275_2026_1140_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba9357d36854fc9622246e4bfdbc75bd488fee568aa9649691f8934f2c2337cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 75068
edge-cache-tag: 547874782220533838762160016026879787444,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
cache-tag: 547874782220533838762160016026879787444,511320169514815208339615988714053385614,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 25
x-cache: MISS, MISS, HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/01/04/Sk2eAcrAZ3F/Sk2eAcrAZ3F_975_275_2026_1140_0_large.jpg
content-length: 2206
x-request-id: 1ec118b32a5df84d4dbe73991e2aae9f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Tue, 06 Sep 2022 10:41:14 GMT
server: nginx
x-timer: S1662536025.285881,VS0,VE0
etag: "004d0d5f0269b2463a127fb256e62878"
x-served-by: cache-iad-kjyo7100121-IAD, cache-iad-kiad7000109-IAD, cache-sna10722-LGB, cache-iad-kjyo7100173-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68fb4d8f985b6e2fe1c137ceeb03fd08.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 612584a834662335f321a867fc27e03419d3620c90db08026c3a25a98383424f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 7305494
edge-cache-tag: 384888262847208676802027017756092150982,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384888262847208676802027017756092150982,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 211
expiration: expiry-date="Fri, 15 Jul 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://d-5153215384232706580.ampproject.net/
x-cache: HIT, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_600%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/68fb4d8f985b6e2fe1c137ceeb03fd08.jpeg
content-length: 49640
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Tue, 14 Jun 2022 04:03:10 GMT
server: nginx
x-timer: S1662536025.301968,VS0,VE0
etag: "783184e1ae80aee15ae0920cb2a5d569"
x-served-by: cache-iad-kjyo7100103-IAD, cache-iad-kjyo7100112-IAD, cache-lga21963-LGA, cache-iad-kiad7000129-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c28abc25ee9eebb77dfe2e1aec4ee2d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 69ff500b18c6067cd38c882b4ddc0a30ffb98d55532bc23d0be525924e80249b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 4277584
edge-cache-tag: 496817096518470172301534367524279162810,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 496817096518470172301534367524279162810,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 160
expiration: expiry-date="Tue, 16 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7c28abc25ee9eebb77dfe2e1aec4ee2d.jpeg
content-length: 12750
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Sat, 16 Jul 2022 08:08:18 GMT
server: nginx
x-timer: S1662536025.301973,VS0,VE0
etag: "05e919ca84278bd055ee5d7cdc0eef4c"
x-served-by: cache-iad-kjyo7100136-IAD, cache-iad-kcgs7200178-IAD, cache-sna10737-LGB, cache-iad-kcgs7200058-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 3

GET
H2 200 B1OgBMJej_171_0_1110_624_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/02/B1OgBMJej/ 14 KB
14 KB 9ms
8ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/02/B1OgBMJej/B1OgBMJej_171_0_1110_624_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bf4a58df7e3ef2dc782e5a6dead98fec04dc1b74a57b3e6ee0eee7cb1d75aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 403783
edge-cache-tag: 449561886042137600588862918578635480071,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 449561886042137600588862918578635480071,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 318
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/02/B1OgBMJej/B1OgBMJej_171_0_1110_624_0_large.jpg
content-length: 14204
x-request-id: 3b5d554a7730e0cca22c373068240cec
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 02 Sep 2022 15:20:25 GMT
server: nginx
x-timer: S1662536025.302069,VS0,VE0
etag: "9daf60b6171c5b1185cc80401dfb2618"
x-served-by: cache-iad-kcgs7200148-IAD, cache-iad-kjyo7100072-IAD, cache-chi-kigq8000031-CHI, cache-iad-kjyo7100087-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7584e8ea5d3e1e28bef3fba3c3f9407b.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 26524ef302fb603ad0ed898edb691f2c52c0914363f8acae8164b17cc8f73845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 1129406
edge-cache-tag: 357331489714538408294376832781341804770,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 357331489714538408294376832781341804770,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 461
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7584e8ea5d3e1e28bef3fba3c3f9407b.jpeg
content-length: 7722
x-request-id: 47a4ddf2382a12809789769ba8aff330
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Wed, 24 Aug 2022 08:40:19 GMT
server: nginx
x-timer: S1662536025.313373,VS0,VE0
etag: "5d439064b5d42721ff97e1e72ec52105"
x-served-by: cache-iad-kjyo7100111-IAD, cache-iad-kiad7000155-IAD, cache-bur-kbur8200077-BUR, cache-iad-kcgs7200153-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/04/ryDr6xMlo/ryDr6xMlo_0_111_1133_638_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ee68df82990cfc34bcd8b498b2c261103d7e5f42545da5de8ecf9e125642063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 229734
edge-cache-tag: 374050155413677304367730635496676555836,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 374050155413677304367730635496676555836,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 337
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/09/04/ryDr6xMlo/ryDr6xMlo_0_111_1133_638_0_large.jpg
content-length: 10210
x-request-id: d696bcde97681994fa250af6494664c6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Sun, 04 Sep 2022 15:42:13 GMT
server: nginx
x-timer: S1662536025.313375,VS0,VE0
etag: "75f39669c1b9861e857550d47113adc2"
x-served-by: cache-iad-kiad7000084-IAD, cache-iad-kiad7000051-IAD, cache-chi-klot8100099-CHI, cache-iad-kjyo7100092-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4eb18db5d95001c3ee1735748bebeaebc3a73adb5cdd3f30ae5d0e5188f17bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 4210454
edge-cache-tag: 529855673185721302426545584578276134058,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag: 529855673185721302426545584578276134058,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 91
x-cache: HIT, HIT, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87f57c351b3626ee96b86b923499a7ca.jpg
content-length: 7814
x-request-id: efe54bf3debb4e3a6dbff1861a5db000
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Wed, 20 Jul 2022 12:40:13 GMT
server: nginx
x-timer: S1662536025.285870,VS0,VE0
etag: "6caa6916b31a1a9673284e0b1585601a"
x-served-by: cache-iad-kiad7000100-IAD, cache-iad-kiad7000035-IAD, cache-sna10722-LGB, cache-iad-kcgs7200078-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 0, 1, 2

GET
H2 200 facebook-s.png
www.ynet.co.il/Common/Api/Scripts/youtube/ 588 B
802 B 7ms
7ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/facebook-s.png
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95830431420ad52a28ca356b624b46b3a64ba68ab877e34f19f7a3779c1e2e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:45 GMT
last-modified: Thu, 25 Aug 2022 18:21:55 GMT
etag: "9189ba5ba4d51:0"
content-type: image/png
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1507696
wai: 01
accept-ranges: bytes
content-length: 588
expires: Sat, 24 Sep 2022 18:22:01 GMT

GET
H2 200 twitter-s.png
www.ynet.co.il/Common/Api/Scripts/youtube/ 5 KB
5 KB 14ms
14ms Image
image/png 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/twitter-s.png
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e5fbb75d9a459a3b07cbcdeaa0c1d29da5d8efa904dc0a1ba3f2fce6a09ada5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:45 GMT
last-modified: Thu, 11 Aug 2022 11:29:25 GMT
etag: "a62b9463a4d51:0"
content-type: image/png
v-ttl: 7854
vx-cache: HIT
cache-control: private, max-age=281151
wai: 01
accept-ranges: bytes
content-length: 5240
expires: Sat, 10 Sep 2022 13:39:36 GMT

GET
H2 200 image.png
images1.ynet.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/ 235 KB
236 KB 8ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ynet.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/image.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d9db27d4ca79f2af0936f4a1ab1c13ddb8a8203173710c43c659cf4d1e0ccfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
last-modified: Wed, 07 Sep 2022 04:41:37 GMT
server: Microsoft-IIS/10.0
etag: "8e77bc1d74c2d81:0"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2582565
accept-ranges: bytes
access-control-allow-headers: *
content-length: 240657
expires: Fri, 07 Oct 2022 04:56:30 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 136ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ffbb4736d11df12386851d0041f57b945f285f0d8402d21c8b767435b2cb350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45ea5d9cc21e5acb9aa17d4a4cddbfb4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f8cc14fa1943b870223103093e977718cf5ec42cbc95671af684e83be1c8908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 2396024
edge-cache-tag: 537063874361979870823702968662968443341,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537063874361979870823702968662968443341,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 146
expiration: expiry-date="Thu, 25 Aug 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.insuedthueringen.de/
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45ea5d9cc21e5acb9aa17d4a4cddbfb4.jpg
content-length: 4950
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Mon, 25 Jul 2022 15:12:59 GMT
server: nginx
x-timer: S1662536025.313346,VS0,VE0
etag: "a164d0f396215b1b0324fbb1b513b7b7"
x-served-by: cache-iad-kcgs7200041-IAD, cache-iad-kiad7000087-IAD, cache-lga21959-LGA, cache-iad-kjyo7100171-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/29/S1UjqFqJi/S1UjqFqJi_0_64_1600_900_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c63f535398b243ce95a9eaafa6f72126eb3ae3993c822f6b0c4bd959f67bcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 07 Sep 2022 07:33:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 695966
edge-cache-tag: 346402365499315799428598336542510893954,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
cache-tag: 346402365499315799428598336542510893954,569670627999366304404722492781334454256,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 313
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/08/29/S1UjqFqJi/S1UjqFqJi_0_64_1600_900_0_large.jpg
content-length: 6198
x-request-id: 66f1836e750657675a70e6156f27f0eb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 30 Aug 2022 06:10:50 GMT
server: nginx
x-timer: S1662536025.313327,VS0,VE0
etag: "065ab9286ecf77952febd7ae26a9de26"
x-served-by: cache-iad-kjyo7100091-IAD, cache-iad-kiad7000079-IAD, cache-lga21983-LGA, cache-iad-kcgs7200165-IAD, cache-hhn4020-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 5394 221 KB
61 KB 149ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 09:46:25 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5394 14 KB
5 KB 215ms
106ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 09:46:25 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5394 94 KB
28 KB 230ms
121ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 09:46:25 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5394 5 KB
2 KB 212ms
104ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Tue, 06 Sep 2022 09:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 09:46:25 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5394 40 KB
13 KB 222ms
114ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 78439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Tue, 06 Sep 2022 09:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 06 Sep 2023 09:46:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5394 4 KB
1 KB 134ms
52ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 07:33:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5394 4 KB
694 B 136ms
56ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:40:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 07:33:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H3 200 container.html Show response
5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20AF 6 KB
3 KB 133ms
53ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:44 GMT
expires: Thu, 07 Sep 2023 07:33:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EC24 6 KB
3 KB 130ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:44 GMT
expires: Thu, 07 Sep 2023 07:33:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C085 6 KB
3 KB 128ms
55ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:44 GMT
expires: Thu, 07 Sep 2023 07:33:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9CC4 6 KB
3 KB 128ms
59ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:44 GMT
expires: Thu, 07 Sep 2023 07:33:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7282 6 KB
3 KB 125ms
60ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:44 GMT
expires: Thu, 07 Sep 2023 07:33:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5394 3 KB
3 KB 121ms
45ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:12:12 GMT
x-content-type-options: nosniff
server: cafe
age: 8493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6726277462267614359
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Thu, 08 Sep 2022 05:12:12 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5394 344 B
368 B 121ms
45ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 04:10:05 GMT
x-content-type-options: nosniff
server: cafe
age: 12220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 08 Sep 2022 04:10:05 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10928265665585329195/ Frame 5394 40 KB
40 KB 121ms
46ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10928265665585329195/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qnFWAe2iqCiK5--rLM8zRPicC6aFQ

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d33157d0d879b1718ed80a08dd42795fbe18fe3ece5bc42ae6aacff102150121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 12:05:24 GMT
x-content-type-options: nosniff
age: 415701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41276
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 00:35:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Sep 2023 12:05:24 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5394 0
0 80ms
79ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct66jWEkYY9POLo703gOGwqjgD6C1hJdskMTR87EPtKecqZsrEAEgmfugK2CV4pCCoAegAZXn19QDyAEG4AIAqAMByAMKqgSuAk_QSzlJ_mZP_096dyNvoiwJEi0kKrF5ERCU7pXKGJBh7RBEbdssKn5_mjoCJeE0p-7jBuXX6jufjOJprOpjEUvlC_6Ac9VBjtLL6d2HQCMhzz55dSxdBu_ybBI2JHW-6GYpQ1_d1vmYlAtbDxajvF_atho3WGco9MC98Acw8e6VX0yDYF_p1IX9NVq0LZn8XJr2BrqJbEqcapMc-vrvVN5AF7spTJ_bH5CYtF4o_kl5rrr0qyZ4zGZMh71ZIXrGL4QpsmVLqypKwG57kc4sXxiBNq9oh7P5z1AY4e9XB-0Qf9IeCugZdHPlE-X-mLYiAqOX6k1RbTp16OQAZxYA-FUKzoQHRVcJdPck1I273wn7M31FG9ufGHvIZy2H5AnzCBNg37UydgVdmolOZbdTwATJ5fXs7QPgBAGSBQQIBBgBkgUECAUYBKAGN4AH05ioK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMrnL9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi05MzE0MTExODI0Nzg3NjMyGLmzDQ&sigh=x-pcpK3jq7o&uach_m=[UACH]&template_id=492
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5394 0
0 122ms
47ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcOUkKNr55i1VYVZD63slJ4eyKFlf_KMaG-3xjNgWluP8oEErPKEM73C75WV5maYbqK4LKeJz6kCbyYpAUDpyxDbizGw
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 169ms
168ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 171ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 171ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 171ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: middycdn-a.akamaihd.net
URL: https://middycdn-a.akamaihd.net/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 302ms
302ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 301ms
301ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 333ms
333ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 332ms
332ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 299ms
299ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame 5394 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23ee1e06a82304e3251534cef636351d6561554cc2308b015a067e8416509d49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CAFA 13 KB
5 KB 81ms
45ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:28:05 GMT
expires: Thu, 07 Sep 2023 07:28:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0D8 783 B
534 B 85ms
48ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76e9e65146cf626e4a40052942ef8619a45f4e7939545485ca801f7d530e850b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EJcJ4jeQsp2B4y4XEmtrSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EJcJ4jeQsp2B4y4XEmtrSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:45 GMT
expires: Wed, 07 Sep 2022 07:33:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a7eb1f5d/www-widgetapi.vflset/ 161 KB
52 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a7eb1f5d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

862458934d4a05cc2814c7a796573f38ba888750efbf15e0150379596f0f9b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 05:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53407
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 00:21:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Sep 2023 05:22:08 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 2DC7 742 B
524 B 18ms
17ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&cmcv=&pix=undefined&cb=1662536025459&uv=3223&tms=1662536025459&abt=amplean_vA!inc_all_video_vA!Noappq22_vB!spa2_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=35b9f63e-d192-4034-876a-3ab31ab745c4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 07 Sep 2022 07:33:45 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4020-HHN
x-timer: S1662536025.465554,VS0,VE11

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 539B 742 B
827 B 27ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.4/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 07 Sep 2022 07:33:45 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 24ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&cmcv=&pix=31589837&cb=1662536025459&uv=3223&tms=1662536025459&abt=amplean_vA!inc_all_video_vA!Noappq22_vB!spa2_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1662536023676.2!ts:1662536025458&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-length: 0
server: nginx

POST
H2 204 supply Show response
events.browsiprod.com/events/ 0
101 B 237ms
237ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/supply?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 2DC7 43 B
182 B 349ms
109ms Image
image/gif 2600:1f18:612b:4232:b349:7e6b:417:1a78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&cmcv=&pix=undefined&cb=1662536025459&uv=3223&tms=1662536025459&abt=amplean_vA!inc_all_video_vA!Noappq22_vB!spa2_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=35b9f63e-d192-4034-876a-3ab31ab745c4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:b349:7e6b:417:1a78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2DC7 70 B
265 B 101ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&cmcv=&pix=undefined&cb=1662536025459&uv=3223&tms=1662536025459&abt=amplean_vA!inc_all_video_vA!Noappq22_vB!spa2_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=35b9f63e-d192-4034-876a-3ab31ab745c4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 2DC7
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&

0
98 B

39ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&cmcv=&pix=undefined&cb=1662536025459&uv=3223&tms=1662536025459&abt=amplean_vA!inc_all_video_vA!Noappq22_vB!spa2_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=35b9f63e-d192-4034-876a-3ab31ab745c4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13703

Redirect headers

Date: Wed, 07 Sep 2022 07:33:45 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 117
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 539B 43 B
183 B 340ms
108ms Image
image/gif 2600:1f18:612b:4232:b349:7e6b:417:1a78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:b349:7e6b:417:1a78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 539B 70 B
264 B 93ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 539B
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&

0
98 B

40ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V71CwCFgPIOqX7c9SdFATIOqX7c9SdFAUAAAAGBvQHJLOaOGe2zcotciwna9FgM1oLd7OFW7OweBYLi2-02piGQDKriXNm26zcIsdyshYNNqO1cDdbuDULi2exsPhGq41pCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bXNB0Onyue73u97vLXp7T867x25Vmv9rhtPsVltPTY3b5Nc_L5Xk3-px2AAAAAHj4____hwAAAACIAAAAAJAAAAAAoAio-LcQuAAAAADA-P___9cAgOLAkL_p6LJbXJefQW8xiFyWg-jhurgs_wAAAAAAAQAAACABIODKLwG4sIo6-f________-PGaDPvJH5____vzHoAXjwAXgQAgAA-Bj65NHgGWVPqiIqCCxiBAAAAJBbvWl6NKkTKouq____fiuAKwCAgEELb8GiLN1BibcwAACAgbEFelj8frPDrvG7Xfb_________b_Z_9o8mVMSVkhYkQrGn9gsIALD2CwgAwKZuAABvAnBBR9CKwWB1CTEYrDa70WYyOwAAAIC7____fz0Q3Lg2s4VtOFkZNy7fcrBbeCy7lW9hHEwWNtvG4T3wSaMN-bs5gL4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBaoATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDBkmhmGo8VqLZy5XG7RxLRZK4ybxVo0WM1My4XFOHOZ3KLXx_RwLDYuk3GLggEie5E8LdKJZOJYLkyDicW28q1Wg8FkN_KsnLvZbmEarGYTl0Us0Zws0onssi9uXJvZwjacrIwbl2852C08lt3KtzAOJgubbePwl0wzw3C0WK2FM5fLLZqYNmuFcbNYiwarmWm5sBhnLpNb9PqYHo7FxmUy7huz2WS1mQ0mo31jNpusNrPBZLTv0Bm-q8_ZaD5LJx6fQ2JLHsY3h0HhMli8P4lpMe3ODn5p6-j0-TzKgs4ovH6PXoPCc_CoPsOa4vkM10Li2eR7MChiieAinSjvLtNb9vKcnhexRGm6SCd6tcNp9yssp6fH7PJrnpfL8270OS1iieB0kU5EL-Ppov7jQwxXc8liM1esVnPFbLZKAAAAAAAAAABLmDNvAgAAAHAayHC1HK3WeRCryXI0WS0XAKI4WfeH91HoH9XJaFfqExPDSkHPuLjxY4W8u0xv2ctzel4ZAEBgknnzZ4JYq9WyBgAAEMAGAAAI4NbNW0CYFf____8fBwAAICNHDwAAQL8PFGVpZmZmZsZPgKPhYg!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13703

Redirect headers

Date: Wed, 07 Sep 2022 07:33:45 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=67d122ef-2e7f-11ed-803c-129210fe0206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5394 15 KB
16 KB 120ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 516714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 08:01:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5394 16 KB
16 KB 129ms
46ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 559400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 20:10:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5394 9 KB
10 KB 155ms
74ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 121330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Sep 2023 21:51:35 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3691 624 B
340 B 157ms
74ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNU5Hsi-sEYQKt16fz21TDdzAENYbNjQrdouSsImiP-0p6kRJpAxntLcDnl6SWNCyoALZDQ6vBHMdVxDwgwA54KeV3NEZeilAkH3L8rkDvFbJ4ID5VtbfnZRvkDpA2KXxhfrJEX0Hwb37qgc5xX5_k6VhUD_tHWjiJIYOyVyxJlCIc4PEVI

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 20AF 86 KB
35 KB 273ms
192ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOvs9Sbu_Ot2MBiGM7ZPtoM1bqISc1UdyzqyJf_z5E5M4idXCpaV02pGy5a-0fO4_3WCheqlyBSXHPoWuZlPCrUxpuUgFCPdUzGgBcczRlW4bRRnPY3UoBrS1vEL3TyG-4L_wN-7fsoQg4j9kEessE1Kp3yA&dbm_d=AKAmf-B7he1UYQ_iMsJ3Dc9BmVh_xTMXB2SIyd6Ea_4G8nrGBR5Jca-rFpzlGyXXnq7CUe_TvA8DmiWoxcCor_jY9wRPZwjGB7p5o55mTY7TX4EeQInsdKNqsEd6TAp2bC48j16rRg3wMTMklAsO7yiQHIrSBHRf3O_EmxRQ_MzOT-8JrCP9D2j3SzZDON1hx6RaK31vJ3BTfopK4mbhL6_DaxNTxpi9r9fkEovWZK5knwKNFJz1EdynO50i1pIkngorYRqpPtfcYh7Bg_nmxusJwvgq3LrOL3LS4k-ZEILqn7baBFGcEv-3k5KkVZyVM0cevPudVzxm272uVM6q_Ig07GLYNsw_d2Hf9Y101znlGTT03kbuFsDNoF3m1N2Sbdt-0vQI1hAYJTE5J8HCwVOuHg9NjNl35-0zIfZ3AHjpHpshb75YJyRT4ru8o3aHKTZLuMLdfiRMxTZpWr5zzbhEht6wMSWsdUZSJw7SfZ7hLWK6ARWSWErtWqVNHjEl-tW6kZCAFWeZZS2cGvt3ChvtXV7orgUutakGsWoOdyI5G32soQ5MYUixtnCmVwOEWdTAqONYuANrNPK2sMVtoBbrzaVIDFRoGJgQYdrMdVwjxDIciMpuEGi7Zah9UHFkAi_hxe0Ve0nb9q_MeK2fI-hjhmPE8uV8Eo44ovS6gqyf7IyU_QpPudJ6-W7K49c1Co4Pp29PwT0Yav8cfD-GWXSZ1HGaXT_SW-5w09q44kmhe0IFsu_hdlUGWLmpWMiNRPTmS50hnwKLtT50X097V7hFNAdM1WiOat_XZtAyOwLZYftKYYa9hiGK-MjmyDhhBkxfaXn9ktJRdyymn3e05hIjfq0stHcl3qQ9azC-6qWHM9mth5d8MOfZD-QFM0cW-JZCM4nY2cSpQETJj7Kt65C9Q_95BtngKwaKcsE7L6VUwPe0nkRHPphZmpxLbChOzEYIrvTxNJnhYJhMUKOKOwyBjeiK9WPeUIhnnbhtMwKgFwtt29jw-f6GoPGwcMwuJ9cTm8Gp-dDPlKQ55coMXpu1JQGeKfEWlszEZApjEE_di7o9nIBVPQ9xxwQF-dyT_KvOiMM0PajyBO8araDXpyyDj0DqrDwvBtGaJLDUlP2ZeHk-eVbe7mL50NJR3EJLxHMP2cBkp54BHACsqK3659fZ_J6zR4BjqwBy3aOQZAgwp9HnvS3XW1-GBRtaM5Cw8I6P6pJF29UzysjMp6uLXa22uY_0LItlrvImcrNShtp2uHjRibxjbvJdR55io8mwiubjSPzFBerygNFqmA3qXhNqSJBsH3U39QcEfXX018KQN1-VJLCzy_RkOdqcsfimcsFe6op1q8LxLPEW_9RnqUIEV_hDIKc_zIXSg_CFntduawbLafJf0awYuWqFeZVueml3RG9Dot9SxtcaHU2ypXulNys8rtoXfs8x9oh6q7ZoZCjIQ5eM9HLIP33knu_-KVOeDmd3zq2B6CyB4payejreBVc-i7miSYgI38tbLbmFCFICZbWlGx3IIB3c-l9nYoTC9dkqCKOA2buy4gnY6j8O6hxy3BXlkL9Fym83lFQrRkFbqZBbp7vd7QlQmwJ-o0EfLuy21aZFMWBkHMbFM0ID45r77tQaHjX645W8Pq_rob2JVcKtqEQxUlfSw_fCpNMGR5UzOolenJUQT_NL1LT3L105UTVN0eg0_HAiDrHswfNBQ1j4WiYn862OiC0JNBfv8CJqwONNxOr8YWfyhcwXe538HYjVzI2_D3DXFCCnY_G9C0lKdFDUGZR1k0J76dwWk7o8bdeQb8HySL1-p2SOmk15E2todwW65zIXXVqrnq_ZvVFptkk6RcHGK10JrZIa-aEU1s0hoaMCk6HMIZKA4zmSs_Qui5sfCD3_Qz_yAC7NiG2L7Z6UoYbPJOtlx7K-zUWJ_7BKylwGuCX2qTy5xnUPYeOIcP74w0zxfmieSNALMHSRmdVXY9AuPdmBcyZdxBzLpszFX-9bGLEAPRKXY9VQZfKJXt1CM6phCWII4Aape9Dr_JI_lerQ8QHOzfQEGwOhgFpqfCQmctYFj1QnIpaUXn0xeL5X9dC5d77etmt9pByLjx2pBT6Mbsrl0j9o0uiSa3TO4xhOy8_FBybgd5Tm_2jZ-jf_MB7WprhTyv2W8jnaJg8hC1Dp1NPrTcPXr9z3m5njz5tI1LTp3qG3pwpO3MIgGbsyl2kiH0g4juqOWrhh-YZiIfy3LGDoxeswdltrXIrYiiwiPgQY0MbPO59CxxH3ls5IP-VXv_Tsxt195MIBxGC-Mjrtqcf9BY8n4HUyPN7mMIo9hcBDgecvByNnayi1Enlq4DQ7i68KkpuV9eS5eDDQvcZd57mJpk8iEmmS1i1CAK1-LCCHAm2vXDI24rixukx3w95R-mle32ThlvYcah3IZqrUieV8Iz7x0rQHaeYacFzmcG6piUpHdK1mAQ1SXxCWMa3-hMtdQ4pA-3fJy19h2X9EA8n63rJcB4fFUUNrKjonzWkjRd9zxKuJDnegSBkgDpkhYcnBr_Weak8P3j6FrjLODyZo98iqxLX8zleu_XhUAZ3Vu1wa5ouEIo5pemLvSqZcne_iLfCc0j79Fmgynw68NdF3KQN3SczNYgPDNTeAVdPOY9dAf4_zWTWaossMPpkRRR52pDasyIk8HBfiyFURiSvqWfh2fiAP7YJ0-BqblDmUZe88JxJt_llVyAl5cJJ8KCfl5lG71C4uVqquBPnJt5KNMMc5zMDUtw3dNtWG0xBa7Oq9VUFB9FgqwH4eRi9-aAVSU4E0B26VFbWIpVUsqOW_hxUHCAuMQZdzfm3UguwxyQ5y51il-7EW8s9HgaSy-ltR-4_BX-SOhs0v7QX8DqqWBqzBiwz5yaqzdXjWBu0J9nPuFj_ysJTapHV8zYrnrUSoM2W_8mElO31Ueam-4idWUcgXSbjyFV7d2DOvv9QBW8FUxp9Bk0nGevl15H2qy7t4bjzqENTGtGorqGN2db2kokpPxOashaAUNi71uAT06Je5pfZ5ubPJsHNrxpMug6jU601KHzMPMju0ZAF-xIv8ZqHdfrgIfU9m5QjSmIfiES1ni3ZCHdu2INO3_sB-5pgx9TSOel9hIVMPsyWeia-EJYwUyheXzEZIQ7GvvZowBErhJnl7E2Revk5QhDdD7vBnxRfT0nz4OVJ_mbaSsJY7HA3sjeIKLeeetSZTdWyGqHC0618sTrXQDT9VkO9os4B0_BVcZEZwFsZoSJqD-A6w0elOST_67jXYo26Kx4ldOtq4NmDnY53-cz8WpatW_7k2pZiQKTnqglI8kxoOSIzLkbc2zPTF-0qjZ4e1Jrj5JKIrNQXPanYtxdJXPs0nlYD02Nc645L04q6cRtx9nm3CYfC__jnORIblPHxtMlqax9Tnn7Vr7eCAXeweXoUFBKYm2l3rYNmri5eL4FykIGcf-s1R1JcfEJUccNt0f3QArOHriH41vYv-Vm5iRCJcN05PPR4eCOAJRUJ_rwC2XFUJbx4u_V-Ra1zMLNKkUTxWTOjVTnCfQY339WV-YxWqilsXTTC2Xxet8mI&cid=CAASJ-RoLdzO0k0fNfB4uOz8geZTnh1e40VlbLoigzM9dLT9EEmXSOVpqg&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22d2dbc68eaac9b4549cc90f546bf3a25c68f34fa86f795b559a7b842c5a11c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35479
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AF 42 B
63 B 148ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CphlKZE62s1m3ETw3OIDhu0FRq_CVAbSEPsxdy_M4zpqMHOPS57T2n788m7NcAeXL_WUTu41voQsDZVKkmra4byZUCZYE-f08SPCn5I8V-1IxkUwk

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 20AF 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:00:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20AF 142 KB
44 KB 136ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 20AF 17 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:40:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 20AF 0
0 44ms
44ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzDZwupKXRdkbq4qGkMOZY4Ui2m9ALo5QYT6F2dpeGfjWNDeuSJPf4iQrZFw-XNG-3hbFzpuXDbYf1PZgDTf5CpiPrgw
Requested by: Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EEBF 624 B
340 B 150ms
73ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXLPuh1w7RtNjQHpb2ZO5-b-IL_WwoYbRkoTWc4-g-1L4Z_pXQwN1BdQ23-lWc208p-fxjctGjOry8C_cQ-t1znLbU9wAj1ejkx3QsWTcvP6LSujnPj-fl9xpxrxlnOMAtsqN9-o5V2ZTlRLi-g_M73pAgLZcjGK4YE6kD0muXx8QIPHS8

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EC24 86 KB
35 KB 236ms
160ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZKZXiYJo9Odjv-L2DvHi9rZ9RfEIoeAmZrLLms0Hn19kaOeQf8XQVRvkm2gHURZjFT4vIQVZn_hOs8JDmTsEI3AOl_j_z8a0vpTamHghyOiOoFObHBVMcU5srz0wXKi0GVL_bdr-ULEhXXEZo-JUssgTXVQ&dbm_d=AKAmf-DpEg5oZnYnSd4CFJ1oT3fkbVvoo-PC5mTwXeox76YXXM57JMuPf_WVUDPD-42Nc4j9SWZedRMT5Il6-d3fC_OecdVv0YxeMNUjRpwXDb9omJrXd1MmqSBdAul-xEx083NreyD2FzAODyfbd2AZ2lKdCEq5UHPZr_MxWLRmr1wo7P_Q8kfLgRT1ba_28h72CrUcOJtqFmWl1ZWEw0pVX-5RB7sSz6RhBr95i9v2Rm820Ytg4WurVrYM43AgjBFMhYjdwJrWxqRZoRO4VVbBfSQdscDa_Kv6n25mK4usyCrsQVICdSIcFYD3RuWS7VXpDMdyUpcRgNdqnQvDg9_jcsVP_g77QXFz3OAL8sC3ezASQgWhCwKvcUXMnXMaQD1Id7U9sbtz4HXRLSQ9uGnKxo8ctBIV4Hbws2u01_MC1w9T7srHved2ok0v7C41YBuRKwlpP7-vdCZ_7L3SXAcJGh4w6wF9XN3NtHuLCIOOs9T3rCf6mR8GbxUvWtg-HcyxMO8VUDhXzMDZ8BTo1VdFMkd2MpgeZILCNfpduw6aSZWH-7aMJO72OtR0hyJqAAqDVyIzaZeLhXcoZM6RECuhxxJTJKFyFWJoh30xyehE2wH3BsZIaNS1EXrfSrGmKHth3bQ-R-XDCysyV6pKndgwCpPneOxl-GjWFcLtcmk0xyd2LpBAn65hC9dITUoPfRL7QzVg6z1aoo8HDBd4WG4NRo4hE-kvKO3bc66WsJQ_LKEcVyREbACH7yppbtPuM49836WeMYm9YNlYuqqXnvy02_ANG6yj0V10yvBIdWSeT8cRU9q4QL9Dw8uVApE7W6WNPB_upvlPlIYT-DEKCEA-v5gaJJlnIoQ3EinuaKO9iCrSt4lD5Kw4wxkUTINyW3ttHqLeruGd5I0oewAyNweRpiHdt_BvtKTHy-Fonjj3IRYL3w8TQ66NmeZmSu1kleJg2fIYynWxKNCsYZQByJxCypNHfq6lOB9RbrP6XxvqBLazZbvYCkxl4kvVOtEhvw5uj0tFWdD_b92QthOxAqP7dJ8rwjB9h2mcNHtavVcK6OiHCBH6-x9zL5po9_U2VefVf2PuWAFIIrFZ6_1j4AQwreXwKh8av5hjPu93-SDMP8Es0oSSdqvmxdFjgnnDToDq6ABaOD-ONbaBeuDM2DeeVTzC_iuwDsxXz7uzt-eIT9t1-zqHHsySFgl8FEdrke7e0UNYOXdyIdeYn713pFofuFrhWoYDvuCrBhJBbFudLFJ_-G7XE4KNg4BoqC1HbZUP30isTdxGcAdIH4Rqxs7trEtHVpcfAKlIO-fLr-T_EpvA9Pf-z9TZOzqNL2oCybTEMjPVI0FbpEobtRLnoVTpIL1tjy_XHv0IFwuSQltBPOCcsyg7tMf3QlzUtEmQeFQD8Annd5YHuER7YdWLtN04OCPg_ptwaampnpwRdb_W8wUpOL_3QzZWnHxDRY38GdG8nmFB3M22JCwhS6IbLFDE18deR_K7kVDYo6Y70or4MNy8h5rDJ2meFc1PmVrdB8Q1d185AL7kjgfcMWoy8l-6jr4yEGO5tabWpNXoyKg0FfgjQA6j6ri8T8w5I6KZ0Fq6t2MuGUaRVZe2EZDMAdOJlh33qON0S9ktaS0KaOJt1JpzG9DDdLI6LBRg3H5sm_VCrhPV1A0E-sejfwxWoXYdzSjKk9Oh68j0xZKLJrGOR3KpQWA5IDES5ltz6rKJqbk4e8FBXvtLMvFHE3JcQ0ZXQEJRMnNLxDXYcE8Bt6Kz_ZdCAUd9fQjIJDY8tTNr7I-o5q-bG0Oy6IPkQ9O_XEJ6AJ-afZcyyz0GF--Gt5mfG2HQU-qyJMEUl2Cw6jlpvcN_HIBdLD_lJ0do16CJ48Z2ZhZOAkdWHnCT6XVBmQGZ-Y-63PAZVrcuPPZCXc_5J8-qIoarcqHcd1sbetX55ACBUXCQCoPiC2-iJkjXJLb21USMJkNylJFMj8fNvE6RwvE0X4Sj_n8_r9YV9OpZgabI9xaMzIwDg0bkYLMIMoolz-Nv09rXPbOaZk54zRO1ESZyMqjO_2K2gzWyPqbrPEOrzy2lIChZ9W8zWr6i_ze9N6sRrzaelJAc4whx07bvnnUBd8OpP_BreHx_T8Ar4JXSbNI-UQeZfym8xCd-VC0R4NhZTTLLUu9FUWCoMDyFqYV8uUXI_JHYAlmOo_CJAT0MzvkOJMbtXQYb5TZzm5S6QQrP_taRO92RiIYql-qsylJdh2ce3c0waNAzngvsm_jQs1ciIntyoqXTs6N_bc7A46101nc_N0xvM6IJv0xDpVcp81Xavwslj01hMq0hyRlUBBx6CUIZoIBvkq17S5j5DlHjizAzvfr_biRuz8OmsmS3Ql2-la5WuGiYO5sOuicv9T6jRcXjEE3JVEj3cfuoXEgr3WDEyd6hTLJx--uNJ6P_NCNRJCvHgYTrzqLfbkPGjgliXvdxz0vR89_NQBe4FKblB7BVzFpjOh0U3SULf-BV29ouMMlQLdLJ2pnvk3AQlwXZl__EAD3GAvXTYgm-0W3ELlT4MEzQUyo6ftByJS1_pdaBg9p8AgbR9GyQnbduoFC_7mOLryZ6ARYHUcUciOyMT42TVOQpzi8pCw7eB7RmMhC-H1k9kR5UHwk79-fPhtgEL2s05Gc7qSC7Oz6GetqfnOOPq0jwX3nBToyuA4FMX7HgSOGCZzkRQOTtQ355LRETJAV3HumZ_BleoabmGIbacCHP28X7fhxDrzqFU5kv4aeM_Cxkznz5vCaiYJftB8XQdf5GfyO3Rrbh02kuXenMqkNjnn_3IqakvfEfE_0rkapXVX9teT9bHVh0Qz8wQXDSMdPvlrWmkFFaw8JAHAUMKDLEtOtzqAFUzscumgSzwXwI3vGv1tEgnL1cnvxxR-w32gSqbv_taI2WusH5QTO8rA2dib5luNbcDDXHJewUz1dOObAgq9g3xHBPbURjosNJxUGYmT5zx4Y-4ZvWxeoWlhpRVZX4Xqsh0U9amhmCrM24rFD1yV6lMx3L7O3cp-U3TvvQZsnLv7TFXj7hc6LTb6WphpwCpmtrbt-6vosTBLAg3Qki8IZZ98iz6-x1wjQajQiKkbW9a6NeIEXtISkKEsM0lbdG2RbhSnJ6CXL4c0r8tW89o2Jtz0ETowHoCdpFRm9FIpP7NCAoB5pv39CmSikpVhYwPFaD-A_diL83ZOY_fymLpTxP-PkqEkDSy0MHjcXfQBP9wLcg3pXU-ineF6bufnbQn5_xIqaXghI4guwwd14l_J6jyQ6PvFeX1WfWdyXWJ9htbsG3eqUbGGNQUJHKn2SN5KUq8QViUMrz2ILYMUlVeCoBV_yNDVe8-Ldakf1FplHCs34ZsQGUkwAwJrkq6qDs6WxhK85pE4R4J4z8KfgrJH95HaF4aOOCmoYZ0eldr3lXqWlfjX4beNrYComv1NcSRcTo5qgIYkwdTsiJMGMhUZ6vaAWpwpN_U9-XUC0h2iBnxIXY7hlSThL1MEPBmy8Cm1DStlZZ01jpmf7M_hXPzrO2cTebYoh7GwgeQn6l2pq5J1_2J7d3qR2d_qW8tH4&cid=CAASJ-RoabdvbCrREj3K6jzt8xSWmcXr0YCe0sK-Cg7I0kfJh2oDD2TBOg&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a235fb8fcb10d1aafca7e0d5c6eba173e376a5d11430decd1740707337fb0c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC24 42 B
63 B 139ms
70ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cv7JG5GBhyFXcMQqNj3G11Ac4qHTOIuTAKRlFSenCU4PpRHKqWeQkYLJ4g9RAWGHF9FXQxuA94zqfUIydmemIrWxnwxizU5Xky45rAxSE031NeGo8

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame EC24 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:00:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC24 142 KB
44 KB 221ms
143ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame EC24 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:40:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EC24 0
0 44ms
43ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTKwUQH-medtcfUQHGAgppuqNQ910KE46O8pWfhNmKWhPc2Jmf8qlHQJoSo1H8D7T29OtR-ZQicX6Ur3fYnNcQRGfl4g
Requested by: Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 03FB 624 B
340 B 147ms
74ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXzMzXXqaLwStTPVdXvqEQm9GPk8LQLwBN7pm3H2yit1-qzzNOyxkm2pU2LWFqlSCl8H99PwnUdgxVwGcsnPlxt1KsFimQKWt89DTbbaDPYMTXI9qtpDF8CXLGVb7iZIiKzAAhyYyjaI0LN1S2TKEHjlbB382QHYbchwVTMSekWK97XC0U

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C085 86 KB
35 KB 254ms
182ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFpXZTPwQ3AXgOByVWcqwYEoHEZFg8LDYBs1T_m4SF8pSLXmewWRWlKWWUlNmxqug9_PHYmV29JEarPN3IHtzQ1I_ZIa9Nn4MGThqQhRkEfH7LTIfTVbnqBC7owNMKnF5eVweSr6aBzy4scGiZKl8BDIMdbw&dbm_d=AKAmf-Co7OOqpH6h2Eif_lCKhPibtQqdTTJBY3cmGesOVAjFmNJPUDL5hXLLzZU70nU-d9-fxUg8wJkb4sAYhTKLCsWpVq5yy_0Zya63LPynFxYkrBZgK1t6uFjeCZgwS4bOS05yipeqVc0wWgagYtRyQOAYOGGMAvzlVf_AK9Ui2tMs8CZLyEFM5mTN_Vqb7k74rAmrcHstEQI4mXYR567z-U-Z178Fdewxlt2gMRqb5ncafQhJgujU8WZaiPFswvcUViVUqC4-Gpjv-B3ORM7E4z-8TzPl5PJd97xSaT-brB0QcWZytF1NfRiXZIWjC9KaR4DQIBfTRg1AB5jEuS2jAjipCj8KVqPyMSpoUiT3-z0gizfP2kkI2bgrPtaT1qFGOgTD3hbxD5NZKMC2i4-5bhqpVfAn07Fg_gIoM1wlBXUBQtIvXHYvyfzeFENo3vXqJu29OP4n97-Ai22Zyhl8HOfnmmMSkh9OTUng0gIRgIKdxYRyC7SK-v8TBkkJNse73q3gvoEr-pJQ1Vn6J8cz_s39zGFzNA7WMy29OZtvRdz_quGhUhl4uh9-68R3OyIF6GMu8Yx-hnUgS_Ku2m0R7b18xINTxUJ3qcJAur3Rn-jGgK0KOEf8ud6n9Gv6FU302JGNseb6hd_-LUY8vTftyBjmPq0VBm1C5zLLtKyUxXWxqJaMouxSEAUiA7OWetyPS57AM3-dmU_Tjm9PHPAWOykU_7KOY2MYfTizq832i0GJ-fzbFA0gPL2wEUuTA4FNYBSFVeDSwW1wLEeGZW3WuSOBiSHGhByTpLuH5_BcJLkR8mUe8xdKWreeIrUj9u6roVBEqxaOkJ0q-8M1JRLhiHNou4XMyXvvpNlEBer1VPg40AX3jbO60JEdkmoqwbNSxMWcxAyPHFKMqTZfkii85TyhjJ2-dfXRfs3qAFghzvkP_DFyvbjQbRNjbwuvpTPAHh2Mpw1MFyqsSsbe6i6zxympzdC0VXGaoBpTWtMbdrIP8YkLTBULgGPuZ2QCH4N9OlhJWPL6RRjJVPpzWVbdVPCAoFeQKkH0lgDuYVsxS22FvKHHcKp_dCOjBVdtM8upI6upp3BVOHrWUfjf7ylLMSreE_bROxP3r9YWQbrgFH5NanytNPTWRbYmq5EU5LfrJRG5P4q2YZwraZYzSma_wVlQM7Qvj1MP0Ko7aTv9hhPvrYHAHuCZBXmXMHY2JLbtm_6Hc-7Z7awEiuXwduY1kF46EIeJkKDtMJq_IcC7ElCs33_17UOqbwskb4nLIQyyMOfbfFPsvgnQMg3EajtjxPl54tGv-eYjSzy8DBgBKLEu5DPpef-abIr5NXbhfWk10x9JUVPdzv3arQh8LDPO51RkoG4TBLuWCrC14E5jzvFMiHDLS7GKxH_HetfB_bUAUEx8h892X0ZAs2Sjud5tznSuEE5AAikmcwBxvmruVM-8V2IrPfSDvPMQhgChYgzuN3BLPa9tjZPMaAngaeJoQAXRO6W3nsP68vL_l7bAecqM0v76rSVx3E8jiNuoObvTE1SO3ZsfNdPLLCYXkOnsteRHy9uJN3zrg9x1JLr3cypl1L4ECUawkxsAaYAAlqIZcf-jOYkp1jGggHcsuxli5xogKbngs_jRPboOFTxmr4YziWNEQwxPQDTOYUPhRgpSh4v92NCT2wRsM31aUfJYv4sZiTP5eezJc9bOhGFNSFzBD-o_SAUKLL6HnamnMXns0aseqbfiglfhi0F5UTm0V8rLClRxI-owkQVKAjs7XIT2Lkl8JePNJUBN_kOzBq8GEvPPH8OGGhcu_hyClvQ2pOC0SK3ZiCd1Ee0NaUypOLM4u6noprIT8LXYSp5rTmfi79yA3AN_nNki8yb01vS1Bf5LbUaH54efwBLyHwgt6pMdfrZu4mjM3Li9a9IGvatZX0JsPLzvvADZuOyH5kBUgM-OiXyJbQqMn3qOfgeMfbT4jw0E2CJRdHf4XYZy7dxBmr-eRk2iBrBIDrc_Ge1PF8OKTqro5oNiLUaEo4BNKmAaUUkL95q53QxNlVXJi43noTlrc6BE3TC57OaM5K2GcyQnYKmqZ28r1a8MFqPtB_Q9upIagqpiSG3jblMLnybcjBOA2gwamVtMRacOLA8aaDngNY_Cms03S0x-uuOofQ4vDVzWpXC3cZs0ofDTnA36KRtbyd4qHOTIWpLLbA_D8dD3DKlv-NYy7mZ4ttYrFCmf6MhSzkoT_mRY4B07V1o8JSGj1Ov7zeNjJh7RO1ayS8l6HSTi3NfseGZeAzs5ZdLdd63jKqFl-e29i6_rTJPf60B8Gc6Ypn__MTLMJJa4ii6pU8hl37z2MLcduAzppcFXnwMw5rWitkk4etGoYxuQVI-G_8SirI2gqY0LlDQrF3BLmBq01FDlP6Kq0YpYU1HbeZ9QlcGYpZT6appCKcb93hvqNFU1fFAg2YNFNqUnjlxQUh2G6J11vUNatew6--OKdq5MisE58vWjwQlQlS3ETMQ0VP4fL-BL5a5-OJv42d_kVuiHwFIe_crNLSTiZDaJAoIAVIqSls-EXZxvDjBEHjJ9NXveOmFrpQoKqLhKhSkbLkDW5vWH0UTvbMivmDMuKVKZhg6NeTG0aEHIyjleFUJOIEE8JRnyePjBnV0GRhFmpVS0kF-n2_cWY63TFsYr2As-Qz2Yk-if42HKqQqV12YRqMYeY3hIo67B6W7mzCP_6sQ2cChXSSJlVACx-XBFDY2fKMeo6T2CCe9FkL7dnsV1Suo1h5XlhZGo1pxkZqu_wt76kgiPFUbaeL-06hBGQ3HL9JqSC54FAyStXxs9lw6zd2my5q4zuTG-D7Msc-KoSWyuJnQfolu1smecPDpowXc2Mka9VBOqNk1lqk_x1ALuSfrnlY91MC7XZswJ7Fe7tPiq2BzgwhaWgiFWHoBFdCPTTqlhmsk5dxOReOYkm4FKJHiTamu2ME9Uh_TkLZIgrrYqBAixqtOJq8gJf8uH1ho4h2f2mdjGB7QM4AUrBbut4E6kWPmFfAijxceoRb-RABBmf-6OaEDQTOXyA_ZkSqxV-uSjsqn3o0SLUUy5-KmbhqcXLzt7RjaVfqkB-qZR57kfNaKCOb_oGPpqMZsWHhFlxLO6g3KRD5mh82Kub0mVwpMWIP2dIKka-ESkKhWL7yb2DR8QezHaMOaH4Sc-x_a1lXwBsXNDfltDnEXo4wxkIVOF4N8j3VYPfwdcRINAFLGYKr4t-PKynhCOsCEPXivfgVCC0s8CFZeIzQ8nwxlsJb4H-Ghcq5sflCanjGHAcuK2ZWOqfa-fztFYqa3rVLlrewbJl_mcXZ5J9fYPfWwNbWp_ZtMTTyv-9tk3TSb8X4cstf7JGhdCcsbNpUa9LPc5HOQonZ0c1HYccaGLmo7UUBVTJy4Eik1A7iVAoT0HJhAt6DmqHdVVLDIIGnYeX5aIwg-_uFaWtQFGTL6gVNxY6VUpllfzmcStDLga7G62rMyjiqOrGkZVS6049e6_H2vUGWl-3PX2so-19qIXmEcNRBfeooJK-QDJm2WORhmbwPpENg&cid=CAASJ-RoOCto71EhUHA9h6E_-7bQwpO9Uf6UI_KM3v-lj4kQ0Gk5LjHpwA&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d88e9de19e5dcc252df252dcfa0858636ca8af0c253ffef4960f2f50c3670f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35500
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C085 42 B
63 B 140ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMPCJGbMGaaeG79OQHzyCiTr5TZwCv06xDxSKyfMP21Dj5LcJaGvR4z1aQE-yzt0aeZFzaTu4dTyGnxkpLNcXpct1goo9h04Ccg1WaILvCJVLKLt8

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame C085 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:00:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C085 142 KB
44 KB 236ms
161ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame C085 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:40:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C085 0
0 45ms
44ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTs7L7GVijsJo457IH9vIr_21JM99s0ih635kB_7hX4d2l8Ums3s1HNn6pAHdZScqNo1zzw9Ol4q98JY_IEEiHgzu1bJw
Requested by: Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 44D7 624 B
733 B 138ms
73ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNWMVH4oztEvVig_3y1ljqghJyvK-qMEiAw0n6gitTJy_VuVCPtw9aOS77S1_kr_SGQEy6NN-w90lOTb5D_o_yP2iJY1X9jpiUxUDKn-GM-G9_lSLCqshIrJ2ekhn_FEuE4CytsPANZ6GImgfN0SYQ_NWLK6qf99F-Bi_5PdDPAGxTmEZ6w

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9CC4 80 KB
34 KB 172ms
107ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYeL4_WYLiLFhFUatwNhOFlQuuDMQnT8bFfz1kwjOls273YqlCKiFkyN-G44prIb7fbpSkBvW9UvoCJG2MTlTXxqYEsw&cry=1&dbm_d=AKAmf-ARAsgXLlQa7uNmhwl6xAo9YKR8r6I9ivyttga3noRIhgcxsB8f8J5fDVDY-bO4MvFz5z3aolmzySwcgsFhKbkgAYeGt2plLq76ft78VXaDhwouvmYgC7QpjCUyYh78P0d2LHu8mKe6D5SC8uUoV2aY5jimnAxXyMK6bBr-BMVWQLTqrYuFI2y7cohJqIDIHuPXN94QuO8t324WyGzp2L27H-jlrRWAX1sNYeSBd0FSO3IYdVUWJ1bP9ZYb1PrrGetRMWoiWHdWaXht73lfYpERGApYKWITRpE7tN5yUbDKOR2rYms5S1T6QGLvdd7xjlzL3Lc7TfQAdZHv3HDcO-kSjx_DWkbkdElN3CiWEQgR9ADiFXBoOT3MlWLCGItwkeRapAR2zyPOu_NYoS5b_V3Ye7MbsKffnJnF_begHkTKf2z6Ciq9t3I5_k7OU2DDqbjMYNjbBhAVPaGaHs94gjaXSjsbLLSO2E1YB8y3TEmaS2BXM-rFj3Es6u6jnzkIotGkISHQ0vmrPRZLtKP9obSo-wvTq4809MQjL2i_HIIV06J-0hv-sf_PhROe8tp-08hKNHriS7nEn_IkZDz66BOh7qkjRUfClNLdm6BZzNZJld_CghRbnPAWtQv7db4Vnl_hwfxSDifvS1-ldNEiDfx21aNiTSnaFwyrs0C2AXI-rLGgWANXFnqyH7G6Ow9DtyagI1KRh_r5Us5TWYpO-uS4ozU5nuElhaerkUrHuegJ6BhX5My_Q6-4G9KlnI2emvXdDm0T29VcJcehSa0qR4ngU5UlNIavQdg85RqPFHbHIlx9Go5uxkbfTn6ZI0UMctNs_UQZUE03Ds1xmF2CrzJj0bNNbg8G3JxNrT_nXB6k-1kwfs7blwEQ_w7PqZ8LNM75CT8xnhZjzLniKRdsuck9TIovC_P5flnoQzj_7u6w_QE-cyfUu3GXa3J6yQZeeVgxe7HEZ0mR01a_4hWGzcPa3naTAYHbjCBbuKkkAvWbxMSTzHeKBsW_1O1XhT1Gy7diT8EXyvGuYMaOJBq433u0WEkPFskHbGGF3K6QueY-xscZA6HOQqSiRZDfgQOO3qlzTqefX6VZs5SvTH2RhZpk42aSBHk6fq7smB9mNTnCcfugW2wgh3AfeB1yeWsYfyetq4V-cyqKqholYFjRqXRjNUu8u9ZfXHzG0ZAsFmVAzY8efisx0Xwm9k1a08XwZAVA_4r76a7Q-yLUTCel1XuI9hW9IYOj-0LKq8BS8BpQYYVFY-aMvwbEFdPBG8UKMIbTBTXmxcBXhcDesDCbzpnru8EV2BLctn2dK4P_ZGvZ7xLz2Yp58UPN4PMvKcp3yfen7yTqqy9bDk1LbNhBZS9ynvRaHiKy1sO-1xLT8PgwSBsJ6Ay3XwP53uUgv_uMOGquPvAvPJZESPN7v0n8JHEZJZJAnfxLG03hYfPkGIr_GJB-d4uvqNxhrmbULuyMpdleZONkicdOuCq4ZLJ2IrjvlIi-H7UkvLBMpg_V3ayFXVLr01shc3rSsT5N2z3sVFCOmhFhSZ0Kl1qsnfvyh5zfTkmpSqNhSt9qfKBeaG55SqwV_SQy9ApaW6P-9D4QbO4PU1-5Pn7fxY8R2_sfaDLkBwL7pWxUiKPRinHXBqoHnRzKLTpa_OxFSQciQKQGhlTLKnUE5HiuG5eUNJVMjPBOiLfMgOVwg3eHX3bt9nxj8VaOnI77_gAc4zw9uhYDJ3rrb-BqCz9SU6V1FB-ByBg6ZBlDSkUNz2ektRNJRZZoYEPi31D7bFHefwGWKidpm4epYdFksK0yixLdJgKo6dB49_OYSWO_Q-lLVDdx-X5sA5GgDTheMr9HAxykLKYhyIM--RmVI8rq0MR1e-yzq_uMhrpmG8BvpE5dA28cthXTyGP7egLojqafcOvbQTnS1LPXNWSVFfzoV9tizVojjLhpQgwiVa73ocug28GIjHJ0YvF6Cm1l1Y5x2BheTQKOHSGgplfzihVGOcIMtve0LkEp54ZN2V_1_gbM8TyYfTmru4DC93vMDVk5qLWyetNv66R_zNrdgXhEAiZNvj6LCNSMp67xoUyGVogiMC7ZOhuf2jynzo4TDVfEd-b1fcyS9Vi32Off587HPDlK1Fr2wIqYVZny4rbpnyuu1Z0eZ6FaWmxHYLOiR1CcHaelNuMZKvJ84RdMYQusdXasg8fFvXxB4yG1Xddl7pPNBpJ5AyzOKkovFPzb7PTxb2V3A4S9fKD4EH9eg2ahmIzRwODfHL7YhX2tbxcy9eXDpuebYCL94A-7yvj9gZvQMLdaZTkXiZJPvRtTSNjlghiYVRs-bPiHjpdF-XMtVgXqt6vopBN3vZ_5ICzDp6LXgqI-ap3bs18dt8YABYJH2sDBTKxonN37ege_kfucs76lsa3jkVcCEh2MxmkpugyzXO3C3VXP47Pq6DqOSUBpMMWs9yhih7eYl7jpUPg1tpw61VQw37qoGCjhfm94C-qzaLyLoz08sEa5UNvcKbaP7I1MQp9L1DKhEwHzxBF2fpgCRSWg46CzRXmsN-fCObKFX90dA87WiXkpIGY-xDiUUj56PTcfCXym2aykgGJTkii86ziMtWjzq1NDlMp_5VVAmBfUa6IJU2vWZN6au3SFW4pW8zKJj-elNinXv2nT-F6f_xRy2-K0QlX2T37CfvLgdfSsXseRd4BOyKu3Aa1-YnPcyFy93TReEi5oGc01lgffl2QVoWMzVy7RMUmOQdaGLOMt1kA39jKANOnEJhkqF9_Ks8PSDbkBKXad1YzvpVCWUDmJBI8q3HHyCNgYdo43ROKnJOIthAHtFAil5BmM-z2E7w04vp_qkxdKXdafQl0nbHVfaROc9ij-SCy0FpG2Sp8NdbmuxamNNmXQ06YXT5305_fTAnr8w4FVX76LKGWbEUDqnvbOZ2URjrBhjqh1pPiwKHs6jJh5ygnY_XuhwEFq846JvsaodJi5sBeA2Fn9-GNHDrPaOmVOaRKNv-G_BCFjudy5YfBITYS1HLNoCXiLUj5TlXpHt1NQpQR7UywmeXsBG8G-QTfs5155_MOqTy4cYj5XTgnGY9G4bykz9H10iSHrVd3TnaLN4KAdVdKY71JJwD8zS5HJwCQiOQK117akraIPCiWbbgohlSgWIokhZogzmiTdsOWH5uxD7ODOIFpQrW-eTvgvGF4rQao-2wyBF2niA_mVZ9RLKNYo6X5W82PUX7ARhd-E-r8Z8gHquRPNUWh5WiBxwaw_MzYqMiCh1ZIAyOFaMk5hFLfFAH9lW3yK2mjYMLYYzw&cid=CAASJ-RoY9u3A1NPZlQheBc5mC7XlJ-U4HxZcOtsj0IY7Z-7kGl1WdcTmA&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

036e538fe651334fa2925386ba286f5b947bab6a0c019590b447090331bc0e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9CC4 42 B
63 B 131ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B29ITYFW6O7C7lNqqQdBY-CQw_GVjGIfw9FWtfSbyH4_AuquEhSGnBs1O8jwbvwUAzT2qAM52End7ZgWpdI-y269NtT0NSDUzqWEnVORi28rTZUHI

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 9CC4 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:00:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CC4 142 KB
44 KB 200ms
133ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 9CC4 17 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:40:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9CC4 0
0 44ms
43ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlR67vTP-Bjsa0GjnlcPXsE4_BEsagQjomtz2RT1Ed8qiIxzz1kTVN-ISzKqthR4nSp1HiVfm304hCKoP9iqmC2NuC6g
Requested by: Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2C05 624 B
340 B 194ms
133ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUgqJXBoueEWR3vGx8H1H2EFbAA-u7i3BQi82LUwirgzLARc5Tl5f2RZyTHm1GoPgW9MfbTUsym6hFFXjv06ryhzQFnlHuDac78ru6i2ansy5yzOU1RVRKsL1ELZWkACy2OuJdl_2mxs-d11bcfqO1mygsaysoibLtX6uBNZB-u49rxir0

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7282 80 KB
34 KB 195ms
134ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHqPBU1TMsdpE0mFkShi4lCjejXxlcZIHZbrMnD9x1JMp_QTFUkaFBkj6VcixaYf5iW8CzoIXQ6rwFh1bou_yKiV1EqQ&cry=1&dbm_d=AKAmf-C6GGEWtWagWoefkkabDCxrANQDjlpWTHJD6DtOJCtUgmYAgsTxEdSklxgPd2PFZ7opCtQqk0oVgzocoHN58fd08jlnS5SxoNaXgKNS2GM4XvVqFYFBeto6aVoauoDov-IQz6Cu99_Q7HfVptIL6EkZ4sFwTnpGEIOuKRADiKRYCFV8d4FS08nGTd2fmH5P_PRYzMXnSZh8J6AiXJU24Gt8R0IEXRZdO75rZaSW1h2o5seu-jnnxGAm0bfkOfdJeiclzdEU1geE822vc1qHfz4LHsVCf437sOzK1eq6miCFLZ4nHvHSRwuJMC8eEvKDmOlxWSHCuVt6J3KqwBdIENTqjV-vIqNqlAO2r_MuDUoKHoC5Fk6-pZ42jcHyNuV_GsC5_S-0KPKWmNnFYDn-ieEtMI58p7uCzUXc92OCc8vqLV4FEbOE5rDGolwco371BsbyoWDahHYmGP6iqDBOR7X8SlEmrdbY3yL_7lF6k57KzC2nc1q1e7ECfSrNmccAdeL_egAsvH_1UOLHgcScO2F8mZIu_eWVoxb6PMnhGZzNollT3CIC_4_2sALJxcQV_SNnf6fjwvvp8qGp_zEyD9wQOU9NGOKkBmDGp0Fssi-BTNJWHhzLd6cVWZcG2ZxUjCM6KwTOugcJIhWkW-B2nv4XN1AEguqB8rI-SaJtDiO2jazYpBMjl7i7wis-98NfId8wgDjmrVBM5xNTGPHFHI97e5br5CrBBbGTRIxyb1uLGwo2jo_x4DURwrCH__nPDEK2wfm8MwRN4mQ3CgS7YIBev5ZSsDaVC3oXF4ihGRMVF7ec5XrubLap5qYbJEmSWMAyXG_fdVKK76FEGJeyAtvT9hu_9Lx3_Zqqf9yrA1f_fX3LBT9wivPM_KapJ0dj_LTD2JKB9y9PfwT_Z7PInrKWqJO0i-mYO0elpVWmCJDqZKSg6KD5ouEGAjxNSzv_ZwrDQAq-s6Q5eLl0GeawBtX5wCDCR_YPPb2YH4GZLwh-3M1xcYdKzgmQraarEUTblBS9gOd6YmNUEoMZhk4PidYy4NbTR3FIPb0M8jaKDt4qsmUvkXIvrf0xIp2Yvg0FsfCdTNypC2tY8-dSmDfBfMWlbfhRzKKPMz5gFrdvZfBco6Krdw2BF2gXpby8qvVzaqDEfRzsky92A48MnXzAGfejKft_zS_CUWFnSnG7f7tTfTjzAWa54V0quvnGkGR-k7iemFB1GfudieTLTHBaWMbgonV9DNYuiBXq5bNreRKeUJxo27-0aSPJKDr26bsECkjqiR7sm8LANsZE0YwMQgpuiGV8DVI2aOilbjzszRhUHezwGRuL3nd60g2rAYoP7VKL6xrqCIJcz7DsCgv0EMw4D2-aQdetMAMiKwXenta8u13yAxH8Q6s6tOzaC2PzAm8yREDGmmWWWtwkswargbX1h5P1U_PA-nyw30m6us6SQ_89DCTYlwZoqYzmSz3n-LNLjwmanQk_h-Nh8Sj1FJs1n9zeeWYYCyAjhz2ItKefvRYUqyg1XW8cQQFtcJ6x0YaHGJ8jI7YRbKnN82CIShD5sn-i2hjI-lHANWUvGFJdgWRdmaV7IGH7xT26SA3n50BDs9r_uK6LaYwhxssW0J-2Y-iglmJmWsOdIKvd9beoixdk0eeyjoFfjNdN2t-S7F3Lmfuuj4HhqRAymjBKoCpcEMxl1SGjn0j8Y38bxN8em9rYwcZVWTZUhcLL79lDdAAFzJAA2lPqWEbgUbwPcxLKcnzJ2Ih8c5FMzh6plfvn__3Y9-1R8nXZWq2urti4zjP9MwZfBJleVOgTxytIuWi8wx3_8cUfJXeBt_NWz54qqth1DEDv_ybYMLl7JQgEMjJ61gHqW9jSbqgGrvardgyIsE1eznVP7nJaZ1J_6NKX3Jp6f7QQbdNnQvm8OMnAtCl1u-kpvd5k0SwA8zRvYbYS3JFmuL0Yq_L0-JrZbzcNjlxYES0WIn-_rbCj1z286mtG1f2IN9bo74dBY-EGBj13TxLYIvSvC_VueFT0AJSnxxGvtD3HTWUmnN20Muj4dvkQgDCG6QD9LBlxbalblobmY6iD5MHGfK8-U274fLd1WkMQBoytw13zXmWmBex26YpugW9i8KPu88hn7JjAjjCLOHnHzgNzlczAk7NZWALGrW54y76BPfUXjbg3YOB3nzj3VpZWG4C7WWmevJCV2XOdCghlVAghz9dBOUd6AjxdH3VeJClV_dXB_KvtPpCfYy5fWTWmAtm5uqc2mubPdkI-kkvCwoTj5BnoXTNpdVAl3gwNisuhd9hhsoJhsXaoDyjombfobD0o6vfbaiArGYD1kvgihW2CRAf8bAIvPLqb9ZPDC5cb5BA5pPqAhHYFZOe2gc4YTrSTIL0R_UuiuBdl5SR99CfXqQx0XMgf-Iqqs1cRKCKtyWj2fRkHQHpicrisDeK-Fl-_8fDtpcCkbKdkB_kMmOmUhiN0XiFLkMLbPoFm6NM0fAD-e7zbc8gpE1Y7wJ7v5Sn9MQgDP5rtraAkRykZKAh-ibWuL5CmAaUjJxNFpuU7GJeglGsO0dG-t6yBQIjJni95UOx2F3SJYTyTlZIRLwyU8TAtbJtNorqEvNZ-tiy1yGJ_FAb_3GHE-4X7dMsWNjUd5cqeyTya2LFsAwRZIBEZjqD-l4RL6XfqHqxI8KoFg0mcX_zB27QA2tfCwQE9Vlq88yD635DQJ_O16WU5Z2Sy_E8IotyEjmlzVUFjBC7MyALjjY0rWWTD21aJdYhwaNAa0T5nf6E3el3kwGROzAvzE9oLShd8lholnpzmS-af_X6hy2k_WhqyoAj3QmssbjebXMIOueZ38rG9qQq7P0ck-e2lVze_1AXnmr9RwldsoyJa_DBgYnOnNLJ0XmFpv2AzHq9VwNHQyYi1C-lYgZMUgo6E_bwefFnK8VTLvUdaclXlp8arQxyk97HVAp9JEor0jDfGy1GfWWMtebdI7AEzA933wu2WvYfs2renfyetMp723WJOcTEKcQFiF8jW5hV31pPmSY4Gbo93KKZejz67vgmZNH7vleC7sWFJ5dRRkLtXNPnAG5akU-6620-W8bCd_hSCqpDVkAsS8r4Aym3GmDKa9uAVeQ6zebTJKES8zUSGAFh2UiCwCjFgTmpBoTGxx7Gz0fcbn4eU50hpvPaCIQvbFwn6yH0jtPyOwVRJLmalfuYoEiWvY_g89zevMHHuJ2lHOhZielZtN2msQxePc5yPWCM7LgzbfwQEFUfGnrXNskp3ChR5V2VjZzMGCzB55EqRwxR1_ixg_HIuCA&cid=CAASJ-Ro3lk9CnLsAq351JP3dqm7OrWaSBz4nrwW82y-VYV_bf1dBtX4YQ&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068a432eb7bcaee1a94382700f9d2999611c819e9e61bacbf4acb47bcd94c822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34618
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7282 42 B
63 B 128ms
74ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcECA_JMD8bIdjrkT86SpVzNZYCPeCVgiNETx46oYBE50otAYedLVVRwsSqwPLavD7yWZMr83zEoot29FY-9Iqy6MO4KfQGKffZfhshdMbIYyhq0Q

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 7282 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:00:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7282 142 KB
44 KB 166ms
104ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 7282 17 KB
7 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 06:40:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7282 0
0 44ms
44ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv_kg-6SyxnuweRn7eh_4yGxQYZW__-8qrNr76wv3k7ZYfXcbppgLfi1Hq17ImCoRHFNqjHlVAhhJeoj6qYYoSNzQWLg
Requested by: Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0D8 0
0 84ms
71ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090101&jk=4226214640806927&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5394
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

52ms
52ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

date: Wed, 07 Sep 2022 07:33:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CAFA 36 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 44D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

43 B
843 B

41ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNWMVH4oztEvVig_3y1ljqghJyvK-qMEiAw0n6gitTJy_VuVCPtw9aOS77S1_kr_SGQEy6NN-w90lOTb5D_o_yP2iJY1X9jpiUxUDKn-GM-G9_lSLCqshIrJ2ekhn_FEuE4CytsPANZ6GImgfN0SYQ_NWLK6qf99F-Bi_5PdDPAGxTmEZ6w
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc2121852994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dihduhoIqKdBTsLmOIvBNfOb%2ByIX%2FGbwrvQc7GuWoJvEIg9NCko99HwBS3EVuN4r31cnJhL7QUsuci3S%2BTm2mKQcaFdmscskvy0Pg5P753T5G57m1OVsFnYRA4TjVhkoBgBy4w%2FnSEvRKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 44D7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

43 B
844 B

31ms
30ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNWMVH4oztEvVig_3y1ljqghJyvK-qMEiAw0n6gitTJy_VuVCPtw9aOS77S1_kr_SGQEy6NN-w90lOTb5D_o_yP2iJY1X9jpiUxUDKn-GM-G9_lSLCqshIrJ2ekhn_FEuE4CytsPANZ6GImgfN0SYQ_NWLK6qf99F-Bi_5PdDPAGxTmEZ6w
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc212c917994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tbco5ZvzTKxL1Drseu0sHalHK3qmgQj9ZPmPZGGlYFTvnxGad8%2BIhrF35FYDfrSmfiHI1nL%2BbuO04rJt3OiEzWnlbW4Q9%2F7SUGI61CCC9P5U%2BZqKFydaL28YNGIo6WZT2trpbWxyTyoBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 44D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

43 B
1020 B

8ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNWMVH4oztEvVig_3y1ljqghJyvK-qMEiAw0n6gitTJy_VuVCPtw9aOS77S1_kr_SGQEy6NN-w90lOTb5D_o_yP2iJY1X9jpiUxUDKn-GM-G9_lSLCqshIrJ2ekhn_FEuE4CytsPANZ6GImgfN0SYQ_NWLK6qf99F-Bi_5PdDPAGxTmEZ6w

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0f9c608f-0e95-4de6-aa44-2bd6d5b48531
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44D7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

170 B
188 B

91ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c1e610a4-9094-451a-9593-38d20ba066cb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EEBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

43 B
842 B

28ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXLPuh1w7RtNjQHpb2ZO5-b-IL_WwoYbRkoTWc4-g-1L4Z_pXQwN1BdQ23-lWc208p-fxjctGjOry8C_cQ-t1znLbU9wAj1ejkx3QsWTcvP6LSujnPj-fl9xpxrxlnOMAtsqN9-o5V2ZTlRLi-g_M73pAgLZcjGK4YE6kD0muXx8QIPHS8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc2121850994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DL03wA2NRqja8cWiGQds%2FXqPbEu3a1Pi38mHr2pY1U2cm4IC5lPZezzJ7LRW0RGawrmUKwPXUC1BBCE1D2wlY0DrQAqJ6JjVoZbcATtsJ%2FfnlMZZucnkbnD7QnYIYUCEYaui34vK6QE%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EEBF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

43 B
842 B

35ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXLPuh1w7RtNjQHpb2ZO5-b-IL_WwoYbRkoTWc4-g-1L4Z_pXQwN1BdQ23-lWc208p-fxjctGjOry8C_cQ-t1znLbU9wAj1ejkx3QsWTcvP6LSujnPj-fl9xpxrxlnOMAtsqN9-o5V2ZTlRLi-g_M73pAgLZcjGK4YE6kD0muXx8QIPHS8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc212c912994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5xML7pOBmQjzsivdFWKLQ0T9jI1gGJj61PAg5ILKWfpoKUB3Jv8wgmEtcbM%2Fjr9Ab0ut9nPAC0yZAAztjWev0J3Kuy8VBSFgP0Md%2BQzWQKqJZwiZDlLr51NjBGjsWnRErn5gTKqav7X1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EEBF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

43 B
1020 B

20ms
19ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXLPuh1w7RtNjQHpb2ZO5-b-IL_WwoYbRkoTWc4-g-1L4Z_pXQwN1BdQ23-lWc208p-fxjctGjOry8C_cQ-t1znLbU9wAj1ejkx3QsWTcvP6LSujnPj-fl9xpxrxlnOMAtsqN9-o5V2ZTlRLi-g_M73pAgLZcjGK4YE6kD0muXx8QIPHS8

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c5f097ae-f146-4f8f-a50b-b6728bbb6e04
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EEBF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

170 B
232 B

70ms
70ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 399b5677-a091-43f9-9f31-c5c3da8ef302
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 03FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

43 B
848 B

28ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXzMzXXqaLwStTPVdXvqEQm9GPk8LQLwBN7pm3H2yit1-qzzNOyxkm2pU2LWFqlSCl8H99PwnUdgxVwGcsnPlxt1KsFimQKWt89DTbbaDPYMTXI9qtpDF8CXLGVb7iZIiKzAAhyYyjaI0LN1S2TKEHjlbB382QHYbchwVTMSekWK97XC0U
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc2121855994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnWURIp1%2FlU48WCTU%2FNoEBk%2BbPHSmM0MvCW%2B8u9zORoTZXI6ZGGzpxp3PtEo8rY5F1fPDDBSnMe%2Bn8kDysy%2BUhxbVEAleOy3xaj5u1KDN2eGCytr2tZD6jxKWnid3g4wueGTDWuJ9Y75tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 03FB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

43 B
843 B

38ms
37ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXzMzXXqaLwStTPVdXvqEQm9GPk8LQLwBN7pm3H2yit1-qzzNOyxkm2pU2LWFqlSCl8H99PwnUdgxVwGcsnPlxt1KsFimQKWt89DTbbaDPYMTXI9qtpDF8CXLGVb7iZIiKzAAhyYyjaI0LN1S2TKEHjlbB382QHYbchwVTMSekWK97XC0U
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc212c910994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az1kCfxsZ0vJdxu7aIzxaVnoEDeStK6a7T3Ulpog14bsSFbwpFVsoqUDcKihrSYhxl5REROaGtUUHJims0hT%2FfWEu2MEKKqDmz0PULP%2FbvlMRxHKrxg3%2FNbftp2%2BgsvWW5Ajv01kZWgB1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 03FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

43 B
1020 B

51ms
50ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNXzMzXXqaLwStTPVdXvqEQm9GPk8LQLwBN7pm3H2yit1-qzzNOyxkm2pU2LWFqlSCl8H99PwnUdgxVwGcsnPlxt1KsFimQKWt89DTbbaDPYMTXI9qtpDF8CXLGVb7iZIiKzAAhyYyjaI0LN1S2TKEHjlbB382QHYbchwVTMSekWK97XC0U

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff39a5bf-f963-4b41-b719-d383fc38577b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 03FB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

170 B
232 B

69ms
69ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b1b1c07c-3741-4520-b301-1d0018b96f73
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3691
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

43 B
845 B

30ms
29ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNU5Hsi-sEYQKt16fz21TDdzAENYbNjQrdouSsImiP-0p6kRJpAxntLcDnl6SWNCyoALZDQ6vBHMdVxDwgwA54KeV3NEZeilAkH3L8rkDvFbJ4ID5VtbfnZRvkDpA2KXxhfrJEX0Hwb37qgc5xX5_k6VhUD_tHWjiJIYOyVyxJlCIc4PEVI
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc2121856994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UcODvoMPZFzv32OLbI%2BegQ6%2Fh0xyQM9XdShOD3Ii%2BJi7vZ3Fm1MWEDWFuzVSqEHRxDUL0CJCeqZiNHAJvN3KHfL5o8jg3fdQPPJm2b41z2eIS1ZzJDpvrOxvEXQU8hgXXIfAjnr1JKXlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3691
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWd496lHOAZx6T..ItgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2

43 B
845 B

29ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNU5Hsi-sEYQKt16fz21TDdzAENYbNjQrdouSsImiP-0p6kRJpAxntLcDnl6SWNCyoALZDQ6vBHMdVxDwgwA54KeV3NEZeilAkH3L8rkDvFbJ4ID5VtbfnZRvkDpA2KXxhfrJEX0Hwb37qgc5xX5_k6VhUD_tHWjiJIYOyVyxJlCIc4PEVI
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc212b90c994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRxWIfiNg1nApfndDbce%2Bro6DbGzMejpIt%2Be6btRKIwm%2FTA3Z2M9EnbsFukb0Z9P%2FtAjgDW12k1LTo%2FRUQFxyY%2BauD3DW45wGeRBFzeilxz9bE0HShXoOtTmUsAwjWsclLJnrtGnB8wlsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3691
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

43 B
1020 B

8ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjZ1rzGATAB&v=APEucNU5Hsi-sEYQKt16fz21TDdzAENYbNjQrdouSsImiP-0p6kRJpAxntLcDnl6SWNCyoALZDQ6vBHMdVxDwgwA54KeV3NEZeilAkH3L8rkDvFbJ4ID5VtbfnZRvkDpA2KXxhfrJEX0Hwb37qgc5xX5_k6VhUD_tHWjiJIYOyVyxJlCIc4PEVI

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e7bb7f6-c49c-453f-bf4e-a774ff18c940
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3691
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

170 B
232 B

71ms
71ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 46883d2b-f967-4065-ace1-d04a466fc4b0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9CC4 106 KB
37 KB 191ms
83ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Origin: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 9CC4 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYeL4_WYLiLFhFUatwNhOFlQuuDMQnT8bFfz1kwjOls273YqlCKiFkyN-G44prIb7fbpSkBvW9UvoCJG2MTlTXxqYEsw&cry=1&dbm_d=AKAmf-ARAsgXLlQa7uNmhwl6xAo9YKR8r6I9ivyttga3noRIhgcxsB8f8J5fDVDY-bO4MvFz5z3aolmzySwcgsFhKbkgAYeGt2plLq76ft78VXaDhwouvmYgC7QpjCUyYh78P0d2LHu8mKe6D5SC8uUoV2aY5jimnAxXyMK6bBr-BMVWQLTqrYuFI2y7cohJqIDIHuPXN94QuO8t324WyGzp2L27H-jlrRWAX1sNYeSBd0FSO3IYdVUWJ1bP9ZYb1PrrGetRMWoiWHdWaXht73lfYpERGApYKWITRpE7tN5yUbDKOR2rYms5S1T6QGLvdd7xjlzL3Lc7TfQAdZHv3HDcO-kSjx_DWkbkdElN3CiWEQgR9ADiFXBoOT3MlWLCGItwkeRapAR2zyPOu_NYoS5b_V3Ye7MbsKffnJnF_begHkTKf2z6Ciq9t3I5_k7OU2DDqbjMYNjbBhAVPaGaHs94gjaXSjsbLLSO2E1YB8y3TEmaS2BXM-rFj3Es6u6jnzkIotGkISHQ0vmrPRZLtKP9obSo-wvTq4809MQjL2i_HIIV06J-0hv-sf_PhROe8tp-08hKNHriS7nEn_IkZDz66BOh7qkjRUfClNLdm6BZzNZJld_CghRbnPAWtQv7db4Vnl_hwfxSDifvS1-ldNEiDfx21aNiTSnaFwyrs0C2AXI-rLGgWANXFnqyH7G6Ow9DtyagI1KRh_r5Us5TWYpO-uS4ozU5nuElhaerkUrHuegJ6BhX5My_Q6-4G9KlnI2emvXdDm0T29VcJcehSa0qR4ngU5UlNIavQdg85RqPFHbHIlx9Go5uxkbfTn6ZI0UMctNs_UQZUE03Ds1xmF2CrzJj0bNNbg8G3JxNrT_nXB6k-1kwfs7blwEQ_w7PqZ8LNM75CT8xnhZjzLniKRdsuck9TIovC_P5flnoQzj_7u6w_QE-cyfUu3GXa3J6yQZeeVgxe7HEZ0mR01a_4hWGzcPa3naTAYHbjCBbuKkkAvWbxMSTzHeKBsW_1O1XhT1Gy7diT8EXyvGuYMaOJBq433u0WEkPFskHbGGF3K6QueY-xscZA6HOQqSiRZDfgQOO3qlzTqefX6VZs5SvTH2RhZpk42aSBHk6fq7smB9mNTnCcfugW2wgh3AfeB1yeWsYfyetq4V-cyqKqholYFjRqXRjNUu8u9ZfXHzG0ZAsFmVAzY8efisx0Xwm9k1a08XwZAVA_4r76a7Q-yLUTCel1XuI9hW9IYOj-0LKq8BS8BpQYYVFY-aMvwbEFdPBG8UKMIbTBTXmxcBXhcDesDCbzpnru8EV2BLctn2dK4P_ZGvZ7xLz2Yp58UPN4PMvKcp3yfen7yTqqy9bDk1LbNhBZS9ynvRaHiKy1sO-1xLT8PgwSBsJ6Ay3XwP53uUgv_uMOGquPvAvPJZESPN7v0n8JHEZJZJAnfxLG03hYfPkGIr_GJB-d4uvqNxhrmbULuyMpdleZONkicdOuCq4ZLJ2IrjvlIi-H7UkvLBMpg_V3ayFXVLr01shc3rSsT5N2z3sVFCOmhFhSZ0Kl1qsnfvyh5zfTkmpSqNhSt9qfKBeaG55SqwV_SQy9ApaW6P-9D4QbO4PU1-5Pn7fxY8R2_sfaDLkBwL7pWxUiKPRinHXBqoHnRzKLTpa_OxFSQciQKQGhlTLKnUE5HiuG5eUNJVMjPBOiLfMgOVwg3eHX3bt9nxj8VaOnI77_gAc4zw9uhYDJ3rrb-BqCz9SU6V1FB-ByBg6ZBlDSkUNz2ektRNJRZZoYEPi31D7bFHefwGWKidpm4epYdFksK0yixLdJgKo6dB49_OYSWO_Q-lLVDdx-X5sA5GgDTheMr9HAxykLKYhyIM--RmVI8rq0MR1e-yzq_uMhrpmG8BvpE5dA28cthXTyGP7egLojqafcOvbQTnS1LPXNWSVFfzoV9tizVojjLhpQgwiVa73ocug28GIjHJ0YvF6Cm1l1Y5x2BheTQKOHSGgplfzihVGOcIMtve0LkEp54ZN2V_1_gbM8TyYfTmru4DC93vMDVk5qLWyetNv66R_zNrdgXhEAiZNvj6LCNSMp67xoUyGVogiMC7ZOhuf2jynzo4TDVfEd-b1fcyS9Vi32Off587HPDlK1Fr2wIqYVZny4rbpnyuu1Z0eZ6FaWmxHYLOiR1CcHaelNuMZKvJ84RdMYQusdXasg8fFvXxB4yG1Xddl7pPNBpJ5AyzOKkovFPzb7PTxb2V3A4S9fKD4EH9eg2ahmIzRwODfHL7YhX2tbxcy9eXDpuebYCL94A-7yvj9gZvQMLdaZTkXiZJPvRtTSNjlghiYVRs-bPiHjpdF-XMtVgXqt6vopBN3vZ_5ICzDp6LXgqI-ap3bs18dt8YABYJH2sDBTKxonN37ege_kfucs76lsa3jkVcCEh2MxmkpugyzXO3C3VXP47Pq6DqOSUBpMMWs9yhih7eYl7jpUPg1tpw61VQw37qoGCjhfm94C-qzaLyLoz08sEa5UNvcKbaP7I1MQp9L1DKhEwHzxBF2fpgCRSWg46CzRXmsN-fCObKFX90dA87WiXkpIGY-xDiUUj56PTcfCXym2aykgGJTkii86ziMtWjzq1NDlMp_5VVAmBfUa6IJU2vWZN6au3SFW4pW8zKJj-elNinXv2nT-F6f_xRy2-K0QlX2T37CfvLgdfSsXseRd4BOyKu3Aa1-YnPcyFy93TReEi5oGc01lgffl2QVoWMzVy7RMUmOQdaGLOMt1kA39jKANOnEJhkqF9_Ks8PSDbkBKXad1YzvpVCWUDmJBI8q3HHyCNgYdo43ROKnJOIthAHtFAil5BmM-z2E7w04vp_qkxdKXdafQl0nbHVfaROc9ij-SCy0FpG2Sp8NdbmuxamNNmXQ06YXT5305_fTAnr8w4FVX76LKGWbEUDqnvbOZ2URjrBhjqh1pPiwKHs6jJh5ygnY_XuhwEFq846JvsaodJi5sBeA2Fn9-GNHDrPaOmVOaRKNv-G_BCFjudy5YfBITYS1HLNoCXiLUj5TlXpHt1NQpQR7UywmeXsBG8G-QTfs5155_MOqTy4cYj5XTgnGY9G4bykz9H10iSHrVd3TnaLN4KAdVdKY71JJwD8zS5HJwCQiOQK117akraIPCiWbbgohlSgWIokhZogzmiTdsOWH5uxD7ODOIFpQrW-eTvgvGF4rQao-2wyBF2niA_mVZ9RLKNYo6X5W82PUX7ARhd-E-r8Z8gHquRPNUWh5WiBxwaw_MzYqMiCh1ZIAyOFaMk5hFLfFAH9lW3yK2mjYMLYYzw&cid=CAASJ-RoY9u3A1NPZlQheBc5mC7XlJ-U4HxZcOtsj0IY7Z-7kGl1WdcTmA&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:24:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 9CC4 30 KB
12 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:17:08 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2C05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

43 B
848 B

45ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUgqJXBoueEWR3vGx8H1H2EFbAA-u7i3BQi82LUwirgzLARc5Tl5f2RZyTHm1GoPgW9MfbTUsym6hFFXjv06ryhzQFnlHuDac78ru6i2ansy5yzOU1RVRKsL1ELZWkACy2OuJdl_2mxs-d11bcfqO1mygsaysoibLtX6uBNZB-u49rxir0
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc2122863994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lb3bZBJr07X9IRsYpsPUE%2FGdQ8ptLwlM7AQSXxjNb70SaF1%2FiIGSYENkVKco2VaHBHZRcGbCJ9Vu0d8NA6A6Sg2xN9C7f6ByfaLKIt%2FggADRSd%2BQvvDBRxJu1XwQJ%2Bf4wVgxEq5gU%2BFviQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2C05
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxhJWUE9uXl3NMNvRDYPpwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1

43 B
842 B

30ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUgqJXBoueEWR3vGx8H1H2EFbAA-u7i3BQi82LUwirgzLARc5Tl5f2RZyTHm1GoPgW9MfbTUsym6hFFXjv06ryhzQFnlHuDac78ru6i2ansy5yzOU1RVRKsL1ELZWkACy2OuJdl_2mxs-d11bcfqO1mygsaysoibLtX6uBNZB-u49rxir0
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 746dc212c911994a-FRA
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fp7QTw7KtPpU0a9MO0RsMXxNvnM3TjetuwS4aiiyqrn%2BpGRVy9JInxs1v1I88L3mNnT4Ed4C6867ccDMG8hS61OmEtB9oYzcqVPRDoR4kKt4TLKyWkAXFbL%2BHZ1sveSTxTioY56Lga2JQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFdo9an4H3Nro2h18J8TCKY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2C05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

43 B
1020 B

7ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUgqJXBoueEWR3vGx8H1H2EFbAA-u7i3BQi82LUwirgzLARc5Tl5f2RZyTHm1GoPgW9MfbTUsym6hFFXjv06ryhzQFnlHuDac78ru6i2ansy5yzOU1RVRKsL1ELZWkACy2OuJdl_2mxs-d11bcfqO1mygsaysoibLtX6uBNZB-u49rxir0

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8918e06a-53cd-4384-9231-d10e54904340
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKgcbQmnevg4KmIWmSbi6s8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2C05
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

170 B
243 B

49ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Sep 2022 07:33:45 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4cf38c8a-5651-4d14-b94a-e20177964fae
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM4NDExNDg0NDMwMTU5NzgxNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7282 106 KB
37 KB 217ms
142ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Origin: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85369
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 7282 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHqPBU1TMsdpE0mFkShi4lCjejXxlcZIHZbrMnD9x1JMp_QTFUkaFBkj6VcixaYf5iW8CzoIXQ6rwFh1bou_yKiV1EqQ&cry=1&dbm_d=AKAmf-C6GGEWtWagWoefkkabDCxrANQDjlpWTHJD6DtOJCtUgmYAgsTxEdSklxgPd2PFZ7opCtQqk0oVgzocoHN58fd08jlnS5SxoNaXgKNS2GM4XvVqFYFBeto6aVoauoDov-IQz6Cu99_Q7HfVptIL6EkZ4sFwTnpGEIOuKRADiKRYCFV8d4FS08nGTd2fmH5P_PRYzMXnSZh8J6AiXJU24Gt8R0IEXRZdO75rZaSW1h2o5seu-jnnxGAm0bfkOfdJeiclzdEU1geE822vc1qHfz4LHsVCf437sOzK1eq6miCFLZ4nHvHSRwuJMC8eEvKDmOlxWSHCuVt6J3KqwBdIENTqjV-vIqNqlAO2r_MuDUoKHoC5Fk6-pZ42jcHyNuV_GsC5_S-0KPKWmNnFYDn-ieEtMI58p7uCzUXc92OCc8vqLV4FEbOE5rDGolwco371BsbyoWDahHYmGP6iqDBOR7X8SlEmrdbY3yL_7lF6k57KzC2nc1q1e7ECfSrNmccAdeL_egAsvH_1UOLHgcScO2F8mZIu_eWVoxb6PMnhGZzNollT3CIC_4_2sALJxcQV_SNnf6fjwvvp8qGp_zEyD9wQOU9NGOKkBmDGp0Fssi-BTNJWHhzLd6cVWZcG2ZxUjCM6KwTOugcJIhWkW-B2nv4XN1AEguqB8rI-SaJtDiO2jazYpBMjl7i7wis-98NfId8wgDjmrVBM5xNTGPHFHI97e5br5CrBBbGTRIxyb1uLGwo2jo_x4DURwrCH__nPDEK2wfm8MwRN4mQ3CgS7YIBev5ZSsDaVC3oXF4ihGRMVF7ec5XrubLap5qYbJEmSWMAyXG_fdVKK76FEGJeyAtvT9hu_9Lx3_Zqqf9yrA1f_fX3LBT9wivPM_KapJ0dj_LTD2JKB9y9PfwT_Z7PInrKWqJO0i-mYO0elpVWmCJDqZKSg6KD5ouEGAjxNSzv_ZwrDQAq-s6Q5eLl0GeawBtX5wCDCR_YPPb2YH4GZLwh-3M1xcYdKzgmQraarEUTblBS9gOd6YmNUEoMZhk4PidYy4NbTR3FIPb0M8jaKDt4qsmUvkXIvrf0xIp2Yvg0FsfCdTNypC2tY8-dSmDfBfMWlbfhRzKKPMz5gFrdvZfBco6Krdw2BF2gXpby8qvVzaqDEfRzsky92A48MnXzAGfejKft_zS_CUWFnSnG7f7tTfTjzAWa54V0quvnGkGR-k7iemFB1GfudieTLTHBaWMbgonV9DNYuiBXq5bNreRKeUJxo27-0aSPJKDr26bsECkjqiR7sm8LANsZE0YwMQgpuiGV8DVI2aOilbjzszRhUHezwGRuL3nd60g2rAYoP7VKL6xrqCIJcz7DsCgv0EMw4D2-aQdetMAMiKwXenta8u13yAxH8Q6s6tOzaC2PzAm8yREDGmmWWWtwkswargbX1h5P1U_PA-nyw30m6us6SQ_89DCTYlwZoqYzmSz3n-LNLjwmanQk_h-Nh8Sj1FJs1n9zeeWYYCyAjhz2ItKefvRYUqyg1XW8cQQFtcJ6x0YaHGJ8jI7YRbKnN82CIShD5sn-i2hjI-lHANWUvGFJdgWRdmaV7IGH7xT26SA3n50BDs9r_uK6LaYwhxssW0J-2Y-iglmJmWsOdIKvd9beoixdk0eeyjoFfjNdN2t-S7F3Lmfuuj4HhqRAymjBKoCpcEMxl1SGjn0j8Y38bxN8em9rYwcZVWTZUhcLL79lDdAAFzJAA2lPqWEbgUbwPcxLKcnzJ2Ih8c5FMzh6plfvn__3Y9-1R8nXZWq2urti4zjP9MwZfBJleVOgTxytIuWi8wx3_8cUfJXeBt_NWz54qqth1DEDv_ybYMLl7JQgEMjJ61gHqW9jSbqgGrvardgyIsE1eznVP7nJaZ1J_6NKX3Jp6f7QQbdNnQvm8OMnAtCl1u-kpvd5k0SwA8zRvYbYS3JFmuL0Yq_L0-JrZbzcNjlxYES0WIn-_rbCj1z286mtG1f2IN9bo74dBY-EGBj13TxLYIvSvC_VueFT0AJSnxxGvtD3HTWUmnN20Muj4dvkQgDCG6QD9LBlxbalblobmY6iD5MHGfK8-U274fLd1WkMQBoytw13zXmWmBex26YpugW9i8KPu88hn7JjAjjCLOHnHzgNzlczAk7NZWALGrW54y76BPfUXjbg3YOB3nzj3VpZWG4C7WWmevJCV2XOdCghlVAghz9dBOUd6AjxdH3VeJClV_dXB_KvtPpCfYy5fWTWmAtm5uqc2mubPdkI-kkvCwoTj5BnoXTNpdVAl3gwNisuhd9hhsoJhsXaoDyjombfobD0o6vfbaiArGYD1kvgihW2CRAf8bAIvPLqb9ZPDC5cb5BA5pPqAhHYFZOe2gc4YTrSTIL0R_UuiuBdl5SR99CfXqQx0XMgf-Iqqs1cRKCKtyWj2fRkHQHpicrisDeK-Fl-_8fDtpcCkbKdkB_kMmOmUhiN0XiFLkMLbPoFm6NM0fAD-e7zbc8gpE1Y7wJ7v5Sn9MQgDP5rtraAkRykZKAh-ibWuL5CmAaUjJxNFpuU7GJeglGsO0dG-t6yBQIjJni95UOx2F3SJYTyTlZIRLwyU8TAtbJtNorqEvNZ-tiy1yGJ_FAb_3GHE-4X7dMsWNjUd5cqeyTya2LFsAwRZIBEZjqD-l4RL6XfqHqxI8KoFg0mcX_zB27QA2tfCwQE9Vlq88yD635DQJ_O16WU5Z2Sy_E8IotyEjmlzVUFjBC7MyALjjY0rWWTD21aJdYhwaNAa0T5nf6E3el3kwGROzAvzE9oLShd8lholnpzmS-af_X6hy2k_WhqyoAj3QmssbjebXMIOueZ38rG9qQq7P0ck-e2lVze_1AXnmr9RwldsoyJa_DBgYnOnNLJ0XmFpv2AzHq9VwNHQyYi1C-lYgZMUgo6E_bwefFnK8VTLvUdaclXlp8arQxyk97HVAp9JEor0jDfGy1GfWWMtebdI7AEzA933wu2WvYfs2renfyetMp723WJOcTEKcQFiF8jW5hV31pPmSY4Gbo93KKZejz67vgmZNH7vleC7sWFJ5dRRkLtXNPnAG5akU-6620-W8bCd_hSCqpDVkAsS8r4Aym3GmDKa9uAVeQ6zebTJKES8zUSGAFh2UiCwCjFgTmpBoTGxx7Gz0fcbn4eU50hpvPaCIQvbFwn6yH0jtPyOwVRJLmalfuYoEiWvY_g89zevMHHuJ2lHOhZielZtN2msQxePc5yPWCM7LgzbfwQEFUfGnrXNskp3ChR5V2VjZzMGCzB55EqRwxR1_ixg_HIuCA&cid=CAASJ-Ro3lk9CnLsAq351JP3dqm7OrWaSBz4nrwW82y-VYV_bf1dBtX4YQ&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:24:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 7282 30 KB
12 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:17:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CAFA 0
10 B 41ms
39ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d9hDqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame EC24 170 KB
59 KB 160ms
107ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Origin: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame EC24 8 KB
3 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZKZXiYJo9Odjv-L2DvHi9rZ9RfEIoeAmZrLLms0Hn19kaOeQf8XQVRvkm2gHURZjFT4vIQVZn_hOs8JDmTsEI3AOl_j_z8a0vpTamHghyOiOoFObHBVMcU5srz0wXKi0GVL_bdr-ULEhXXEZo-JUssgTXVQ&dbm_d=AKAmf-DpEg5oZnYnSd4CFJ1oT3fkbVvoo-PC5mTwXeox76YXXM57JMuPf_WVUDPD-42Nc4j9SWZedRMT5Il6-d3fC_OecdVv0YxeMNUjRpwXDb9omJrXd1MmqSBdAul-xEx083NreyD2FzAODyfbd2AZ2lKdCEq5UHPZr_MxWLRmr1wo7P_Q8kfLgRT1ba_28h72CrUcOJtqFmWl1ZWEw0pVX-5RB7sSz6RhBr95i9v2Rm820Ytg4WurVrYM43AgjBFMhYjdwJrWxqRZoRO4VVbBfSQdscDa_Kv6n25mK4usyCrsQVICdSIcFYD3RuWS7VXpDMdyUpcRgNdqnQvDg9_jcsVP_g77QXFz3OAL8sC3ezASQgWhCwKvcUXMnXMaQD1Id7U9sbtz4HXRLSQ9uGnKxo8ctBIV4Hbws2u01_MC1w9T7srHved2ok0v7C41YBuRKwlpP7-vdCZ_7L3SXAcJGh4w6wF9XN3NtHuLCIOOs9T3rCf6mR8GbxUvWtg-HcyxMO8VUDhXzMDZ8BTo1VdFMkd2MpgeZILCNfpduw6aSZWH-7aMJO72OtR0hyJqAAqDVyIzaZeLhXcoZM6RECuhxxJTJKFyFWJoh30xyehE2wH3BsZIaNS1EXrfSrGmKHth3bQ-R-XDCysyV6pKndgwCpPneOxl-GjWFcLtcmk0xyd2LpBAn65hC9dITUoPfRL7QzVg6z1aoo8HDBd4WG4NRo4hE-kvKO3bc66WsJQ_LKEcVyREbACH7yppbtPuM49836WeMYm9YNlYuqqXnvy02_ANG6yj0V10yvBIdWSeT8cRU9q4QL9Dw8uVApE7W6WNPB_upvlPlIYT-DEKCEA-v5gaJJlnIoQ3EinuaKO9iCrSt4lD5Kw4wxkUTINyW3ttHqLeruGd5I0oewAyNweRpiHdt_BvtKTHy-Fonjj3IRYL3w8TQ66NmeZmSu1kleJg2fIYynWxKNCsYZQByJxCypNHfq6lOB9RbrP6XxvqBLazZbvYCkxl4kvVOtEhvw5uj0tFWdD_b92QthOxAqP7dJ8rwjB9h2mcNHtavVcK6OiHCBH6-x9zL5po9_U2VefVf2PuWAFIIrFZ6_1j4AQwreXwKh8av5hjPu93-SDMP8Es0oSSdqvmxdFjgnnDToDq6ABaOD-ONbaBeuDM2DeeVTzC_iuwDsxXz7uzt-eIT9t1-zqHHsySFgl8FEdrke7e0UNYOXdyIdeYn713pFofuFrhWoYDvuCrBhJBbFudLFJ_-G7XE4KNg4BoqC1HbZUP30isTdxGcAdIH4Rqxs7trEtHVpcfAKlIO-fLr-T_EpvA9Pf-z9TZOzqNL2oCybTEMjPVI0FbpEobtRLnoVTpIL1tjy_XHv0IFwuSQltBPOCcsyg7tMf3QlzUtEmQeFQD8Annd5YHuER7YdWLtN04OCPg_ptwaampnpwRdb_W8wUpOL_3QzZWnHxDRY38GdG8nmFB3M22JCwhS6IbLFDE18deR_K7kVDYo6Y70or4MNy8h5rDJ2meFc1PmVrdB8Q1d185AL7kjgfcMWoy8l-6jr4yEGO5tabWpNXoyKg0FfgjQA6j6ri8T8w5I6KZ0Fq6t2MuGUaRVZe2EZDMAdOJlh33qON0S9ktaS0KaOJt1JpzG9DDdLI6LBRg3H5sm_VCrhPV1A0E-sejfwxWoXYdzSjKk9Oh68j0xZKLJrGOR3KpQWA5IDES5ltz6rKJqbk4e8FBXvtLMvFHE3JcQ0ZXQEJRMnNLxDXYcE8Bt6Kz_ZdCAUd9fQjIJDY8tTNr7I-o5q-bG0Oy6IPkQ9O_XEJ6AJ-afZcyyz0GF--Gt5mfG2HQU-qyJMEUl2Cw6jlpvcN_HIBdLD_lJ0do16CJ48Z2ZhZOAkdWHnCT6XVBmQGZ-Y-63PAZVrcuPPZCXc_5J8-qIoarcqHcd1sbetX55ACBUXCQCoPiC2-iJkjXJLb21USMJkNylJFMj8fNvE6RwvE0X4Sj_n8_r9YV9OpZgabI9xaMzIwDg0bkYLMIMoolz-Nv09rXPbOaZk54zRO1ESZyMqjO_2K2gzWyPqbrPEOrzy2lIChZ9W8zWr6i_ze9N6sRrzaelJAc4whx07bvnnUBd8OpP_BreHx_T8Ar4JXSbNI-UQeZfym8xCd-VC0R4NhZTTLLUu9FUWCoMDyFqYV8uUXI_JHYAlmOo_CJAT0MzvkOJMbtXQYb5TZzm5S6QQrP_taRO92RiIYql-qsylJdh2ce3c0waNAzngvsm_jQs1ciIntyoqXTs6N_bc7A46101nc_N0xvM6IJv0xDpVcp81Xavwslj01hMq0hyRlUBBx6CUIZoIBvkq17S5j5DlHjizAzvfr_biRuz8OmsmS3Ql2-la5WuGiYO5sOuicv9T6jRcXjEE3JVEj3cfuoXEgr3WDEyd6hTLJx--uNJ6P_NCNRJCvHgYTrzqLfbkPGjgliXvdxz0vR89_NQBe4FKblB7BVzFpjOh0U3SULf-BV29ouMMlQLdLJ2pnvk3AQlwXZl__EAD3GAvXTYgm-0W3ELlT4MEzQUyo6ftByJS1_pdaBg9p8AgbR9GyQnbduoFC_7mOLryZ6ARYHUcUciOyMT42TVOQpzi8pCw7eB7RmMhC-H1k9kR5UHwk79-fPhtgEL2s05Gc7qSC7Oz6GetqfnOOPq0jwX3nBToyuA4FMX7HgSOGCZzkRQOTtQ355LRETJAV3HumZ_BleoabmGIbacCHP28X7fhxDrzqFU5kv4aeM_Cxkznz5vCaiYJftB8XQdf5GfyO3Rrbh02kuXenMqkNjnn_3IqakvfEfE_0rkapXVX9teT9bHVh0Qz8wQXDSMdPvlrWmkFFaw8JAHAUMKDLEtOtzqAFUzscumgSzwXwI3vGv1tEgnL1cnvxxR-w32gSqbv_taI2WusH5QTO8rA2dib5luNbcDDXHJewUz1dOObAgq9g3xHBPbURjosNJxUGYmT5zx4Y-4ZvWxeoWlhpRVZX4Xqsh0U9amhmCrM24rFD1yV6lMx3L7O3cp-U3TvvQZsnLv7TFXj7hc6LTb6WphpwCpmtrbt-6vosTBLAg3Qki8IZZ98iz6-x1wjQajQiKkbW9a6NeIEXtISkKEsM0lbdG2RbhSnJ6CXL4c0r8tW89o2Jtz0ETowHoCdpFRm9FIpP7NCAoB5pv39CmSikpVhYwPFaD-A_diL83ZOY_fymLpTxP-PkqEkDSy0MHjcXfQBP9wLcg3pXU-ineF6bufnbQn5_xIqaXghI4guwwd14l_J6jyQ6PvFeX1WfWdyXWJ9htbsG3eqUbGGNQUJHKn2SN5KUq8QViUMrz2ILYMUlVeCoBV_yNDVe8-Ldakf1FplHCs34ZsQGUkwAwJrkq6qDs6WxhK85pE4R4J4z8KfgrJH95HaF4aOOCmoYZ0eldr3lXqWlfjX4beNrYComv1NcSRcTo5qgIYkwdTsiJMGMhUZ6vaAWpwpN_U9-XUC0h2iBnxIXY7hlSThL1MEPBmy8Cm1DStlZZ01jpmf7M_hXPzrO2cTebYoh7GwgeQn6l2pq5J1_2J7d3qR2d_qW8tH4&cid=CAASJ-RoabdvbCrREj3K6jzt8xSWmcXr0YCe0sK-Cg7I0kfJh2oDD2TBOg&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:24:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame EC24 30 KB
12 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:17:08 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C085 170 KB
59 KB 172ms
127ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Origin: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame C085 8 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFpXZTPwQ3AXgOByVWcqwYEoHEZFg8LDYBs1T_m4SF8pSLXmewWRWlKWWUlNmxqug9_PHYmV29JEarPN3IHtzQ1I_ZIa9Nn4MGThqQhRkEfH7LTIfTVbnqBC7owNMKnF5eVweSr6aBzy4scGiZKl8BDIMdbw&dbm_d=AKAmf-Co7OOqpH6h2Eif_lCKhPibtQqdTTJBY3cmGesOVAjFmNJPUDL5hXLLzZU70nU-d9-fxUg8wJkb4sAYhTKLCsWpVq5yy_0Zya63LPynFxYkrBZgK1t6uFjeCZgwS4bOS05yipeqVc0wWgagYtRyQOAYOGGMAvzlVf_AK9Ui2tMs8CZLyEFM5mTN_Vqb7k74rAmrcHstEQI4mXYR567z-U-Z178Fdewxlt2gMRqb5ncafQhJgujU8WZaiPFswvcUViVUqC4-Gpjv-B3ORM7E4z-8TzPl5PJd97xSaT-brB0QcWZytF1NfRiXZIWjC9KaR4DQIBfTRg1AB5jEuS2jAjipCj8KVqPyMSpoUiT3-z0gizfP2kkI2bgrPtaT1qFGOgTD3hbxD5NZKMC2i4-5bhqpVfAn07Fg_gIoM1wlBXUBQtIvXHYvyfzeFENo3vXqJu29OP4n97-Ai22Zyhl8HOfnmmMSkh9OTUng0gIRgIKdxYRyC7SK-v8TBkkJNse73q3gvoEr-pJQ1Vn6J8cz_s39zGFzNA7WMy29OZtvRdz_quGhUhl4uh9-68R3OyIF6GMu8Yx-hnUgS_Ku2m0R7b18xINTxUJ3qcJAur3Rn-jGgK0KOEf8ud6n9Gv6FU302JGNseb6hd_-LUY8vTftyBjmPq0VBm1C5zLLtKyUxXWxqJaMouxSEAUiA7OWetyPS57AM3-dmU_Tjm9PHPAWOykU_7KOY2MYfTizq832i0GJ-fzbFA0gPL2wEUuTA4FNYBSFVeDSwW1wLEeGZW3WuSOBiSHGhByTpLuH5_BcJLkR8mUe8xdKWreeIrUj9u6roVBEqxaOkJ0q-8M1JRLhiHNou4XMyXvvpNlEBer1VPg40AX3jbO60JEdkmoqwbNSxMWcxAyPHFKMqTZfkii85TyhjJ2-dfXRfs3qAFghzvkP_DFyvbjQbRNjbwuvpTPAHh2Mpw1MFyqsSsbe6i6zxympzdC0VXGaoBpTWtMbdrIP8YkLTBULgGPuZ2QCH4N9OlhJWPL6RRjJVPpzWVbdVPCAoFeQKkH0lgDuYVsxS22FvKHHcKp_dCOjBVdtM8upI6upp3BVOHrWUfjf7ylLMSreE_bROxP3r9YWQbrgFH5NanytNPTWRbYmq5EU5LfrJRG5P4q2YZwraZYzSma_wVlQM7Qvj1MP0Ko7aTv9hhPvrYHAHuCZBXmXMHY2JLbtm_6Hc-7Z7awEiuXwduY1kF46EIeJkKDtMJq_IcC7ElCs33_17UOqbwskb4nLIQyyMOfbfFPsvgnQMg3EajtjxPl54tGv-eYjSzy8DBgBKLEu5DPpef-abIr5NXbhfWk10x9JUVPdzv3arQh8LDPO51RkoG4TBLuWCrC14E5jzvFMiHDLS7GKxH_HetfB_bUAUEx8h892X0ZAs2Sjud5tznSuEE5AAikmcwBxvmruVM-8V2IrPfSDvPMQhgChYgzuN3BLPa9tjZPMaAngaeJoQAXRO6W3nsP68vL_l7bAecqM0v76rSVx3E8jiNuoObvTE1SO3ZsfNdPLLCYXkOnsteRHy9uJN3zrg9x1JLr3cypl1L4ECUawkxsAaYAAlqIZcf-jOYkp1jGggHcsuxli5xogKbngs_jRPboOFTxmr4YziWNEQwxPQDTOYUPhRgpSh4v92NCT2wRsM31aUfJYv4sZiTP5eezJc9bOhGFNSFzBD-o_SAUKLL6HnamnMXns0aseqbfiglfhi0F5UTm0V8rLClRxI-owkQVKAjs7XIT2Lkl8JePNJUBN_kOzBq8GEvPPH8OGGhcu_hyClvQ2pOC0SK3ZiCd1Ee0NaUypOLM4u6noprIT8LXYSp5rTmfi79yA3AN_nNki8yb01vS1Bf5LbUaH54efwBLyHwgt6pMdfrZu4mjM3Li9a9IGvatZX0JsPLzvvADZuOyH5kBUgM-OiXyJbQqMn3qOfgeMfbT4jw0E2CJRdHf4XYZy7dxBmr-eRk2iBrBIDrc_Ge1PF8OKTqro5oNiLUaEo4BNKmAaUUkL95q53QxNlVXJi43noTlrc6BE3TC57OaM5K2GcyQnYKmqZ28r1a8MFqPtB_Q9upIagqpiSG3jblMLnybcjBOA2gwamVtMRacOLA8aaDngNY_Cms03S0x-uuOofQ4vDVzWpXC3cZs0ofDTnA36KRtbyd4qHOTIWpLLbA_D8dD3DKlv-NYy7mZ4ttYrFCmf6MhSzkoT_mRY4B07V1o8JSGj1Ov7zeNjJh7RO1ayS8l6HSTi3NfseGZeAzs5ZdLdd63jKqFl-e29i6_rTJPf60B8Gc6Ypn__MTLMJJa4ii6pU8hl37z2MLcduAzppcFXnwMw5rWitkk4etGoYxuQVI-G_8SirI2gqY0LlDQrF3BLmBq01FDlP6Kq0YpYU1HbeZ9QlcGYpZT6appCKcb93hvqNFU1fFAg2YNFNqUnjlxQUh2G6J11vUNatew6--OKdq5MisE58vWjwQlQlS3ETMQ0VP4fL-BL5a5-OJv42d_kVuiHwFIe_crNLSTiZDaJAoIAVIqSls-EXZxvDjBEHjJ9NXveOmFrpQoKqLhKhSkbLkDW5vWH0UTvbMivmDMuKVKZhg6NeTG0aEHIyjleFUJOIEE8JRnyePjBnV0GRhFmpVS0kF-n2_cWY63TFsYr2As-Qz2Yk-if42HKqQqV12YRqMYeY3hIo67B6W7mzCP_6sQ2cChXSSJlVACx-XBFDY2fKMeo6T2CCe9FkL7dnsV1Suo1h5XlhZGo1pxkZqu_wt76kgiPFUbaeL-06hBGQ3HL9JqSC54FAyStXxs9lw6zd2my5q4zuTG-D7Msc-KoSWyuJnQfolu1smecPDpowXc2Mka9VBOqNk1lqk_x1ALuSfrnlY91MC7XZswJ7Fe7tPiq2BzgwhaWgiFWHoBFdCPTTqlhmsk5dxOReOYkm4FKJHiTamu2ME9Uh_TkLZIgrrYqBAixqtOJq8gJf8uH1ho4h2f2mdjGB7QM4AUrBbut4E6kWPmFfAijxceoRb-RABBmf-6OaEDQTOXyA_ZkSqxV-uSjsqn3o0SLUUy5-KmbhqcXLzt7RjaVfqkB-qZR57kfNaKCOb_oGPpqMZsWHhFlxLO6g3KRD5mh82Kub0mVwpMWIP2dIKka-ESkKhWL7yb2DR8QezHaMOaH4Sc-x_a1lXwBsXNDfltDnEXo4wxkIVOF4N8j3VYPfwdcRINAFLGYKr4t-PKynhCOsCEPXivfgVCC0s8CFZeIzQ8nwxlsJb4H-Ghcq5sflCanjGHAcuK2ZWOqfa-fztFYqa3rVLlrewbJl_mcXZ5J9fYPfWwNbWp_ZtMTTyv-9tk3TSb8X4cstf7JGhdCcsbNpUa9LPc5HOQonZ0c1HYccaGLmo7UUBVTJy4Eik1A7iVAoT0HJhAt6DmqHdVVLDIIGnYeX5aIwg-_uFaWtQFGTL6gVNxY6VUpllfzmcStDLga7G62rMyjiqOrGkZVS6049e6_H2vUGWl-3PX2so-19qIXmEcNRBfeooJK-QDJm2WORhmbwPpENg&cid=CAASJ-RoOCto71EhUHA9h6E_-7bQwpO9Uf6UI_KM3v-lj4kQ0Gk5LjHpwA&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:24:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame C085 30 KB
12 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:17:08 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 20AF 170 KB
59 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Origin: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame 20AF 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOvs9Sbu_Ot2MBiGM7ZPtoM1bqISc1UdyzqyJf_z5E5M4idXCpaV02pGy5a-0fO4_3WCheqlyBSXHPoWuZlPCrUxpuUgFCPdUzGgBcczRlW4bRRnPY3UoBrS1vEL3TyG-4L_wN-7fsoQg4j9kEessE1Kp3yA&dbm_d=AKAmf-B7he1UYQ_iMsJ3Dc9BmVh_xTMXB2SIyd6Ea_4G8nrGBR5Jca-rFpzlGyXXnq7CUe_TvA8DmiWoxcCor_jY9wRPZwjGB7p5o55mTY7TX4EeQInsdKNqsEd6TAp2bC48j16rRg3wMTMklAsO7yiQHIrSBHRf3O_EmxRQ_MzOT-8JrCP9D2j3SzZDON1hx6RaK31vJ3BTfopK4mbhL6_DaxNTxpi9r9fkEovWZK5knwKNFJz1EdynO50i1pIkngorYRqpPtfcYh7Bg_nmxusJwvgq3LrOL3LS4k-ZEILqn7baBFGcEv-3k5KkVZyVM0cevPudVzxm272uVM6q_Ig07GLYNsw_d2Hf9Y101znlGTT03kbuFsDNoF3m1N2Sbdt-0vQI1hAYJTE5J8HCwVOuHg9NjNl35-0zIfZ3AHjpHpshb75YJyRT4ru8o3aHKTZLuMLdfiRMxTZpWr5zzbhEht6wMSWsdUZSJw7SfZ7hLWK6ARWSWErtWqVNHjEl-tW6kZCAFWeZZS2cGvt3ChvtXV7orgUutakGsWoOdyI5G32soQ5MYUixtnCmVwOEWdTAqONYuANrNPK2sMVtoBbrzaVIDFRoGJgQYdrMdVwjxDIciMpuEGi7Zah9UHFkAi_hxe0Ve0nb9q_MeK2fI-hjhmPE8uV8Eo44ovS6gqyf7IyU_QpPudJ6-W7K49c1Co4Pp29PwT0Yav8cfD-GWXSZ1HGaXT_SW-5w09q44kmhe0IFsu_hdlUGWLmpWMiNRPTmS50hnwKLtT50X097V7hFNAdM1WiOat_XZtAyOwLZYftKYYa9hiGK-MjmyDhhBkxfaXn9ktJRdyymn3e05hIjfq0stHcl3qQ9azC-6qWHM9mth5d8MOfZD-QFM0cW-JZCM4nY2cSpQETJj7Kt65C9Q_95BtngKwaKcsE7L6VUwPe0nkRHPphZmpxLbChOzEYIrvTxNJnhYJhMUKOKOwyBjeiK9WPeUIhnnbhtMwKgFwtt29jw-f6GoPGwcMwuJ9cTm8Gp-dDPlKQ55coMXpu1JQGeKfEWlszEZApjEE_di7o9nIBVPQ9xxwQF-dyT_KvOiMM0PajyBO8araDXpyyDj0DqrDwvBtGaJLDUlP2ZeHk-eVbe7mL50NJR3EJLxHMP2cBkp54BHACsqK3659fZ_J6zR4BjqwBy3aOQZAgwp9HnvS3XW1-GBRtaM5Cw8I6P6pJF29UzysjMp6uLXa22uY_0LItlrvImcrNShtp2uHjRibxjbvJdR55io8mwiubjSPzFBerygNFqmA3qXhNqSJBsH3U39QcEfXX018KQN1-VJLCzy_RkOdqcsfimcsFe6op1q8LxLPEW_9RnqUIEV_hDIKc_zIXSg_CFntduawbLafJf0awYuWqFeZVueml3RG9Dot9SxtcaHU2ypXulNys8rtoXfs8x9oh6q7ZoZCjIQ5eM9HLIP33knu_-KVOeDmd3zq2B6CyB4payejreBVc-i7miSYgI38tbLbmFCFICZbWlGx3IIB3c-l9nYoTC9dkqCKOA2buy4gnY6j8O6hxy3BXlkL9Fym83lFQrRkFbqZBbp7vd7QlQmwJ-o0EfLuy21aZFMWBkHMbFM0ID45r77tQaHjX645W8Pq_rob2JVcKtqEQxUlfSw_fCpNMGR5UzOolenJUQT_NL1LT3L105UTVN0eg0_HAiDrHswfNBQ1j4WiYn862OiC0JNBfv8CJqwONNxOr8YWfyhcwXe538HYjVzI2_D3DXFCCnY_G9C0lKdFDUGZR1k0J76dwWk7o8bdeQb8HySL1-p2SOmk15E2todwW65zIXXVqrnq_ZvVFptkk6RcHGK10JrZIa-aEU1s0hoaMCk6HMIZKA4zmSs_Qui5sfCD3_Qz_yAC7NiG2L7Z6UoYbPJOtlx7K-zUWJ_7BKylwGuCX2qTy5xnUPYeOIcP74w0zxfmieSNALMHSRmdVXY9AuPdmBcyZdxBzLpszFX-9bGLEAPRKXY9VQZfKJXt1CM6phCWII4Aape9Dr_JI_lerQ8QHOzfQEGwOhgFpqfCQmctYFj1QnIpaUXn0xeL5X9dC5d77etmt9pByLjx2pBT6Mbsrl0j9o0uiSa3TO4xhOy8_FBybgd5Tm_2jZ-jf_MB7WprhTyv2W8jnaJg8hC1Dp1NPrTcPXr9z3m5njz5tI1LTp3qG3pwpO3MIgGbsyl2kiH0g4juqOWrhh-YZiIfy3LGDoxeswdltrXIrYiiwiPgQY0MbPO59CxxH3ls5IP-VXv_Tsxt195MIBxGC-Mjrtqcf9BY8n4HUyPN7mMIo9hcBDgecvByNnayi1Enlq4DQ7i68KkpuV9eS5eDDQvcZd57mJpk8iEmmS1i1CAK1-LCCHAm2vXDI24rixukx3w95R-mle32ThlvYcah3IZqrUieV8Iz7x0rQHaeYacFzmcG6piUpHdK1mAQ1SXxCWMa3-hMtdQ4pA-3fJy19h2X9EA8n63rJcB4fFUUNrKjonzWkjRd9zxKuJDnegSBkgDpkhYcnBr_Weak8P3j6FrjLODyZo98iqxLX8zleu_XhUAZ3Vu1wa5ouEIo5pemLvSqZcne_iLfCc0j79Fmgynw68NdF3KQN3SczNYgPDNTeAVdPOY9dAf4_zWTWaossMPpkRRR52pDasyIk8HBfiyFURiSvqWfh2fiAP7YJ0-BqblDmUZe88JxJt_llVyAl5cJJ8KCfl5lG71C4uVqquBPnJt5KNMMc5zMDUtw3dNtWG0xBa7Oq9VUFB9FgqwH4eRi9-aAVSU4E0B26VFbWIpVUsqOW_hxUHCAuMQZdzfm3UguwxyQ5y51il-7EW8s9HgaSy-ltR-4_BX-SOhs0v7QX8DqqWBqzBiwz5yaqzdXjWBu0J9nPuFj_ysJTapHV8zYrnrUSoM2W_8mElO31Ueam-4idWUcgXSbjyFV7d2DOvv9QBW8FUxp9Bk0nGevl15H2qy7t4bjzqENTGtGorqGN2db2kokpPxOashaAUNi71uAT06Je5pfZ5ubPJsHNrxpMug6jU601KHzMPMju0ZAF-xIv8ZqHdfrgIfU9m5QjSmIfiES1ni3ZCHdu2INO3_sB-5pgx9TSOel9hIVMPsyWeia-EJYwUyheXzEZIQ7GvvZowBErhJnl7E2Revk5QhDdD7vBnxRfT0nz4OVJ_mbaSsJY7HA3sjeIKLeeetSZTdWyGqHC0618sTrXQDT9VkO9os4B0_BVcZEZwFsZoSJqD-A6w0elOST_67jXYo26Kx4ldOtq4NmDnY53-cz8WpatW_7k2pZiQKTnqglI8kxoOSIzLkbc2zPTF-0qjZ4e1Jrj5JKIrNQXPanYtxdJXPs0nlYD02Nc645L04q6cRtx9nm3CYfC__jnORIblPHxtMlqax9Tnn7Vr7eCAXeweXoUFBKYm2l3rYNmri5eL4FykIGcf-s1R1JcfEJUccNt0f3QArOHriH41vYv-Vm5iRCJcN05PPR4eCOAJRUJ_rwC2XFUJbx4u_V-Ra1zMLNKkUTxWTOjVTnCfQY339WV-YxWqilsXTTC2Xxet8mI&cid=CAASJ-RoLdzO0k0fNfB4uOz8geZTnh1e40VlbLoigzM9dLT9EEmXSOVpqg&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:24:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 20AF 30 KB
12 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 07:17:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9CC4 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 9CC4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42fe0ee72d234c00771d512eebb45e1c0289a4e427fcc5796ef8eada5cb29077

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7282 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EC24 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame EC24 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 181f8af463dbb65952d2e9288430a6727afe075bf86164985dd16bb51822ce05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7282 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a58a73b3775a3ca8046751b4c3869db2f7fe2ecfe13e45f6a378afe1217b088

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C085 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame C085 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8774b333ae1fbf3cb37a9d0a8c58cf85a85c8da8ae650601b7017cb603850943

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0390 22 KB
8 KB 36ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 20AF 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 20AF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0fd14d0ba089b1b726f735835a016608df8bcd01a30a24a76ab34b876071944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4684 22 KB
8 KB 38ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9FA6 22 KB
8 KB 37ms
35ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 17F0 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 46FB 22 KB
8 KB 37ms
36ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0390 36 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/8545128045965475840/ Frame D339 45 KB
11 KB 136ms
56ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1399288153881097251b9c2878ab6be7ca158e06bcf2e5f44aad6af9d00b5381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:46 GMT
expires: Thu, 07 Sep 2023 07:33:46 GMT
last-modified: Fri, 22 Apr 2022 08:43:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20AF 0
64 B 162ms
78ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssy_FchSe76kfamlLkPJuWxLeLTYUcj-ZZBV0BiY4oPz4ceMv_0g6q6O4wBM5HYwWYvAwOpMiyfZf9pXzt2i95dCGVNzLC5FXuDMWzYqMnuGR79_3r3ekhe7LwOBRdj1scAu7Mlm6eL8Tlqdk_JwrkQqhrearFR1QvcNZq2fs8nEjZlxvYhsF_NXSIF-Yvaknn_-XgmlvxkF-H9mtdoGAMhGrNWa9Y4D5VxRBoFrrkipF6Kn6H3NSjdVHNo--Xz_9GHwFSGDbUOOOULG6zH0pMwTsbkgOLwvax9g-yPuAlYqU164bPWSVgRxY564Vm0C1vWecN6zLUgrk3-Yh4WuGXCSjXdK3_qkvoHboS0U1gTsp-t88knHjhlELq2_Npy-IKResaBJ3XRZFkbAyvKxfDzYOBoiwI-_NnRbkrgP99AXATaey2tiK7wxoTvBn2oIp1Rkn8JeHR85igaaIc3E7jmOAMuOBVN5jR8Gh01egNeIto9P5MNWY0lL-dheVvjTKQbM0Bo7rHetBv_b7eHu__qe14N0ieaAengTFHkYyOaIMpT3bbl9fp2_Ibv1DQCqcezMpdcm-qMcauuJG3axidd5JPF0_LXEHSRyVvI7OCTM8PRqSOvdMcL_dj1tKKR00GazIfpfEGPlwTDqpVOaG8w2u1blUttheC2xm1EQpHlBU1gyORiMIoJ49Fq8HLGkOvt1gJj8SvWnBhLzzzLO7NBzQrZQuNEOdfb5F3A0_gtKbbCYK5CSM2sDkLJ1w6UK1W9BMcVhCWC9YvkAjQI_CezODcjiY3ImXTAgwQ2DNRP83sIKxpO2oo6_A0nQQ8YHN51c13iWpNkF1OdKCufD-myouPYYTwI0xAIhAQDHVy7evwiq53ByE0NTvTCGALa-YQ-JeSs-5IYKvNZxMag8n8kYnryEP17P1yFQyiY-KOs87B6BqMmV9mlSCa8tLcmg3VitsCBX2wOuKlPM4Y8qZU6J7IRV44S8v9bKftwg7uWHmkuNiqOQKTU31IkF0jAGwKKJfoBx4jGzDhbLbsRibfBmHG_SYBWI6yB9qyo9XXVYfMBtxi7bxOGW_DF_XzPQQ7KS4ASbhhshq8dEfo7wMmRiCDkfJ-6pfgRIggwZkcrvYtC1bNMgOBfiU6GozAo3O4w36qhrirhXmOksF90antmX5kBZM2jyVMpUzkCDWWpygXiBJi7tF8QecgabqvnitMSaZNETUn6cuN6ke8yCQwNtNla0GjWn-punXoSj_Ejo4mNvM9januQwtYqmWpi6eL3m_5aTBLiT6nlNxViPOcjHokB0lBmHu8&sai=AMfl-YSPCqeogxFaEPSJyBX7LdToHb267d7nrxsqXdetpBrgSGnWItS1GpehMbngx3I4bV0o8pJ-u6qlLyAZ8bSnO_PqfeKRzWjxoKov-TpAeVoJMm1NTa025wEgmelEbGTukJHnr-InTCwa6IegAr38GY_NSvVgLiJiow0t6AtEoU5SE65EeWmwAyHgyI7kg6B8A27y5lLZvgg5i10UWkT5V5rqzelL4Q4&sig=Cg0ArKJSzC8eGrW7gNpBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=224&cbvp=1&cstd=219&cisv=r20220901.67364&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 07 Sep 2022 07:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 9947 35 KB
6 KB 117ms
48ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c692a30ba514fd36fdf3aa960d0b027ef22bcc81fa8ae10e531da07dbf5512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5714
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 15:46:58 GMT
expires: Wed, 06 Sep 2023 15:46:58 GMT
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9CC4 0
622 B 150ms
74ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1T0XvTf8igFJPXXNnAxesZYaoVya2hnnD9eVhKmQiB93rPDDT0mYB4Gi8dKmI4Bv2qki_VrvHuEL84wIglQfPGEoCtK_fuQTBQSmJf5d_b14-FoQBGYXlb9VWV3vIYhpTCB6Y_Ty6khw7uqfy-xEPh7uu8tuIDbbFNpbwCrRjMGfLPaPWcuJaXDrbhcouEIpMyY-X4rwBs1MSZTakXC76bkZVauTt8VJbO4-aOpn_vfWJlq4B6m8vxSUSA2Qh_iooi7ZBiO2pwZXgU-aVP6zNzq5AvmLCYohLa0qn1Kcz9REpgIPODBpnHjQPo8S3YFMYmWXytV-DLtz65FIFB-sLiBBJo33M7hUvASx9nAvPxnVzuTthA_PP5pKuwtnbVpC-Y4fgthsd-KLqzFFxdWrKIotrcpTGVS53HWnQOgl8edwHZ-F2X7qG_ZPlwJJs9IoALtM-0BDwgPXENRr0OvCDKccZxEMphCSMg9RZwumqruEFslLZu3HMIKaGJeiQ_D9wiBAQuGvymk0URilTHouhegT8s82lZXDrJgs_FdR87LkEC2lIgjfmeswpjcn13xJpjuX6QCcTJWzJD6dQZXSaOWHhn1d4ziOPkjaGaVLWrPrRdkDtDUIrkJnbDoGEoSb6g0DMp1GqZ3BG2s89c90lR-lkw5vF7cz-fIBABRBG40RYABR_L3VTBQOR1TKg8vFlo1zvhmPxgH-x5ORNpXMrI1w_1YZIF72mx5vG3jHdDz-I-qBbRoSJknE0L_icYxb8I3zy7RGYC2-n_dVhUfzLlC091DMWQrGIWv_wmHb0k3162Q_wIfWiN3BjVCo_4nGINz5OEX94M1-N9cFNpGpInuhgceTXMXQxaEO4e0blIkSZCDbkmoS2oqGBfG9FJhy7xgWkbLxCRHtoqlOIt4Z9YYJSpX5DQLQUDKTGjAIvtOIHw0mqamxeoZb0FvRI5Tr5fuUusZZdZ79EJzfG2BEGtH-I-6SlH-zDX55YTUCIpXugAHFAu3z7e9JeldwXwublGzeDDgzykkT5EHqSlKBUw9zj1BhH9-7x_tr21RPtKiPQ3qv7Ik2wD9_SfSSDGdaNCzgGiQk0pTa4lif4ptVMR4tQlF-CNlnlTLIvS_bFCAqXNoggsRrfJT2me6g3cSrAOiRVOBhde3LjvE2nycAT7IRdBuz2NtWU1tw2TelzXB5ysLtWxpM2vq3ynNWs7wdIOYaKUWk0jHTRp7NIRHK7IUodrahJAiiFQ-g&sai=AMfl-YTry9ZkFxQCN7f3Csbgpv99fkQOCuNYGe25KxUYzTFUODO7ZSzPzCE-jKe-dLO95QA09rj86VhkDzcPCQWednKcQct7rUu2Ch6vRZOXr4JiMlcVk34dAIb4I5SloqyCyBRNTA4QmIxMu4vC170huNHvf04vnzbgyrsM-WVm0cZXEN-Q9maQOqfO4fmG8nP80OMTbnkj7HROKXyJHVyhRHqKYZE97ls&sig=Cg0ArKJSzNpI0ZsQX7NEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&cbvp=1&cstd=317&cisv=r20220901.53765&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 07 Sep 2022 07:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 bulk Show response
trc.taboola.com/ynet-vesty/log/3/ 0
268 B 24ms
24ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=13
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 12
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662536026.137246,VS0,VE12
x-served-by: cache-hhn4020-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/8545128045965475840/ Frame DE28 45 KB
11 KB 130ms
77ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1399288153881097251b9c2878ab6be7ca158e06bcf2e5f44aad6af9d00b5381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:46 GMT
expires: Thu, 07 Sep 2023 07:33:46 GMT
last-modified: Fri, 22 Apr 2022 08:43:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC24 0
64 B 174ms
115ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZacdPcDM-HI48Insu7HAz6fk31hyGg048pV2zBwSNRMkNmaGeMudiVUpp-JpdNRDSNdq805Sy5tT7ERcwC7N6BLDIPqWd2YSyfKC5l3Y3FgZjgkELbq4cMlQUDPSiMB9PLUGp95JQgTQgqAaMzHx_sYMbVzXWnzm27b2q9HLq1g3NnpVCMpR2jmMd5MTd7YkYIFxQUlTxgfX5IAZVf9zIAKkLOC8banfBKIjlVnAYCpAItySbZzJT7L9NxGqQMSWZ6E3xwctoFWP3RdhCVe2P45B2roPBFpbmfwHjlCJBQh0wjnRMMfxKsdtYShlWdsGhO1AjAmMJyIsH54OhainNtPFhHvRBT8Xe0TpK8edB_FYflve_CV1wp9ARMElLdDxd9yrpF_CCzH_LORgBzIlN8ZwevgGRM7aklemK5eZpV_bV6ZGWIkqPGnC7sv2ap_w4Fi2AkoaXy8oy59FFMAgajkscj1V_uXC1d_08LeBdT9-rpkHIpf3eUyQALOZlJsZfqp0hDHj6jv-HplvqKji6_p2cQ3KVl1VnRzfbwpQqoAhHG7MebpxSQT-lgcXhtpbqmT5mkSVfkQe-Ca4PJ1_pPsoJsnwx40ZEv1orj6aW5uF3z7HPLTzKVRIahm9ilhu2Tj76c7gctYViPPCd-cUfYsz06YZO5X5kBLHY9hoGKMzGtqGxB030mZNSHkR2B7facdmFblaa8ook9cGODwidiOcmn_L01hhkGWGt0vOEE37GhEymkn5mh-iz3dI3Ml2pfmz2YmeanusVlsEPqsK7vR5Ufp6-n_gWqjbcH6xoF6tSa4gPlwktSc9PjGVqzBwrvlvu5zXoRBc4rH31A6wKK2ZfOZzoMpr4W6yYB1WTx5HeauSkb2vTLwT3m0g6dnfOu1ryIMRr7vldcaSBYw9lhq2mEID96gGmsEiIss-zSFjeWahnA6DTqhkznqwBiKBeExNBRVcnDDq706Knp3URZdIzG2e-8ZbeLymwiLSBojCVyvLYKQJAzybtKhgnvqJhQMaxP9hBUbFDsFtIQyftr_7JeURIX5aCdmCij3FHeP5DL7Zd1y8L-GYr5Jqm8PnRQDnSgb85WCsmtr4K5a81N1WenT5HrJQQAzD0XM95KP7qByX3DLjzB6BcASInWyPxSbeOIpnMtUMtaAyzvlIraE_mJjeR_n_yMV-u5_9ClFTcI-mVOnnADd6oI-LpoKaTQDLzugNJ0EYLVagl2OIPcJlW2uE1RKMajlWzMI4oFLJJ7KMWuA2I8LsmbmWUVaNqaBJNQJMrHlaZgngHBssljf1tIlvyEC0&sai=AMfl-YSNzViHU5FlsTef1M22GiOyl-_AI7XczboNXenxVg0hLHJq4fDwVeOQfA8FUlGcuJENTLb1v8ILy7plMPUGfFJqa05hOg2xf_twL37Mr34ThCl41QZdxZcafqEmO1RqGzct6eMrt2ctvslXdLf0-PllB4GQ6HNpKmH2CN2g_HJISv-bwpQRs1NPeSWXANf4EqCxoHF0K9mDYCrSYb5SDSKsYlRpI30&sig=Cg0ArKJSzIzi5oTZViP0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&cbvp=1&cstd=279&cisv=r20220901.52991&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 07 Sep 2022 07:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 1C3B 35 KB
6 KB 90ms
42ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c692a30ba514fd36fdf3aa960d0b027ef22bcc81fa8ae10e531da07dbf5512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 56808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5714
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 15:46:58 GMT
expires: Wed, 06 Sep 2023 15:46:58 GMT
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7282 0
64 B 133ms
77ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZBkUBhJBYsTqgkWnMZoeMfCLgqqFg1A7jmqpvpDgRSnPBU448GuykknnYkbGQNDpjWLz920oR3f9DHZW44W5Fkx-j2MCBFiH4PIcA6wBjHnLlNe3F2w9Jv9_I30fY4fUYGuXA5NpjVHBetzwiZTqd8QGMcxNgoaCcA22VV6Php7bOJXkENqwIdhRZjsX5jEP3ZU5EMeKaf0L5l1VtrpIrDkx6gLUHY_9O-Jt9qpqt9c51EP7yaIAwKqIfi5Or4XXiTQ_sC3dmMnFZskmFrUqDvvbCZfEPoyBHpBjpM81FmsNECi1jy8VuwhjEMlGyTTyeBv70QeMH_NkPB1lqeEQCeVkhe04mxsnDrNQiRHeFGsk7y0a_DvmjDdpKNmpeR8vn-R6g-rAgekO2ro0Cw_BeW2HejTrM3xdzKvYo5GBbeYGE8BIHPjh3WcUD2CuBwke6mrPqDip-9c5tuatkyIGzJNRwB2x3RFw1sLxIYc50876LmkQafd8N4p4139zmzYCfAYQfKNpMaicaTChW1Vqpyetemp4vORfB_2jjeZRt8qvMrhfyZVFgOfP6nD_Mb2ChbouWBG8fz0JJVIX2Bff2OJ2S7xUhXK52_knMtTP4vgyTY-BlYGCNkW0mFW30jP2GaGHUC-WdsJUMowck3rSv7enIbaKGln0JNb6mLvFTjLmVo7q-UKk672YqAEaA53IMatLoG6SQ2JBMhG_yG3br6OGF2c0gT9oa4w-zle_JA-EKvZJS92lqPHX20In_BE-t_cbuPfhKGmnWE9vXUpm5Qo4yU33qa7WqDS5tDnPqFfD-hm-FHL1y7Jm3yiqIcFogp65KRXWp2516sEMTuRaJCc2Hb46c4b8SgoywexrCDYdbY4KJW9YDR2WdDbTZIrYiDYMFWAxgnfO9kkJRx9u356AO7iwKZvAPYbLKkhPbg7107m4iOyZJaYYreLbUiMdeLuyUr4y2P9_MsTDjbzL9f4jHe8rAOwkNRFoXW2Bf-rrUqfli1YT2LPo2eYzVqe0n2u92dW62qymH_CXBR1ZKPPwHyvBBpeT3_gsz97xcBE-e-q8868GhBDc1HP5ne-ujfyf-nQm8OPf5sMEXuf8JPDih-NZJ-i1VyZrrE3RDVFftnV_KWSa_Yi7wjVlJ_Su8gHNZJIV0EE_0nE4f3lDZp693EUJMabTCNVeYebrlJzyLhjKrvdSQEnZmQNGdv4RvdJAXbmv3c94xwK_ug5SjKi81DT9vmW7n__U&sai=AMfl-YRUzrX9iMjpy01kQwViJpt04B3xCvM_0ph4X2WmwsKzW_lThuoWapfIt0UEXqw5BQ28NHtDLFwr3osckdY7nB9AepXpcus5GeKE6dU5B0h0oDvJbdcMYPKexi8FS1bqalXBb5aJLTd-PUy5vn5R-tBfQheu_Yqm8IXbZr72hK66jxsUgl61GyUCPZ_HOXle0znggBbWZ6uHKSYuBU9VwNx0DCntnVo&sig=Cg0ArKJSzP64ekL7RuL3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=305&cbvp=1&cstd=304&cisv=r20220901.88294&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 07 Sep 2022 07:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/8545128045965475840/ Frame FBE5 45 KB
11 KB 110ms
66ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1399288153881097251b9c2878ab6be7ca158e06bcf2e5f44aad6af9d00b5381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 07:33:46 GMT
expires: Thu, 07 Sep 2023 07:33:46 GMT
last-modified: Fri, 22 Apr 2022 08:43:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C085 0
64 B 127ms
77ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUxaGBTGOjYt7bHmG4KpRvo44_Mn0Y4AlDBtWYCK7AdgSi3L2hkHY_DHJvhLpZXpbksJa3pvWVSHZtZPgMGmGN2eGY3bbam57_NboJo3yJKK9CFzSnIloNUm5b1ggr02SAMXUhncDAGMTs4SvbltBRWtSi6d7I18OgwKg67DC8IeBx-0_xnq1dvdVUeiiYx5UAWfMPhkYV2KEW2fDFmnqSQZNIS3Ijgg4rBs1zh0vAm-wDch9A8Qr26e2VdRE4eD4W1WhmotkW6ta35GVJa-nzh_nR_jjBpqWlPL_HJuOLV-ZD7rnyRG0vKW0SqHjQj7xQsl0hSGdg7_v3ntp4UhjnJ_ow0TF-noQMUSWaSUEAIiyesfYMp81eufljoCTzIhhqSYbGtjaQ0HxQLhdLTtVujuiqsdVaBx1VDmR6SvB9Lc_nd0ODUNGwZFxi1JDi8jE2eyKbtyDYnMRmA7diqjDLxhcTIryONu7cs5zG41EWOfoWFVYXFURYSNuYPtQpJwnEKLAAKaZMh_k_PUB4GRz9acgImZLgG2CCML10G4YuqVi8xA29DwI5FaLWXuYCLXcLYFXQM4KSagA560F85JuFOHP9h12kiTNeC8fgcd7WQxROtjxdgXGa7h6VpqSOpSiZOCdWoF4QCf_8WQQFEiH5olWY3NPai1nDJ5AOD1u9phm9VfSoH7DPYoxjwwcDcM6ohCXURbo0LtY-bHN3IeifjEsBvGMGDvWmwCPLktW5c2w0mncbySBit5-L31ju31V7Yx7yasxN6SeAJvcqrhzRywuElrENtmQOHfw_ASWsrI29u_YrIPpHVPvQw3NvQ0jPjq03sI1k9qYogH5pePStHfNmhVPN_iPblIyeUWxflV5OsfsoUwSoTCx3wSiCHNqRuZHKj7XdW58WIheilIT-C31HkVSvOIVF30HvLzir00Awh2ZFy-pRVO1QOlQ_GbJdOBmJJusWr7P6j6YS3w34R41Lc-jwMTtWjPdhIetqDnUTR7uMquKxAjPL68Vna8N38k-gsAA0ZhxmzHUuLuTqPzmS7ivK2DHOejf1k1a4Uh0am6M4PuPypkoy6FGqZrEAMdzxrtET_gAOk9ScEIleuyk7RgjDfqb5shs8WAuCFJjXsJaJmqF82VrXx3_98zwcjT9uWRpyNIe30UTG8tMJAfTF580gEO095yvUrYGnWYF0Q51nPHSSMKnwbE1eEAoFVAm-jo66rFWE_sqaXR9mAmwcMkPjgYTF48LjdEZc0bo1uLvWe_os7aZ6RZv2fYleB8giBph3IRcT9d6ecxMV1W0K16PIrg&sai=AMfl-YQcsJkYXd2aLa5IIzu6GVLZkbK2I4Zc2KFa8Ihj2oc3QHh_JoLJOSJYtef0HVCKFAGf9TfpvvBo5GsvADXFPZwdAcTbUjXyir0GqEgRZB9QJhzBTYEfb1aEeiDDaReFwOHHDWpuT4roE_6efPLdxSQ9XwAyV7gDJO4GFeiqn_zz4JmA-RN8Q5OmVgXftIb1M8_AI5WOsE4guLLviEIFv7BI-gQEq08&sig=Cg0ArKJSzL3rnZKqOvQqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=281&cbvp=1&cstd=278&cisv=r20220901.86959&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 07 Sep 2022 07:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4684 36 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FA6 36 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 17F0 36 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 46FB 36 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

POST
H2 204 visible Show response
trc.taboola.com/ynet-vesty/log/3/ 0
61 B 17ms
16ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
via: 1.1 varnish
server: nginx
x-timer: S1662536026.224156,VS0,VE10
x-served-by: cache-hhn4020-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 video-js.min.css
www.ynet.co.il/Common/Api/Scripts/video/ 38 KB
11 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/video-js.min.css
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4c92903d5602f1c1419e9c647f0db022d425efaaa580d9849e9b6132cb1020f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 16:53:20 GMT
etag: "88ffb3726ec1d51:0"
vary: Accept-Encoding
content-type: text/css
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1761423
wai: 01
accept-ranges: bytes
content-length: 11348
expires: Tue, 27 Sep 2022 16:50:49 GMT

GET
H2 200 videojs.ads.css
www.ynet.co.il/Common/Api/Scripts/video/ 917 B
579 B 28ms
27ms Stylesheet
text/css 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/videojs.ads.css
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Sat, 18 Jun 2022 15:44:53 GMT
etag: "857315756ec1d51:0"
vary: Accept-Encoding
content-type: text/css
v-ttl: 3627
vx-cache: HIT
cache-control: private, max-age=292298
wai: 02
accept-ranges: bytes
content-length: 345
expires: Sat, 10 Sep 2022 16:45:24 GMT

GET
H2 200 videojs.ima.css
www.ynet.co.il/Common/Api/Scripts/video/ 4 KB
1 KB 29ms
29ms Stylesheet
text/css 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/videojs.ima.css
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 16:09:57 GMT
etag: "1ed282776ec1d51:0"
vary: Accept-Encoding
content-type: text/css
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1499690
wai: 01
accept-ranges: bytes
content-length: 1300
expires: Sat, 24 Sep 2022 16:08:36 GMT

GET
H2 200 video.min.js Show response
www.ynet.co.il/Common/Api/Scripts/video/ 491 KB
171 KB 20ms
20ms Script
application/javascript 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/video.min.js
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b78ada3f1604ec580791328e406cc92277aed4ef45e57432bfe626a7da7ba0a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Fri, 01 Jul 2022 17:38:17 GMT
etag: "f45556376ec1d51:0"
vary: Accept-Encoding
content-type: application/javascript
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1418673
wai: 01
accept-ranges: bytes
content-length: 174618
expires: Fri, 23 Sep 2022 17:38:19 GMT

GET
H2 200 image.png
images1.ynet.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/ 235 KB
236 KB 9ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ynet.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/image.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d9db27d4ca79f2af0936f4a1ab1c13ddb8a8203173710c43c659cf4d1e0ccfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
last-modified: Wed, 07 Sep 2022 04:41:37 GMT
server: Microsoft-IIS/10.0
etag: "8e77bc1d74c2d81:0"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2582564
accept-ranges: bytes
access-control-allow-headers: *
content-length: 240657
expires: Fri, 07 Oct 2022 04:56:30 GMT

GET
H3 200 45d92f8f595e6f0d29129d0a9e75108b.js Show response
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 1C3B 89 KB
25 KB 40ms
39ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25351
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 45d92f8f595e6f0d29129d0a9e75108b.js Show response
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 9947 89 KB
25 KB 39ms
38ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25351
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
708 B 7ms
7ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 875
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by: cache-hhn4020-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1662536026.343633,VS0,VE0
date: Wed, 07 Sep 2022 07:33:46 GMT
x-amz-request-id: QQBJB95DTC5C6ET8
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 74
x-cache-hits: 307

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame D339 118 KB
40 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 21:45:39 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D339 60 KB
24 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame FBE5 118 KB
40 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 21:45:39 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FBE5 60 KB
24 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame DE28 118 KB
40 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 21:45:39 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DE28 60 KB
24 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 376 KB
126 KB 140ms
44ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128229
x-xss-protection: 0
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
BLOB 200
OK fedace7c-d2ca-4d89-9b25-28714d8f0b36
https://www.vesty.co.il/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vesty.co.il/fedace7c-d2ca-4d89-9b25-28714d8f0b36
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 171ms
171ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:46 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 169ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:46 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 169ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:46 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:46 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:46 GMT
access-control-allow-credentials: true

GET
H3 200 css
fonts.googleapis.com/ Frame 1C3B 4 KB
593 B 135ms
56ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:40:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 07:33:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H3 200 e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 15 KB
15 KB 44ms
42ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/e9a1f9380a9c03bf9ff5657cdc228e9d.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 5 KB
2 KB 42ms
40ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1998
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 acc5c17728f028f57f16718c418461ef.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/acc5c17728f028f57f16718c418461ef.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3095
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 b7210f500535c8288be2604129e6fe04.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 7 KB
7 KB 44ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/b7210f500535c8288be2604129e6fe04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7493
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 632415e511d90bf43f0fcc4f84015553.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 7 KB
7 KB 45ms
44ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/632415e511d90bf43f0fcc4f84015553.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7405
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 eca40c269a0c0b9d48779f70ba269b13.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 4 KB
4 KB 45ms
44ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/eca40c269a0c0b9d48779f70ba269b13.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3639
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 e9a1f9380a9c03bf9ff5657cdc228e9d.jpg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 15 KB
15 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/e9a1f9380a9c03bf9ff5657cdc228e9d.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15099
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 5 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1998
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 acc5c17728f028f57f16718c418461ef.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 3 KB
3 KB 42ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/acc5c17728f028f57f16718c418461ef.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3095
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 b7210f500535c8288be2604129e6fe04.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 7 KB
7 KB 43ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/b7210f500535c8288be2604129e6fe04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7493
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 632415e511d90bf43f0fcc4f84015553.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 7 KB
7 KB 43ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/632415e511d90bf43f0fcc4f84015553.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7405
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 eca40c269a0c0b9d48779f70ba269b13.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 4 KB
4 KB 44ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/eca40c269a0c0b9d48779f70ba269b13.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3639
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9947 4 KB
593 B 113ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 06:39:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 07 Sep 2022 07:33:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Sep 2022 07:33:46 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 20AF 0
26 B 130ms
69ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssy_FchSe76kfamlLkPJuWxLeLTYUcj-ZZBV0BiY4oPz4ceMv_0g6q6O4wBM5HYwWYvAwOpMiyfZf9pXzt2i95dCGVNzLC5FXuDMWzYqMnuGR79_3r3ekhe7LwOBRdj1scAu7Mlm6eL8Tlqdk_JwrkQqhrearFR1QvcNZq2fs8nEjZlxvYhsF_NXSIF-Yvaknn_-XgmlvxkF-H9mtdoGAMhGrNWa9Y4D5VxRBoFrrkipF6Kn6H3NSjdVHNo--Xz_9GHwFSGDbUOOOULG6zH0pMwTsbkgOLwvax9g-yPuAlYqU164bPWSVgRxY564Vm0C1vWecN6zLUgrk3-Yh4WuGXCSjXdK3_qkvoHboS0U1gTsp-t88knHjhlELq2_Npy-IKResaBJ3XRZFkbAyvKxfDzYOBoiwI-_NnRbkrgP99AXATaey2tiK7wxoTvBn2oIp1Rkn8JeHR85igaaIc3E7jmOAMuOBVN5jR8Gh01egNeIto9P5MNWY0lL-dheVvjTKQbM0Bo7rHetBv_b7eHu__qe14N0ieaAengTFHkYyOaIMpT3bbl9fp2_Ibv1DQCqcezMpdcm-qMcauuJG3axidd5JPF0_LXEHSRyVvI7OCTM8PRqSOvdMcL_dj1tKKR00GazIfpfEGPlwTDqpVOaG8w2u1blUttheC2xm1EQpHlBU1gyORiMIoJ49Fq8HLGkOvt1gJj8SvWnBhLzzzLO7NBzQrZQuNEOdfb5F3A0_gtKbbCYK5CSM2sDkLJ1w6UK1W9BMcVhCWC9YvkAjQI_CezODcjiY3ImXTAgwQ2DNRP83sIKxpO2oo6_A0nQQ8YHN51c13iWpNkF1OdKCufD-myouPYYTwI0xAIhAQDHVy7evwiq53ByE0NTvTCGALa-YQ-JeSs-5IYKvNZxMag8n8kYnryEP17P1yFQyiY-KOs87B6BqMmV9mlSCa8tLcmg3VitsCBX2wOuKlPM4Y8qZU6J7IRV44S8v9bKftwg7uWHmkuNiqOQKTU31IkF0jAGwKKJfoBx4jGzDhbLbsRibfBmHG_SYBWI6yB9qyo9XXVYfMBtxi7bxOGW_DF_XzPQQ7KS4ASbhhshq8dEfo7wMmRiCDkfJ-6pfgRIggwZkcrvYtC1bNMgOBfiU6GozAo3O4w36qhrirhXmOksF90antmX5kBZM2jyVMpUzkCDWWpygXiBJi7tF8QecgabqvnitMSaZNETUn6cuN6ke8yCQwNtNla0GjWn-punXoSj_Ejo4mNvM9januQwtYqmWpi6eL3m_5aTBLiT6nlNxViPOcjHokB0lBmHu8&sai=AMfl-YSPCqeogxFaEPSJyBX7LdToHb267d7nrxsqXdetpBrgSGnWItS1GpehMbngx3I4bV0o8pJ-u6qlLyAZ8bSnO_PqfeKRzWjxoKov-TpAeVoJMm1NTa025wEgmelEbGTukJHnr-InTCwa6IegAr38GY_NSvVgLiJiow0t6AtEoU5SE65EeWmwAyHgyI7kg6B8A27y5lLZvgg5i10UWkT5V5rqzelL4Q4&sig=Cg0ArKJSzC8eGrW7gNpBEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=638&vt=11&dtpt=414&dett=3&cstd=219&cisv=r20220901.67364&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0390 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BaYk6WUkYY4-4K8C6x_APvOCr0AcAAAAAOAHgBAI&bg=!cnGlcTXNAAZTikH4c4o7ACkAdvg8WlXS4gRQEHY5oU95UKMTuT5ugcCE4-1nx4j5kwRrfBkIkImnpgIAAAEcUgAAAAFoAQeZAuj8KYVsC6TPBeydlB5BYiuQGSB649Az8k3sYe9xkf5MX5gL7jf8VaWhHYGIZW5Yo8btLKtW3-J72FcuZYN3r7ta2fpiUWb2mM6QdKU0uxbroKRbWoXF4K9FD6mFejnPfi9gvk4i9tHQlGAImyj0AW1Zgye47S5FTIwi-xYe4gfx38MakeaFiQ7azeeOBeSVbITbaqH578cfNAJCnvuzw-5g8OawW0c4lkPQsPLTHqsb4yQH1nVZ-h21BZVpHgRl2TACOV6XqMlUBu9KTHER39HMOzjnNUWF4gK6jvKzBeRJHeYr4BSxZvzkTRsG8Cov8Ph1nra1w-hgSpsA75FcFoptaTCq968Y2RTfF7iX6Hxmtg2heSsSUEVMivmOk7C0qeYO-6zBikbJpFsTnnl7yg9EZ0-dNF7veVy6q-gOOefnNMlMvg5xsWJg8UldemS4tnEuZFve3P8KM4Kj6vdEHBI-80letfhZpXpxWYFUca3Yny0QLN_SZL5Qvamp5zH5Qm-vtR9fk1ErYcu9m3mxGRLbqVuWZyPmxgdghNCt15FoLJQo6Hz6WRGUD7FceMWkuZfprYdM_Yo9WiOkfPEPDxHRY6fFntPnXOmPKIQN1PapLHUQifJTkEh1HJLo27zq6NDW6SEwui0GdEEL3jAV9tM_w5uaRAtl5Vm1QURJS4mjqkS0J0TWt0pZNOLQy6kEh88Ttlwx-TsOsn3JMaW4UzW8F2R0UzhMXSSYVlk48JD8KJoC2REI1KnUZ5e-Nag7R6DdZ5CHG55pq6j84ok9EnnGHqmxjMcJaEX6xcJp4zpLrZd3DgujoDQgvzk6fglK-sG7JV_FfkAQGqkKhudaUznNA6drC2MjiKPqfSoycQLa71FKkaPGTNRZAi8P7_hmjB-FMzII91QGythpbP0xwLQhraClaGMkQVDb90eEqP-RPtrvWqBbpaAKfMyfCSyMZ0r2BJqK84makVdhmMAd-u4luRsqfblQAc8

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
72ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090101&jk=4226214640806927&bg=!fH-lfzvNAAZTikH4c4o7ACkAdvg8WrHeFyTG81ei1x7td2QLab-rx3DyZhBBUa7nWsunpRv4eCFB7QIAAADfUgAAAAJoAQeZAqI4PT133I-11eznoBG_8poMgg84yxqLwAyCJotOryX1kQ58pMv8vM4xpCIDvKMG3FK2r-MUvJII1ANBxhs4yvvQmN5MacV7iSndBKGEkIRfZy4DILnG2KPG8p4P3fucv49y64g6soaF9OBHMIdrC9W8xA-VPtiCXBazKr8trAOuPV-dcygJ68BhGb2_7eqjOHtwNYe2RA6SyhDGzBAiUrfiKh80qs8rZovVVvmicXsftySDW-ptUNgANSGKy1qUpkGXVOrd7XMIr09vZEfFEa2PjC4ocId2ZseKbW49epPDzDXjcehm14BXvOLJL1Y2zYCBw5Gr8P3AmCf0I3m3soQvbabNZghM_tB8NfEZYxWDZvIrGxsJE_5xVqt3BDZpqE2XjsQ2L-ztEaRt672c7q05Zsbrix-3ClGSpXc8YkyL5WC_NpwH2qcYbvG287hsjvh3GAF7czYaF6zMGMNS_jXoiRCx-6Fp5l1IvRKWYRqVrFC0-kxtYCPrwM1nn5xsUDfUJirb71RdaAHjvlzekX38IWZGr7CW0T31DjOZDSCxsFryp7e1UnHa7T1oC4TgpACQNzK8rhFxVeK8CFuhgFvbF7FUG5CFrE9spCKYQsC4kz-Ezjh_cUi1ar7rAN-XX1pCq6oY_-VEiXx_-p06tgS6edbyGVG8QRFlROQL_RLwMc1uLWlSgsycHqdAvExB8msrpj-qRJQT6eCo2EWHZ3dZ_ee9FxjGyS-tm91pEIi-iK79kmAFrvsPmSmnT0Ewf_UzY7K-U29Cm4C8_WjQ83gD70vJTKVuxj1tGWT4f5ufi8C77YJWo3hQ7y3mzPCYziaEW4rM-qANC--fBafNb5E5CUn3ih1bIjlkoYlUOmibHccB4JnYA0CaUIeaG0pTkEJoJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C085 0
26 B 87ms
69ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstUxaGBTGOjYt7bHmG4KpRvo44_Mn0Y4AlDBtWYCK7AdgSi3L2hkHY_DHJvhLpZXpbksJa3pvWVSHZtZPgMGmGN2eGY3bbam57_NboJo3yJKK9CFzSnIloNUm5b1ggr02SAMXUhncDAGMTs4SvbltBRWtSi6d7I18OgwKg67DC8IeBx-0_xnq1dvdVUeiiYx5UAWfMPhkYV2KEW2fDFmnqSQZNIS3Ijgg4rBs1zh0vAm-wDch9A8Qr26e2VdRE4eD4W1WhmotkW6ta35GVJa-nzh_nR_jjBpqWlPL_HJuOLV-ZD7rnyRG0vKW0SqHjQj7xQsl0hSGdg7_v3ntp4UhjnJ_ow0TF-noQMUSWaSUEAIiyesfYMp81eufljoCTzIhhqSYbGtjaQ0HxQLhdLTtVujuiqsdVaBx1VDmR6SvB9Lc_nd0ODUNGwZFxi1JDi8jE2eyKbtyDYnMRmA7diqjDLxhcTIryONu7cs5zG41EWOfoWFVYXFURYSNuYPtQpJwnEKLAAKaZMh_k_PUB4GRz9acgImZLgG2CCML10G4YuqVi8xA29DwI5FaLWXuYCLXcLYFXQM4KSagA560F85JuFOHP9h12kiTNeC8fgcd7WQxROtjxdgXGa7h6VpqSOpSiZOCdWoF4QCf_8WQQFEiH5olWY3NPai1nDJ5AOD1u9phm9VfSoH7DPYoxjwwcDcM6ohCXURbo0LtY-bHN3IeifjEsBvGMGDvWmwCPLktW5c2w0mncbySBit5-L31ju31V7Yx7yasxN6SeAJvcqrhzRywuElrENtmQOHfw_ASWsrI29u_YrIPpHVPvQw3NvQ0jPjq03sI1k9qYogH5pePStHfNmhVPN_iPblIyeUWxflV5OsfsoUwSoTCx3wSiCHNqRuZHKj7XdW58WIheilIT-C31HkVSvOIVF30HvLzir00Awh2ZFy-pRVO1QOlQ_GbJdOBmJJusWr7P6j6YS3w34R41Lc-jwMTtWjPdhIetqDnUTR7uMquKxAjPL68Vna8N38k-gsAA0ZhxmzHUuLuTqPzmS7ivK2DHOejf1k1a4Uh0am6M4PuPypkoy6FGqZrEAMdzxrtET_gAOk9ScEIleuyk7RgjDfqb5shs8WAuCFJjXsJaJmqF82VrXx3_98zwcjT9uWRpyNIe30UTG8tMJAfTF580gEO095yvUrYGnWYF0Q51nPHSSMKnwbE1eEAoFVAm-jo66rFWE_sqaXR9mAmwcMkPjgYTF48LjdEZc0bo1uLvWe_os7aZ6RZv2fYleB8giBph3IRcT9d6ecxMV1W0K16PIrg&sai=AMfl-YQcsJkYXd2aLa5IIzu6GVLZkbK2I4Zc2KFa8Ihj2oc3QHh_JoLJOSJYtef0HVCKFAGf9TfpvvBo5GsvADXFPZwdAcTbUjXyir0GqEgRZB9QJhzBTYEfb1aEeiDDaReFwOHHDWpuT4roE_6efPLdxSQ9XwAyV7gDJO4GFeiqn_zz4JmA-RN8Q5OmVgXftIb1M8_AI5WOsE4guLLviEIFv7BI-gQEq08&sig=Cg0ArKJSzL3rnZKqOvQqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=702&vt=11&dtpt=421&dett=3&cstd=278&cisv=r20220901.86959&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC24 0
26 B 81ms
67ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZacdPcDM-HI48Insu7HAz6fk31hyGg048pV2zBwSNRMkNmaGeMudiVUpp-JpdNRDSNdq805Sy5tT7ERcwC7N6BLDIPqWd2YSyfKC5l3Y3FgZjgkELbq4cMlQUDPSiMB9PLUGp95JQgTQgqAaMzHx_sYMbVzXWnzm27b2q9HLq1g3NnpVCMpR2jmMd5MTd7YkYIFxQUlTxgfX5IAZVf9zIAKkLOC8banfBKIjlVnAYCpAItySbZzJT7L9NxGqQMSWZ6E3xwctoFWP3RdhCVe2P45B2roPBFpbmfwHjlCJBQh0wjnRMMfxKsdtYShlWdsGhO1AjAmMJyIsH54OhainNtPFhHvRBT8Xe0TpK8edB_FYflve_CV1wp9ARMElLdDxd9yrpF_CCzH_LORgBzIlN8ZwevgGRM7aklemK5eZpV_bV6ZGWIkqPGnC7sv2ap_w4Fi2AkoaXy8oy59FFMAgajkscj1V_uXC1d_08LeBdT9-rpkHIpf3eUyQALOZlJsZfqp0hDHj6jv-HplvqKji6_p2cQ3KVl1VnRzfbwpQqoAhHG7MebpxSQT-lgcXhtpbqmT5mkSVfkQe-Ca4PJ1_pPsoJsnwx40ZEv1orj6aW5uF3z7HPLTzKVRIahm9ilhu2Tj76c7gctYViPPCd-cUfYsz06YZO5X5kBLHY9hoGKMzGtqGxB030mZNSHkR2B7facdmFblaa8ook9cGODwidiOcmn_L01hhkGWGt0vOEE37GhEymkn5mh-iz3dI3Ml2pfmz2YmeanusVlsEPqsK7vR5Ufp6-n_gWqjbcH6xoF6tSa4gPlwktSc9PjGVqzBwrvlvu5zXoRBc4rH31A6wKK2ZfOZzoMpr4W6yYB1WTx5HeauSkb2vTLwT3m0g6dnfOu1ryIMRr7vldcaSBYw9lhq2mEID96gGmsEiIss-zSFjeWahnA6DTqhkznqwBiKBeExNBRVcnDDq706Knp3URZdIzG2e-8ZbeLymwiLSBojCVyvLYKQJAzybtKhgnvqJhQMaxP9hBUbFDsFtIQyftr_7JeURIX5aCdmCij3FHeP5DL7Zd1y8L-GYr5Jqm8PnRQDnSgb85WCsmtr4K5a81N1WenT5HrJQQAzD0XM95KP7qByX3DLjzB6BcASInWyPxSbeOIpnMtUMtaAyzvlIraE_mJjeR_n_yMV-u5_9ClFTcI-mVOnnADd6oI-LpoKaTQDLzugNJ0EYLVagl2OIPcJlW2uE1RKMajlWzMI4oFLJJ7KMWuA2I8LsmbmWUVaNqaBJNQJMrHlaZgngHBssljf1tIlvyEC0&sai=AMfl-YSNzViHU5FlsTef1M22GiOyl-_AI7XczboNXenxVg0hLHJq4fDwVeOQfA8FUlGcuJENTLb1v8ILy7plMPUGfFJqa05hOg2xf_twL37Mr34ThCl41QZdxZcafqEmO1RqGzct6eMrt2ctvslXdLf0-PllB4GQ6HNpKmH2CN2g_HJISv-bwpQRs1NPeSWXANf4EqCxoHF0K9mDYCrSYb5SDSKsYlRpI30&sig=Cg0ArKJSzIzi5oTZViP0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=715&vt=11&dtpt=434&dett=3&cstd=279&cisv=r20220901.52991&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4684 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6bLrWUkYY6q1K6-xx_APuuKC8AMAAAAAOAHgBAI&bg=!cXKlcjbNAAZTikH4c4o7ACkAdvg8WnZvx1EFB7B0t09MNbkXIRv8tBd3k6M7AoSxvkRp7zMDQcTE3QIAAAFIUgAAAAJoAQcKAGN2qC-djdku5cV1Cs3Z0RLAFEJ0icKy4KV_A2aVtlLQxocOmJXVo0oIAEiMfT1FxlxEiylGKPx2ppldJybWMcUKaIzBsfaNn7nlfih2KHhtuvojmB0fic2J_UU-yVAlTqU4TiWZAvNgGcO5YFbdwoPVIzwM-OKKeC5K7glJzXSTw_tv43YG352wnXCduORpKMlAtZHZI1ozQIggAxxhMk36skIJAOiGXXpkeBajTqIr9a_O5xqnxop6zh6dHGzTS8obCFApZDpKQaGgD1KeS7cfn85zWmpLchl5OuI5meHQjN8oc59N8JvNH-VVQPBsAj-5q73Tz7AGvFXUbgJDe34jVcDtZ2x6w1iOjd6g8iQTuUqsDOSLDUKOQ4tHSrdpPlpmAGG4NbFPjcCMuultWfiExCPP0OF8P2E4ZzgdkScQgvU6TULOjZ301RsG_ksQO7VJCMBrflhFlJW3f09jjflPtY3-d-4TXoRpTixMke4zsiVwprd3BjpHPe7FEuLVQmc7N4YWBE6b3VD7JMo_0a-RfN2RSqOCHwk01j1IjcFE6NEyxz_IBw4Yy1hzReyu14DIVZ8ACFhf0mIEvOG96CiQftLf8WY6eGv1hw48OZKx6k2sD6BllNHhVi36VZK8WAEIDX_gQo9KPboHNdj1JQoqUYu6lZwZBPBFIFU7XvnyGem0tQFnezeTWaarN07USTZivXTrURAB9mcjtyEkHvQACt1a4OQKUtzefq0NCPuHNVwDL1hQ1n_PzryhtVZ3Y59ZVHDBPGj5Nc9l26UKSAAuLG_OYhvTpZvLW03_IBKj2VywmOOGsIhq_uCI4WlN4uLIkMK7_YUaLtrcz4L27gpfpUfaFyQ1e9Jwrnd1u3JWiwPmEGOOpIAsAoVR8nUe8_a42gh3jlK4UhDIQyND9k9-40Nsqc4fmupPkJFBZQbBsMcB_v_kX8I4bB7MrAEUKio3jmbkx5K0cSEhi0Ad28N-UAPKcbOsTG0dKM8hhpOb_ElbeNrAtHc76Q5LNGhfn-762GrYUklzGD7cLHEGobGgScrBWdt4_1xsH9bf5t14qP78E3SbX1G8tW0nPEAsfvB0lHpW8Y0SymQoIEWIvihe5pW7edfTHf7__PUqmOpXMZyMGit8zlnOwQ

Requested by

Host: 5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
URL: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D339 7 KB
5 KB 151ms
77ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef44797b1849fedaaf6cfd9e2f74ea70142162e6899a607c345f1f08849d696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5583
x-xss-protection: 0

GET
H3 200 60005582_20220627070124827_STANDARD_300x250_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D339 35 KB
35 KB 43ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070124827_STANDARD_300x250_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1806f19d72e2b328d763fb64435df4928f56e8d6e00176f00321307a1093ef13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:12:28 GMT
x-content-type-options: nosniff
age: 62478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35953
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 14:01:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 14:12:28 GMT

GET
H3 200 60005582_20220627070121338_STANDARD_300x250_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D339 32 KB
32 KB 45ms
44ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070121338_STANDARD_300x250_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf30264c26fef49afc93a6e9f4045f4f9e0a5eb0479df70ce2f08837bb63fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:12:29 GMT
x-content-type-options: nosniff
age: 62477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33085
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 14:01:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 14:12:29 GMT

GET
H3 200 60005582_20220627070117732_STANDARD_300x250_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame D339 19 KB
19 KB 44ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220627070117732_STANDARD_300x250_LOOK-03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2d076ba28142d1cdbadbe0022ac75e379a5170b95cffc7506576ae6a74776ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=Po62UCujLf&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 12:08:51 GMT
x-content-type-options: nosniff
age: 69895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19461
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 14:01:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 12:08:51 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame D339 43 B
643 B 30ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332160101_170181290_QTSOHO0101A20220502&ref=27513879_4307561_332160101_170181290_QTSOHO0101A20220502
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:46 GMT
Last-Modified: Wed, 11 May 2022 05:12:26 GMT
Server: Apache
ETag: "2b-5deb57cb16280"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DE28 7 KB
5 KB 163ms
110ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79c54526baf1ad31d95bfe01d6fc0716251124423dca7e2fb67713fba9873936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5548
x-xss-protection: 0

GET
H3 200 60005582_20220818052046459_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DE28 19 KB
19 KB 40ms
39ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220818052046459_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7026e44310d88af29dd2323ec37951d2362e1359463da244f828a7065b574cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:48:32 GMT
x-content-type-options: nosniff
age: 56714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19245
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 12:20:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 15:48:32 GMT

GET
H3 200 60005582_20220818052050646_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DE28 17 KB
17 KB 43ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220818052050646_LOOK-02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff90d90185481a478993732e817e934db19ad84ed2da26278253b6886880c7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=y6jL8UyZX3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:48:32 GMT
x-content-type-options: nosniff
age: 56714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17532
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 12:20:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 15:48:32 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame DE28 43 B
643 B 23ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332160101_170181290_QTSOHO0201A20220819&ref=27513879_4307561_332160101_170181290_QTSOHO0201A20220819
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:46 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 60005582_20220818052046459_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FBE5 19 KB
19 KB 39ms
38ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220818052046459_LOOK-01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7026e44310d88af29dd2323ec37951d2362e1359463da244f828a7065b574cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:48:32 GMT
x-content-type-options: nosniff
age: 56714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19245
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 12:20:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 15:48:32 GMT

GET
H3 200 60005582_20220818052050646_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FBE5 17 KB
17 KB 41ms
41ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220818052050646_LOOK-02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff90d90185481a478993732e817e934db19ad84ed2da26278253b6886880c7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:48:32 GMT
x-content-type-options: nosniff
age: 56714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17532
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 12:20:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 15:48:32 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame FBE5 43 B
643 B 25ms
9ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332160101_170181290_QTSOHO0201A20220819&ref=27513879_4307561_332160101_170181290_QTSOHO0201A20220819
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545128045965475840/300x250.html?e=69&leftOffset=0&topOffset=0&c=s3OJ7jLb7l&t=1&renderingType=2&ev=01_247
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 07:33:46 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FBE5 7 KB
6 KB 126ms
82ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f6244773c00be797fbeb7872bd657b0d4ac4145aef01d13128ff24bfb3ed07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5627
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FA6 0
20 B 76ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-f8VWUkYY4yxKci6x_APkvKR4AIAAAAAOAHgBAI&bg=!DA-lD0vNAAZTikH4c4o7ACkAdvg8WstDiGDwUskGud7M7EV4AR7TidrtUEvi8hAlbkII2ZpfQL7AZAIAAAFoUgAAAAJoAQcKAEGlYu_wzukOtVDSL_F2t64uYRZzxK33_kRAvNkDoU-uwsjSQFssgIhnU4alYVCBr2ZNo5OAm1eoHJnSVTs5mZkrrJkC7dkOY5fONRQuel7AI6AWpTF-0sjs22Vsz4j_7RuPWtJUhSRU9WLMzvrITToIFJqmmvi71PTUkDOUnFOgvenHZniwvyoFp6Jaae6x4dMp6p248lpmShO4i-ovCO8t3ltncjCyMHpKQyDM76Q8x_Yqdkwd8aqJtc5CV-M4gwDtDuTRI_mCsXbSqkWp2WH9bUMPgBvp-9BElEeO5d5rVjsFNAuFJnSe1KT6A3XjuvFas_cjnQWF0SetklujqdVH8MA9K6_4ndzuKrkxIg5n3KtCF8mtINM6b7KDMz5dSA4YxHlr17FaVxbYAvzXqez1nZFWSmP1duyOWmxb4GK9InyoDsEklh_kfBJDcllUHhWpuaNMmIVxPESDuOuVdWElDKRjkaWD5666jehCJE27Kqh2X79sUmVj6HTDaH7p2u3HD-Eyyg46n0UUmY9-CBNnvxwRJEGdZmlWfTN79PVOGLsiHtxpc991Y4rcg39uMT5_aygJgKP5KvGVhGDdu03zTl_FENgbrgZlwdPTkinq9qxm59gYK6rG8v8dCgyDKMwQsllWQ3DoLUYmAgAeAfrn8MKdsEtqpUElw39elfhoswl2RfSOaODJ4zzPyCpaB4JYNkRnGX1PU-Sfvi29lBygx8g6lk2AR5Y-LQwN11eVFwH6jZ8P1izVvSsfxQf19wISMl_YeuE5TvMaPrHChW2D1bi7ua0Fb_M7aOPeu7px27Gh2zOVbwBY7QkLMi3B7X_gyYh7Luy-kD42Vu3KtsrRVB7zxUUkgRTmU-Ue9e-B_meVtUboESgzpUHKVv17mnzvIZILaiatSjipPr-Sju-oiEj11NkfqdSO6zIdH2TD0ZrTI1n039F3jkcd81oPx1F7mLZVWIGDAHFJ_26w-rbWQA07byvXcWkEcWE8uvwAT9j4-wD5ju9hWDX579YAEYFd2ysjqAt2XlRe7ImWRew0joUtrjlxyU-yoxA2pgBOYjqDRO73HMfAdGWFtPpQBkZo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 46FB 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwYskWUkYY8vSK6Wwx_APxamwoAsAAAAAOAHgBAI&bg=!g4ClgMTNAAZTikH4c4o7ACkAdvg8WlG72AvS97rWYXk15i-Ygq762UiX1xT6NlfamiogMEz_Ds4MKwIAAAFHUgAAAAFoAQcKAEeM2iRJGqPbFD2RBplVoFdr7OJgzhxREeVEpF_VZpDh3OXnbCYcYAr8g7Mal80BJg93ZtSDAHo1HqoaxsEavARhSPTW8hlKVpkC8uJ749Sjbj_tpVaWuSVULLw2nhL5y0DnBFS4m0KToKh5AWSs-_8MOaVE26L8KPI5MX3-6719KqlUJDTG2sBJjFiMKA1jTdqS1W8hY6z1hIQAZdxq4tsxksLSJ3hKIiYz_3Kz1dPY0eRI-hyT8ryoowGztVcb8Ga0ly6qxYVoGCtwqzuH1FMY2xgHhtcMmWxMMrsQ6M7XZ8jQ6u7ZNZAEc6IlauMx7DCOqvn1w89Hv_bsMh9xbYAOkMC2QNuPIcCCbynsKSkLxpdKlCjrW9SzhtDuqNM_Jbh9mEEJ5xh7iNeJNwyszOvo4rZvc_HueLEoeERxUDQk-eX6P5vNR_-Q-Xp6paFRazWAwMHw5QfLrAB3eQki4P1Q3hYWX256dgFc47ZqA9gKaiFxo_-HX7YRklW6lJboicVpKRuEhMFjSV7GyI4GJsa5L-dsa4k8kFj-UpgX8ID6HGL5qs5vWK6a6jUBLq1zHM7zTNhK5IOW4FkT1SyBk9H2KhNZad6aLOngFIwIFBisg9JdGXlKpDfBEtj63PzTBVANZq3xgkYIeLrH_Raal4BniEmyXseI_QxcCVMC56hhjYyUsQNpyW2wANk0ZOdtXpufVRUMTMtuy_10UcYKRr3nsXSUP3PLXpTdH_uOUsrNRBvcOPepvvThhcwHJbiwhy-KZAG3bzGR6RrPS9ovQGpyD_8Swb7esCRb82YW_N8DSOssIH0-MiiIR_aUBXqRyny_Lcj2ZGaIL6u7Wi50QnH3ObM2OJQb2tdGyXOA7BPRzUKDhFhzCPkDit6p5jfTzt4JvIzt9UoSHORvgmFSSN91Ys_R0iboI3xWm4I5p96VczdGNg2j2L5sudXYf631Ppb45QAU8K9EQdydfLigNJvmYJAsvusY_Oy6x7YKr08sa5D3LECxO8e8MUnmbkB7aH87v4utGnvWBgnnTbEz2HLr_cUOykGYqEnfCI87JJpnUoQIzycKxEhSCNZreLjkAdJyAPuflb2TD7Jf3fU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9CC4 0
26 B 67ms
67ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1T0XvTf8igFJPXXNnAxesZYaoVya2hnnD9eVhKmQiB93rPDDT0mYB4Gi8dKmI4Bv2qki_VrvHuEL84wIglQfPGEoCtK_fuQTBQSmJf5d_b14-FoQBGYXlb9VWV3vIYhpTCB6Y_Ty6khw7uqfy-xEPh7uu8tuIDbbFNpbwCrRjMGfLPaPWcuJaXDrbhcouEIpMyY-X4rwBs1MSZTakXC76bkZVauTt8VJbO4-aOpn_vfWJlq4B6m8vxSUSA2Qh_iooi7ZBiO2pwZXgU-aVP6zNzq5AvmLCYohLa0qn1Kcz9REpgIPODBpnHjQPo8S3YFMYmWXytV-DLtz65FIFB-sLiBBJo33M7hUvASx9nAvPxnVzuTthA_PP5pKuwtnbVpC-Y4fgthsd-KLqzFFxdWrKIotrcpTGVS53HWnQOgl8edwHZ-F2X7qG_ZPlwJJs9IoALtM-0BDwgPXENRr0OvCDKccZxEMphCSMg9RZwumqruEFslLZu3HMIKaGJeiQ_D9wiBAQuGvymk0URilTHouhegT8s82lZXDrJgs_FdR87LkEC2lIgjfmeswpjcn13xJpjuX6QCcTJWzJD6dQZXSaOWHhn1d4ziOPkjaGaVLWrPrRdkDtDUIrkJnbDoGEoSb6g0DMp1GqZ3BG2s89c90lR-lkw5vF7cz-fIBABRBG40RYABR_L3VTBQOR1TKg8vFlo1zvhmPxgH-x5ORNpXMrI1w_1YZIF72mx5vG3jHdDz-I-qBbRoSJknE0L_icYxb8I3zy7RGYC2-n_dVhUfzLlC091DMWQrGIWv_wmHb0k3162Q_wIfWiN3BjVCo_4nGINz5OEX94M1-N9cFNpGpInuhgceTXMXQxaEO4e0blIkSZCDbkmoS2oqGBfG9FJhy7xgWkbLxCRHtoqlOIt4Z9YYJSpX5DQLQUDKTGjAIvtOIHw0mqamxeoZb0FvRI5Tr5fuUusZZdZ79EJzfG2BEGtH-I-6SlH-zDX55YTUCIpXugAHFAu3z7e9JeldwXwublGzeDDgzykkT5EHqSlKBUw9zj1BhH9-7x_tr21RPtKiPQ3qv7Ik2wD9_SfSSDGdaNCzgGiQk0pTa4lif4ptVMR4tQlF-CNlnlTLIvS_bFCAqXNoggsRrfJT2me6g3cSrAOiRVOBhde3LjvE2nycAT7IRdBuz2NtWU1tw2TelzXB5ysLtWxpM2vq3ynNWs7wdIOYaKUWk0jHTRp7NIRHK7IUodrahJAiiFQ-g&sai=AMfl-YTry9ZkFxQCN7f3Csbgpv99fkQOCuNYGe25KxUYzTFUODO7ZSzPzCE-jKe-dLO95QA09rj86VhkDzcPCQWednKcQct7rUu2Ch6vRZOXr4JiMlcVk34dAIb4I5SloqyCyBRNTA4QmIxMu4vC170huNHvf04vnzbgyrsM-WVm0cZXEN-Q9maQOqfO4fmG8nP80OMTbnkj7HROKXyJHVyhRHqKYZE97ls&sig=Cg0ArKJSzNpI0ZsQX7NEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=863&vt=11&dtpt=544&dett=3&cstd=317&cisv=r20220901.53765&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9947 16 KB
16 KB 115ms
38ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 559401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 20:10:25 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9947 15 KB
15 KB 116ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:45:00 GMT
x-content-type-options: nosniff
age: 600526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 08:45:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 17F0 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTXCNWUkYY-THK9G5x_AP8s-TmAIAAAAAOAHgBAI&bg=!x8SlxIDNAAZTikH4c4o7ACkAdvg8Wmu2Ioj42LU_yezRWiYaonydPxchglMoYSwiEOhK8tjBNrEZsgIAAAFsUgAAAAFoAQeZAu4O9CQxBqmmOT9uu2Dv0UOThNJ6bxEU86XL-m9uT101pHIxT9oGzmPQjIkPF8eezIUxF_cPbs2noY1_l__hCAlPZAVPq88EbukXBzCl2hWNKqajnKs4c_a987O2b_kOhh9LKq_5zQb7ZAl9ybtkdEG37eElAcfezOUtnb8SugZGfQ5WBFBrLOENZdNpujR-UFA9qqyAa7TgLbBlyN-lPFx4Xkf6dvKr6Ho_DwoJJSfBoUIkzVNUkOuJilOcp9_si6uBtyfHB7-TNuhB4AHGwvsPLikcUxglwkAZrjL1D5M7XhCrL9x8YHivNY86ZG8W8p6jI4InCtgGElI8eU3i8bS6NlZyWujQkrv6JzYrl-mhypEd34PbWmeQBp3tLPzHm6DPoPl7q8o1fym1ZtbC10lv37gxwvHPfvuXHZZLJOpS-waCO8lXOK6CqLC8w4mbDihpOop1Gna4FRHrcAM16tc61h2Gt2mg8Js3m6DX-R51FJxNsmfS0t_fVVvBs0WQNLdDOyOE0zmUV9sJp3gwbmkwnClQt4-GHbVRoaUKCHcl18JYlxUqdWg5uk366LdTeZERPv6ssR7AvCD9UF7A5rYOoM6a3MKhQ-s9F1Ps5SZGIqsSM8e5sZjDssxcLRY459JMP34-eNc9s1QSUssRH25Fca7HfLnQ-2j69pD_3X5KsQ7BXMXDATHV9mSGEax9B2aGF1FaRuW05ECsc5hHScp5in-2funxZszh3mF3Hb4VWj2kDpWs0EoiMcrVT6I3ULm1GXZE7ua8xdQFJpTKURCWP2M27i_i1yStDIlusgySo3ovOvWmMMuLcbMd6jER6yRWVCwXQpgdGMTTel0skTFhJjA5f878hvBgYTl7Ww0bfFiAc7BV8ZGPraBPwh5FseisA-9KsiYo812DiXKeS4BAduSvBmtl8oWI02ASsOuL0gdxCHfnDlQ4QQk5hZBH7A3JgScqMoXf6EEJRe6a6gt3AFFsYPbvIaFRibuLXhs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C3B 16 KB
16 KB 114ms
76ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 559401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 20:10:25 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1C3B 15 KB
15 KB 102ms
63ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:45:00 GMT
x-content-type-options: nosniff
age: 600526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 08:45:00 GMT

GET
H2 200 videojs.ads.min.js Show response
www.ynet.co.il/Common/Api/Scripts/video/ 23 KB
8 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/videojs.ads.min.js
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6594b0e243c5017d9a9551c307c96ec67632b3f0887b2ca6652fbddec9c278c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 14:58:59 GMT
etag: "19e2814b6ec1d51:0"
vary: Accept-Encoding
content-type: application/javascript
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1927519
wai: 02
accept-ranges: bytes
content-length: 7703
expires: Thu, 29 Sep 2022 14:59:05 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5394 42 B
64 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvw7lByQ_sj54h9CK6qqJJONucyyQcx9jxbyEmAzdYwMkucPFhqEEebBomTDt5aqdYBAvon1AKPf0QLFpla8cTMR13QNUblk9fG5e1V474EZmkbHH4MFukpumyzu-0uqz1SxOCS780&sai=AMfl-YScxlXfa5NfH2QfLau0t7pDtwHZqrfzYeOUcrlGM0Ai2exoSDQk2jhqwhefpuPnUeWu5fnM8i4-R6H_5-4V6YQzSMJFmlLTJ0nAb1PozgAh6MKnIauiqrMmraoBBeE&sig=Cg0ArKJSzAdNSFwvZHV2EAE&id=ampim&o=315,5&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1013&mtos=0,0,0,1013,1013&tos=0,0,0,1013,0&tfs=321&tls=1334&g=100&h=100&tt=1334&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3316214643

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 videojs.ima.js Show response
www.ynet.co.il/Common/Api/Scripts/video/ 81 KB
24 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/videojs.ima.js
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fc1288a71f843816808b8082a1c5098df6586a8f69d605b3769f9259d5731002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Wed, 06 Jul 2022 12:21:03 GMT
etag: "c859f9456ec1d51:0"
vary: Accept-Encoding
content-type: application/javascript
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1831529
wai: 02
accept-ranges: bytes
content-length: 24366
expires: Wed, 28 Sep 2022 12:19:15 GMT

GET
H2 200 videojs-contrib-hls.js Show response
www.ynet.co.il/Common/Api/Scripts/video/ 721 KB
227 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:282::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/video/videojs-contrib-hls.js
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1fa531f81187487171b5d884b7b87ce7ffd31815f9f2b4a08c3632d4c5ca1ee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
last-modified: Mon, 29 Aug 2022 16:38:45 GMT
etag: "74354ceec9cad51:0"
vary: Accept-Encoding
content-type: application/javascript
v-ttl: 0
vx-cache: MISS
cache-control: private, max-age=1847090
wai: 02
accept-ranges: bytes
content-length: 231658
expires: Wed, 28 Sep 2022 16:38:36 GMT

GET
H2 200 image.png
images1.ynet.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/ 235 KB
236 KB 7ms
7ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ynet.co.il/picserver5/videos_pic/2022/09/07/4HHVJB6O8/image.png
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/video/videojs.ima.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d9db27d4ca79f2af0936f4a1ab1c13ddb8a8203173710c43c659cf4d1e0ccfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
last-modified: Wed, 07 Sep 2022 04:41:37 GMT
server: Microsoft-IIS/10.0
etag: "8e77bc1d74c2d81:0"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2582564
accept-ranges: bytes
access-control-allow-headers: *
content-length: 240657
expires: Fri, 07 Oct 2022 04:56:30 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK ynetlvestylogo.png
www.vesty.co.il/images/ 2 KB
3 KB 9ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetlvestylogo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf87c3de097880a202daeb3676a61063e99094d3e72400a31523bc18e6c17d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/syrrynhgi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

backend-cache-control
Date: Wed, 07 Sep 2022 07:33:46 GMT
Last-Modified: Sat, 30 Jul 2022 18:43:18 GMT
ETag: "fa1069f3a91d61:0"
Content-Type: image/png
VX-Cache: MISS
V-TTL: 0
WAI: 02
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2362

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D339 17 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FBE5 17 KB
6 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DE28 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 07:33:46 GMT

GET
H2 200 master.m3u8 Show response
hls-video-ynet.yit.co.il/0922/7264c49e2069785835c3e746418b1a45/ 343 B
919 B 82ms
23ms XHR
application/vnd.apple.mpegurl 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://hls-video-ynet.yit.co.il/0922/7264c49e2069785835c3e746418b1a45/master.m3u8
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/video/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 7cf034e3caab7ec41c2ec8e8e6d78511ab74443507b93c6a9fbcf44e2684bd77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: _U2Mutjk6Qh1FY5ASu0HqS.v1ofWusqn
age: 10323
x-amz-replication-status: PENDING
content-length: 343
x-amz-request-id: KFZBCXRHF5T7A4ZW
x-amz-id-2: HTXa52vBUrOL1icQXlq3UWkp6rOvXvSqA9XaIEmyS7D04txVfLTdQUI3iU33nwPsxaSdUpiyMVs=
last-modified: Wed, 07 Sep 2022 04:41:27 GMT
server: AmazonS3
date: Wed, 07 Sep 2022 07:33:46 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.vesty.co.il
cache-control: max-age=2592000
accept-ranges: bytes
x-llid: 998464b64151c470da3030e4c21a2956
expires: Fri, 07 Oct 2022 04:41:43 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7282 0
26 B 67ms
67ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZBkUBhJBYsTqgkWnMZoeMfCLgqqFg1A7jmqpvpDgRSnPBU448GuykknnYkbGQNDpjWLz920oR3f9DHZW44W5Fkx-j2MCBFiH4PIcA6wBjHnLlNe3F2w9Jv9_I30fY4fUYGuXA5NpjVHBetzwiZTqd8QGMcxNgoaCcA22VV6Php7bOJXkENqwIdhRZjsX5jEP3ZU5EMeKaf0L5l1VtrpIrDkx6gLUHY_9O-Jt9qpqt9c51EP7yaIAwKqIfi5Or4XXiTQ_sC3dmMnFZskmFrUqDvvbCZfEPoyBHpBjpM81FmsNECi1jy8VuwhjEMlGyTTyeBv70QeMH_NkPB1lqeEQCeVkhe04mxsnDrNQiRHeFGsk7y0a_DvmjDdpKNmpeR8vn-R6g-rAgekO2ro0Cw_BeW2HejTrM3xdzKvYo5GBbeYGE8BIHPjh3WcUD2CuBwke6mrPqDip-9c5tuatkyIGzJNRwB2x3RFw1sLxIYc50876LmkQafd8N4p4139zmzYCfAYQfKNpMaicaTChW1Vqpyetemp4vORfB_2jjeZRt8qvMrhfyZVFgOfP6nD_Mb2ChbouWBG8fz0JJVIX2Bff2OJ2S7xUhXK52_knMtTP4vgyTY-BlYGCNkW0mFW30jP2GaGHUC-WdsJUMowck3rSv7enIbaKGln0JNb6mLvFTjLmVo7q-UKk672YqAEaA53IMatLoG6SQ2JBMhG_yG3br6OGF2c0gT9oa4w-zle_JA-EKvZJS92lqPHX20In_BE-t_cbuPfhKGmnWE9vXUpm5Qo4yU33qa7WqDS5tDnPqFfD-hm-FHL1y7Jm3yiqIcFogp65KRXWp2516sEMTuRaJCc2Hb46c4b8SgoywexrCDYdbY4KJW9YDR2WdDbTZIrYiDYMFWAxgnfO9kkJRx9u356AO7iwKZvAPYbLKkhPbg7107m4iOyZJaYYreLbUiMdeLuyUr4y2P9_MsTDjbzL9f4jHe8rAOwkNRFoXW2Bf-rrUqfli1YT2LPo2eYzVqe0n2u92dW62qymH_CXBR1ZKPPwHyvBBpeT3_gsz97xcBE-e-q8868GhBDc1HP5ne-ujfyf-nQm8OPf5sMEXuf8JPDih-NZJ-i1VyZrrE3RDVFftnV_KWSa_Yi7wjVlJ_Su8gHNZJIV0EE_0nE4f3lDZp693EUJMabTCNVeYebrlJzyLhjKrvdSQEnZmQNGdv4RvdJAXbmv3c94xwK_ug5SjKi81DT9vmW7n__U&sai=AMfl-YRUzrX9iMjpy01kQwViJpt04B3xCvM_0ph4X2WmwsKzW_lThuoWapfIt0UEXqw5BQ28NHtDLFwr3osckdY7nB9AepXpcus5GeKE6dU5B0h0oDvJbdcMYPKexi8FS1bqalXBb5aJLTd-PUy5vn5R-tBfQheu_Yqm8IXbZr72hK66jxsUgl61GyUCPZ_HOXle0znggBbWZ6uHKSYuBU9VwNx0DCntnVo&sig=Cg0ArKJSzP64ekL7RuL3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1014&vt=11&dtpt=709&dett=3&cstd=304&cisv=r20220901.88294&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/syrrynhgi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
BLOB 200
OK cbbe22ce-74c5-4823-83e1-33e2c876b5d4
https://www.vesty.co.il/ 721 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vesty.co.il/cbbe22ce-74c5-4823-83e1-33e2c876b5d4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9d2c6a25e90b0ed8b3d9d794e3af37949365949e081d60a7e4dba916ce5df61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 738408
Content-Type: text/javascript

GET
H3 200 bridge3.528.0_ru.html Show response
imasdk.googleapis.com/js/core/ Frame 618E 637 KB
206 KB 112ms
38ms Document
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.528.0_ru.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4be2c87d03ea928ef02504135ec91fafa7687c52beef03e19c756da6bd12511d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 525643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210809
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 05:33:03 GMT
expires: Fri, 01 Sep 2023 05:33:03 GMT
last-modified: Mon, 29 Aug 2022 20:41:35 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 528ms
528ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Sep 2022 07:33:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 118ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 120ms
46ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 07 Sep 2022 07:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 49E4 36 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7878 36 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6914 36 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 06:58:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 06:58:26 GMT

GET
H2 200 master_360.m3u8 Show response
hls-video-ynet.yit.co.il/0922/7264c49e2069785835c3e746418b1a45/ 1 KB
2 KB 25ms
23ms XHR
application/vnd.apple.mpegurl 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://hls-video-ynet.yit.co.il/0922/7264c49e2069785835c3e746418b1a45/master_360.m3u8
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/video/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: be292ec682dfc6f3a7e150c3ef0bc89adf714e4c9eec632cbb412c5dcf6b5365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: oOPBPqnSJ3V0FXI7AXKAKo8XCQSfUhxe
age: 10323
x-amz-replication-status: PENDING
content-length: 1079
x-amz-request-id: KFZ45HBB0RPPV7MB
x-amz-id-2: FI1m26gkgx8V0QRcy6X5FSGjOUwyKaKB9PvRB2mahmHkzNUloJE+xJDGGGRtn9fVKoebgLAq5iU=
last-modified: Wed, 07 Sep 2022 04:41:27 GMT
server: AmazonS3
date: Wed, 07 Sep 2022 07:33:46 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://www.vesty.co.il
cache-control: max-age=2592000
accept-ranges: bytes
x-llid: 61ea0a5e2ca7ecf7290ae704b979d389
expires: Fri, 07 Oct 2022 04:41:43 GMT

GET
BLOB 200
OK 1b9ee162-8ece-49d5-8e37-04f87aed38cd
https://www.vesty.co.il/ 721 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vesty.co.il/1b9ee162-8ece-49d5-8e37-04f87aed38cd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 743e829cb2018fc3fc2449d207c09679200ec92b957d8f30b8f362635b07bea8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 738524
Content-Type: text/javascript

GET
H2 200 master_36020220907T044112_00001.ts Show response
hls-video-ynet.yit.co.il/0922/7264c49e2069785835c3e746418b1a45/ 181 KB
182 KB 24ms
24ms XHR
video/mp2t 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://hls-video-ynet.yit.co.il/0922/7264c49e2069785835c3e746418b1a45/master_36020220907T044112_00001.ts
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/video/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0fd511263879386c055f5996502375cacb606715c3a0638b3f7bb240fb0d01d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: wOh.mnoNvwMNDhU3vPpYxkwRDwFD4HZH
age: 10324
x-amz-replication-status: COMPLETED
content-length: 185744
x-amz-request-id: KFZ43MY30DE5P7M5
x-amz-id-2: xObaXUInIMWxSK01dSuTnT6n/iaBSkw2pZzpR12huRPjTGIYA/kAcJG6ONv5pUmkdf2WmBucc5s=
last-modified: Wed, 07 Sep 2022 04:41:14 GMT
server: AmazonS3
date: Wed, 07 Sep 2022 07:33:47 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST
content-type: video/MP2T
access-control-allow-origin: https://www.vesty.co.il
cache-control: max-age=2592000
accept-ranges: bytes
x-llid: 015e353fcda999d210b21dd20183e7e2
expires: Fri, 07 Oct 2022 04:41:43 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20AF 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvv3ttiHGwfv3AKQwJqxqYBKvOMHu-yQnJO66MN7Lj2lCWMZONZklkMsZu77hGVYCtbaGzTouwHmRi9xmuWLhjqP-1otHbPyum3xLFGFbJYLGv95UhuKP2g_buMy2FCHa11MwEdZz4&sai=AMfl-YSvzSe2dD9gbhLlBKJQTaRj5wliOaw8IzDSqju3tCiPai6OZFbY-rKrnE7T24h4TGOz5puSilg6YfI9G9OjVRCbn7vccIPJlSl98zfiO3DeyxKqC4wEfSYfVfwXJo8&sig=Cg0ArKJSzAL9Bg4cdwGwEAE&cid=CAASJ-RoLdzO0k0fNfB4uOz8geZTnh1e40VlbLoigzM9dLT9EEmXSOVpqg&id=lidar2&mcvt=1034&p=441,990,691,1290&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2719528268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662536025379&rpt=646&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220906-5-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 1238
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: 9h5YrrHderO+SXOqHgiSJa+4chw7NI52s/iH/ZTLC1y6ACPsvzCC2VTu68r8azHJi4/UfemKLq8=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1662536027.089686,VS0,VE0
date: Wed, 07 Sep 2022 07:33:47 GMT
vary: Accept-Encoding
x-amz-request-id: MMBKEV2KZA9RA8NR
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 74
x-cache-hits: 1792

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CC4 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdPJnWjkfW3zK3sGxDt76tD2KVnOUlBvEcAkublPrEl97Wr1pSyovmftFdFHTmypoBgoacZoZIhm4CQPjyQZ7hbmNqipKJRJJTUjC8Wa7PGnM6qx_tpMe2NMjQc1XGyOte2vJXLi8&sai=AMfl-YQMx2n4DOIuLQlGszqGlI0ZwTlLUMkduPLSXS_nSEQtlDS1qhKYe5BeZL7uB2oZAAgikp2tp_WOfEG_wTOg8CKfvdgEwuZwEZNtV3NYOM-1mOaxSefgS7YMLol2OII&sig=Cg0ArKJSzCxCR0rWVocEEAE&cid=CAASJ-RoY9u3A1NPZlQheBc5mC7XlJ-U4HxZcOtsj0IY7Z-7kGl1WdcTmA&id=lidar2&mcvt=1041&p=0,119,40,160&mtos=1041,1041,1041,1041,1041&tos=1041,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=943949322&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662536025390&rpt=536&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7282 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyLDtklpwjxovVRHW-qFc-UZmLfBCZLeSzDTHZP0d-olfGTe3z5ua7_xvr5WyDNeVYS-EzQ3krm6hGD1z-ACGaQSLtEKxsX7__gabEof__J0TfSa6Kr79_RX82kyAN6_lB21nhPa4&sai=AMfl-YQeJHMd7LCyG3xH2kCcwIYlnCIU6rj66h49ghjgTxy7faZhP-cRq0kqPGp7U4vi6ziwKkeP89w5raH_lj_Y5q9sfKQ-AcADAZndtrg5s4iCaE922Rx8kxg9PJYf154&sig=Cg0ArKJSzDQQkBg1xIjVEAE&cid=CAASJ-Ro3lk9CnLsAq351JP3dqm7OrWaSBz4nrwW82y-VYV_bf1dBtX4YQ&id=lidar2&mcvt=1039&p=0,1559,40,1600&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=434469519&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662536025393&rpt=573&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Sep 2022 07:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
240 B 21ms
6ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:47 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4023-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 542ms
134ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=d4f08415-8fee-4b43-a831-405f49ab8fed-tucta11ced8&uad=50188cba606965d44a4ee00eeb1e29a5b582c06a3e065dffbd0b29391d5a7497
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 07 Sep 2022 07:33:47 GMT
cache-control: no-store
server: nginx

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 618E 3 KB
1 KB 197ms
86ms XHR
text/xml 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x480%7C640x360&iu=%2F6870%2Fvesty%2Fdesktop%2Fpreroll.video&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&description_url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&correlator=1045221484153213&cust_params=VideoPosition%3DPreroll%26dcPath%3D50.Vesti-13147.VNews-13229.VIsrael%26yncd%3Dsyrrynhgi%26autoplay%3Dtrue%26VideoPosition_autoplay%3DPreroll_true%26view%3D1%26ynch%3D50.Vesti-13147.VNews-13229.VIsrael%26user_intent%3Dtrue%26PositionInPage_Autoplay%3DATF_true%26autoplay%3Dfalse%26VideoPosition_autoplay%3DPreroll_false%26PositionInPage_Autoplay%3DATF_false%26user_intent%3Dfalse&vpa=click&vpmute=0&sdkv=h.3.528.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.7.4&sdki=44d&ptt=20&adk=1312419426&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.528.0&media_url=blob%3Ahttps%253a%2F%2Fwww.vesty.co.il%2Fb89f05f9-3645-45ba-8a29-f8c3dd6f49c2&sid=168F39B5-1D42-409E-8782-451BCF23426F&nel=0&eid=44730465%2C44754420%2C44760950%2C44765701&dt=1662536027282&cookie=ID%3D62f2601810969a7b-22e8fb7417ce004a%3AT%3D1662536024%3AS%3DALNI_Mayx0LS2LScY8I0GYOsshKy5kTxPw&scor=3470532850494367&ged=ve4_td3_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.528.0_ru.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94791c6f5be28748a4d1bd0a3c0a6ecd133895284a5041ce30dcca14c11cfa2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 932
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 170ms
170ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:47 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 169ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:47 GMT
access-control-allow-credentials: true

POST
H2 204 demand Show response
events.browsiprod.com/events/ 0
101 B 169ms
169ms XHR
text/plain 52.34.171.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/demand?p=2caaa369-09cd-476f-b805-f1cc2d3994a7
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.6.20.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.171.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-171-162.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Wed, 07 Sep 2022 07:33:47 GMT
access-control-allow-credentials: true

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 5 KB
2 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1998
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 20e27cc06a4e18fde8359ca8899b4f84.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 11 KB
11 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/20e27cc06a4e18fde8359ca8899b4f84.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:47:01 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10763
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:47:01 GMT

GET
H3 404 undefined3n8md4
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 9947 43 B
68 B 85ms
85ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:49 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 07 Sep 2022 07:33:49 GMT

GET
H3 200 fb5105e64e37009d8a7ab6f4d3b49b47.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 9947 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/fb5105e64e37009d8a7ab6f4d3b49b47.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:47:01 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3040
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:47:01 GMT

GET
H3 200 06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 5 KB
2 KB 40ms
39ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56811
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1998
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:46:58 GMT

GET
H3 200 20e27cc06a4e18fde8359ca8899b4f84.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 11 KB
11 KB 41ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/20e27cc06a4e18fde8359ca8899b4f84.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:47:01 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10763
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:47:01 GMT

GET
H3 404 undefined3n8md4
s0.2mdn.net/sadbundle/9373486604597640658/ Frame 1C3B 43 B
68 B 130ms
128ms Image
image/gif 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 07:33:49 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Wed, 07 Sep 2022 07:33:49 GMT

GET
H3 200 fb5105e64e37009d8a7ab6f4d3b49b47.png
s0.2mdn.net/sadbundle/9373486604597640658/media/ Frame 1C3B 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9373486604597640658/media/fb5105e64e37009d8a7ab6f4d3b49b47.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9373486604597640658/45d92f8f595e6f0d29129d0a9e75108b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9373486604597640658/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 15:47:01 GMT
x-content-type-options: nosniff
age: 56808
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3040
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 13:49:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Sep 2023 15:47:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df32dab631e9994%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff4779d5551bac4%26relation%3Dparent.parent&container_width=490&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fsyrrynhgi&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width=

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vesty.co.il/	1970-01-20 14:34:32	Name: ab-checking Value: 19
www.vesty.co.il/	1970-01-20 14:27:20	Name: dcsyncundefined Value: true
www.vesty.co.il/	1970-01-20 14:27:20	Name: tmcundefined Value: 1
.vesty.co.il/	1970-01-20 07:58:32	Name: _gcl_au Value: 1.1.1311986289.1662536025
trinitymedia.ai/	1970-01-20 05:59:00	Name: AWSALBCORS Value: 7C3Z61bp7FfpDiofRJ1F+vWnwoaYRe8TA8QNNVPvgZYNAhrcvDLEO6AJH6j68atFqk0uDkxtbGlXmF0apNoZmneqbAbRd2+xdIAv6LTqvZU96ltRzZdrw+1zOYLe
www.vesty.co.il/	1970-01-20 05:48:57	Name: __browsiSessionID Value: edf854ba-5428-4562-9c83-16bd6bc2ba86&false&false&DEFAULT&de&desktop-4.6.20&false
www.vesty.co.il/	1970-01-20 14:34:32	Name: __browsiUID Value: 110392b4-011e-410d-aba9-9756cd9e7a57
.vesty.co.il/	1970-01-20 05:50:22	Name: _gid Value: GA1.3.1116705052.1662536025
.vesty.co.il/	1970-01-20 05:48:56	Name: _dc_gtm_UA-5536870-20 Value: 1
.vesty.co.il/	1970-01-20 15:24:56	Name: _ga_HBGSDK9P6D Value: GS1.1.1662536024.1.0.1662536024.0.0.0
.vesty.co.il/	1970-01-20 15:24:56	Name: _ga Value: GA1.1.1105187979.1662536025
www.vesty.co.il/	1970-01-20 14:34:32	Name: TRINITY_USER_DATA Value: eyJ1c2VySWRUUyI6MTY2MjUzNjAyNDk3NX0=
www.vesty.co.il/	1970-01-20 14:34:32	Name: TRINITY_USER_ID Value: 8c624845-275a-4bc3-9e8f-76de13974ee7
.vesty.co.il/	1970-01-20 15:10:32	Name: __gads Value: ID=62f2601810969a7b-22e8fb7417ce004a:T=1662536024:S=ALNI_Mayx0LS2LScY8I0GYOsshKy5kTxPw
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: c7ItP_Gf0Fg
.youtube.com/	1970-01-20 10:08:08	Name: VISITOR_INFO1_LIVE Value: 7R4pMac_dMY
.doubleclick.net/	1970-01-20 15:10:32	Name: IDE Value: AHWqTUlE1IdrGp7nSsdwnl_b2g5y5A6ihgsCaJK24jFEvu35GgUyp0uELha1vqpRglA
.spotxchange.com/	1970-01-20 06:29:15	Name: audience Value: 67d122ef-2e7f-11ed-803c-129210fe0206
.doubleclick.net/	1970-01-20 05:48:59	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 07:58:32	Name: uuid2 Value: 5384114844301597816
.casalemedia.com/	1970-01-20 07:58:32	Name: CMPS Value: 1164
.casalemedia.com/	1970-01-20 14:34:32	Name: CMID Value: YxhJWd496lHOAZx6T..ItgAA
.casalemedia.com/	1970-01-20 07:58:32	Name: CMPRO Value: 1164
.adnxs.com/	1970-01-20 07:58:32	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU!q*S+!!]tbPl1M>e)ZlrFUfJ+tGXxoeLC+spHM1)aavy]9F9a@8?TrY'Oyyw+'vn.@3If)y3KL9D3I?+=OKNZ2
.casalemedia.com/	1970-01-20 07:58:32	Name: CMTS Value: 1187
.o2online.de/	1970-01-20 05:59:00	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27513879_4307561_332160101_170181290_QTSOHO0201A20220819&ref=27513879_4307561_332160101_170181290_QTSOHO0201A20220819

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.vesty.co.il/main/article/syrrynhgi(Line 449) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://cdn.permutive.com/6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js?d=2022-09-07 Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/sadbundle/9373486604597640658/undefined3n8md4 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5318acb27f1021eccaf5c6279a8e54f0.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.btloader.com
btloader.com
cdn.ampproject.org
cdn.browsiprod.com
cdn.firstimpression.io
cdn.permutive.com
cdn.taboola.com
cds.taboola.com
cf.dxmcdn.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hls-video-ynet.yit.co.il
ib.adnxs.com
images.taboola.com
images1.ynet.co.il
imasdk.googleapis.com
imprammp.taboola.com
js.nagich.co.il
match.adsrvr.org
middycdn-a.akamaihd.net
mrb.upapi.net
pagead2.googlesyndication.com
pips.taboola.com
portal.o2online.de
pubads.g.doubleclick.net
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
totalmedia2.ynet.co.il
tpc.googlesyndication.com
trc.taboola.com
trinitymedia.ai
vd.trinitymedia.ai
vidstat.taboola.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.vesty.co.il
www.ynet.co.il
www.ynetnews.com
www.youtube.com
yandex.ru
yastatic.net
yield-manager.browsiprod.com
ynet-images1.yit.co.il
www.facebook.com
104.18.19.126
104.19.149.54
130.211.23.194
141.226.224.32
141.226.228.48
142.250.185.102
142.250.185.130
142.250.186.34
15.197.193.217
151.101.193.44
178.79.242.16
185.94.180.126
2.18.235.16
2001:4860:4802:32::36
205.185.216.42
23.35.237.86
23.48.23.44
2600:1f18:612b:4232:b349:7e6b:417:1a78
2600:9000:2127:2e00:11:da61:a100:93a1
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:81b
2606:4700:20::ac43:473d
2a00:1450:4001:802::2004
2a00:1450:4001:802::200a
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9b
2a02:26f0:6c00:282::30bc
2a02:6b8:20::215
2a02:6b8:a::a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:600::300
37.252.173.27
52.34.171.162
54.227.49.12
54.74.111.76
65.9.95.113
65.9.95.21
65.9.95.80
82.113.101.132
0016393da9ef1a445e63bc833c3806423336f0c85926cb3035cdd55fdc702052
024ffe99145eb57f19b2018afe139a905a511945c76ad69f55424576d3f758f0
036e538fe651334fa2925386ba286f5b947bab6a0c019590b447090331bc0e13
048a6099e10c5ac79ff998eb79a4b5d5679e9dbef7cada30c224dfbc262c7fdb
05dafb17a340674bb1ac8a8a5a83a10633580e70b24dd2955a3730cc5a2c28fb
068a432eb7bcaee1a94382700f9d2999611c819e9e61bacbf4acb47bcd94c822
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0ab577cc741322a238c8c5d22617155f4d2f3351ddfcb4af5fab3f95e2ce1362
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc18f63f01eb720a40417ecb71668194eede9c286f6df56a33362477d7cde81
0c2f80e9cbbaa17cba0de561cf869d51718bc70654938f16097e88a8ded034c4
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0d4bef38d102f950ca16ac71a8fb77eac9840c6bbbd85cd1fc43ce12578ff8ba
0fd511263879386c055f5996502375cacb606715c3a0638b3f7bb240fb0d01d3
125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1399288153881097251b9c2878ab6be7ca158e06bcf2e5f44aad6af9d00b5381
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
17d8ad06cf0fe9bbe9aa53afcbddcc74c84b9aa45c4b3b6938c9eb2d7d67e904
1806f19d72e2b328d763fb64435df4928f56e8d6e00176f00321307a1093ef13
181f8af463dbb65952d2e9288430a6727afe075bf86164985dd16bb51822ce05
18c7d9d199a3f0dbb1a093cbeecdf22c2b4266798c51a4f200c79fd7c20ca9a5
193bdfc0d445a36fae5eb4708fb3dbd060d9e63de7be798bc7397328ceba2a85
19bddac07d05157736cce2e79ed4c75020148794a2d8483fa975565e9d386bf5
1af3b38a51c687080e2e0c924cbe278cf9cf38069480e37db75f8a5d6bf72d17
1ca088540c7b9a598900b2e92d609c4377fb2d4ab03514c2e2596d695db664a6
1cc6304316c75c71feb79060ebcbdaec27b18b67a1d6fafffa7881a9655e65fd
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
1e5f73d80cd0bd5fc941c1d65a3a3ea3491a1bc1f221cd9e4089108747a38461
1e92539e06df96dc2373cc3cdfe2fc0bddb434cdcbdd6216def27ed76f916408
1f163e7511da59cb7dce0c04126f9c11ecd8cb5007f4dc2a0d09c59158b80ddd
1f2fb2516957cf9e8fcba382836cd3f5ca0b6dae9446611e577b2d1dbb10ce95
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1fa531f81187487171b5d884b7b87ce7ffd31815f9f2b4a08c3632d4c5ca1ee3
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
22d2dbc68eaac9b4549cc90f546bf3a25c68f34fa86f795b559a7b842c5a11c0
23b53b894e3eb0be8c3c5af2cbd921cccc96635c70d1d75a13d3ff2b6c881cb6
23ee1e06a82304e3251534cef636351d6561554cc2308b015a067e8416509d49
2436d29de150accd2c12d8d0d9573a1a9eb737cf7d3367399c0cb16373350ab2
26524ef302fb603ad0ed898edb691f2c52c0914363f8acae8164b17cc8f73845
2a4ed2abe3225f35c7c8d7b5977a3efc17f8fec639ae76b7c7d38981a4cb1a69
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2c9c8fdfce46e567be13f3c2069ab3d6de3deb66237932fcfd82bb04f4709208
2d77263a48ea0f8d2903e95c94e176bfe23a032a627dda23077a708ffc5d854d
2e13e2b9a9478f68c39346a7155b90321b2fb8a865eb8804781a75815b004d83
2ee68df82990cfc34bcd8b498b2c261103d7e5f42545da5de8ecf9e125642063
309061cc3757ad90fa28fd99c230d7d398f4b68298b8eb93662b766dddd0d790
311eb83d5389fc84ab98b996fd9583c0ca158bcde96826dceb72972f90c0a210
312eb29d1fba194163b2f770a30e7b00e28b36e4d3fae0f37fc874d8b07c6ae7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3616439bf6cbe812465a3ce4f519dc6aa2e11ec95217d92295e4fc8507bfa8ff
36ca7ad2109fca0330c8302c3d82c7b74cdfd82c809d251e58270949ad65f964
37053f01142cbe1f55a25ba58d820579027647a4da0794209783b3dd609078cc
3988fad39f0546ee2da0f837682e67af79a37b60eb39b12bf5719db80ac73fa4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3da550d33721ae136835c223328e06a02f9377a1415d16869bbff8360b699f8c
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3ffbb4736d11df12386851d0041f57b945f285f0d8402d21c8b767435b2cb350
42563be911565fd363167dff5b610f5ee8a1906d1a8f6a25ec9e4f7183ecf240
42c696e26e85d04757438b0bf420efd5616a06d2ec2b29509c66a59f2d2c6b6d
42fe0ee72d234c00771d512eebb45e1c0289a4e427fcc5796ef8eada5cb29077
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119
467c04ccde791556bdfd275e4690ad3ccfcf64784c8089cd5137f3e4f89551b8
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4a4c9e589c88830e29cc1c9391505165d9c6801b3f5da053b6fdd023537f76d9
4a58a73b3775a3ca8046751b4c3869db2f7fe2ecfe13e45f6a378afe1217b088
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be2c87d03ea928ef02504135ec91fafa7687c52beef03e19c756da6bd12511d
4bea8b472628d473bd0d4194da40cc39c45fd356290595b7c74799484a2f202c
4c92903d5602f1c1419e9c647f0db022d425efaaa580d9849e9b6132cb1020f6
4cf30264c26fef49afc93a6e9f4045f4f9e0a5eb0479df70ce2f08837bb63fee
4e565290e0611e2aeaeb83d809fcb9610d6791d8c14489f56c39b49073709d59
4e97600804f99d9b0a37ca25349cafea3ca90c75498a4967afbdc616f7133059
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548c17fc7fc34b8cd4600f616c2e51f94623f27e28f88f64daaebea95b130dbd
54e5a4e9e60432da330be3b3d17497a10b1659c15c6bc14ff3799aef950baac8
550aa3c6bb3966bb571284a76fbc22430f5f02dbcb1baa89d9c5e2a4aa589522
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f7554cc7b33c97e2cda88237977f58ee7bdec0006d1db1579f9debe8321bbe
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d560f4c2cf5456fd153583835853949d67874f5d02bc30f4af03df93dc899f8
612584a834662335f321a867fc27e03419d3620c90db08026c3a25a98383424f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
62d3dc98c507a16e8dc5d9815eee29add7bfce141c25b844e0f6d57afd1cdd94
62eec41f1904765b1d973e774e6b3dee84f1037459149eb858547822ce89f996
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6594b0e243c5017d9a9551c307c96ec67632b3f0887b2ca6652fbddec9c278c1
671b805cb047ef3dd389def0085c32602e0d79de568ccf339fb12f18de803616
67579f2c15089ef1a68ee6e11442a06d0400e233e39e01a1318e497e5728c6fd
69ff500b18c6067cd38c882b4ddc0a30ffb98d55532bc23d0be525924e80249b
6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839
6b759a63aa4d7af11cf52d9e2a1910662595a3b59fc1a4b8b5e5644c39f74e1c
6bf4a58df7e3ef2dc782e5a6dead98fec04dc1b74a57b3e6ee0eee7cb1d75aa9
6e267014a3a1a17e33bf410e7ddca6f1273814cbc66747b723b7aa1bad570800
6e85f228af344ce1946241c71c8f17853fc6a260030e1ac313410a75e28972b4
6ece6eaf12b85e046260a872eb08c6578e85f9c3c7c15caf4fb98590967c2edb
6f4f92225c9cf118d39c77d0b67cf98c0d1e6885daa9a16ef1b15f4e6a1140d5
7026e44310d88af29dd2323ec37951d2362e1359463da244f828a7065b574cce
70a0a740482247ad2b47ad763236fb5e8c1a0d98991d8b97e618f30ce810d81c
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
738b9cd36fe5bcf159ab463801ed5f9791d64629cb7b51defcc7061485a98500
743e829cb2018fc3fc2449d207c09679200ec92b957d8f30b8f362635b07bea8
748fc50cc20fd7fecc7c5d9a5a96cc99fed42fcaf7e17626dfb9817fface72d9
749886f0c7b06a4df622b00a061a33b7b7343bc1987941c26f8b455e6a63a54c
75c9854d938554f553b75fc6b966362ec21aad405e987b9d5c129aeff9de3cc7
76e9e65146cf626e4a40052942ef8619a45f4e7939545485ca801f7d530e850b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77360f19ad0f3bd8f123473bf21e142fe7546b8290af33745144ba8715b958c3
78e11caaf484e214c0f2b093c33666fdabf2f98188bda6f2e0c583d6fd965e38
79c54526baf1ad31d95bfe01d6fc0716251124423dca7e2fb67713fba9873936
7cf034e3caab7ec41c2ec8e8e6d78511ab74443507b93c6a9fbcf44e2684bd77
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e4d599bba150242446d53f6eb120f588f2ccabf4d1ba4979c2ae5478c2d01a2
7e69034b40a97f0287927ae02aadcb72dbe26e4d2b7ebaf9cb2e2933d5d98198
7eb756847f6edc4a8ff3954b9a9a316f16ff99518fad5f0d5397160c6e6d9922
7f8c6a794c3e78fdf5a92ff96d59cb8774cbd648bcc486d92eb31320c3551f16
815b46bdc7cd1bbb99562c03ccdaaca91d4175a4f247be1eb433b8929ab9e4b8
82c45d5ba206b740050a665cf7210f75df3b9642d986fc4f7ce08eb8c1825be9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30
83d88e9de19e5dcc252df252dcfa0858636ca8af0c253ffef4960f2f50c3670f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8550ea63cdf2144d6663541355a2c22d39d55092bff6bb559b33b5596269aa34
862458934d4a05cc2814c7a796573f38ba888750efbf15e0150379596f0f9b74
86f1808960febfa1afc1f1909aa3ddc32ef9247c739298931ff18d8ebc6003de
8711ce39ae7100d4581624cb8acfc6f9b120929ee00e8a981a771854963533d9
875797be92884b7d6c3b652838fb5814f2b2ba251115af1bd8f53672dfb83c8a
8774b333ae1fbf3cb37a9d0a8c58cf85a85c8da8ae650601b7017cb603850943
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
8a6221880b6410d17970ff847e820d517a8af6a563e25bfb07e447e0de6e61c3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c68bdf21064ef525d1f6e50a15ac91b19241ae234052e1af638f6779ef774fb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
92a85f93f18ea572688b8fd7b5c5ff1b9e69c4a61464d72764d833c42dc41c58
94791c6f5be28748a4d1bd0a3c0a6ecd133895284a5041ce30dcca14c11cfa2f
95830431420ad52a28ca356b624b46b3a64ba68ab877e34f19f7a3779c1e2e46
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9b5c5ba62f3273a3176c0d737a99b71456ec42a46f3f6edbc055dcc1f5cba677
9c275d2a43e649ad7db7bc49df329e8ff366a4c916ae3ae0b325bca3437811ca
9c63f535398b243ce95a9eaafa6f72126eb3ae3993c822f6b0c4bd959f67bcd1
9c74de497342d76d9c19ca59a9699102611f1d919c6148c4249c99ad3847979c
9f8cc14fa1943b870223103093e977718cf5ec42cbc95671af684e83be1c8908
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fd14d0ba089b1b726f735835a016608df8bcd01a30a24a76ab34b876071944
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a235fb8fcb10d1aafca7e0d5c6eba173e376a5d11430decd1740707337fb0c74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50c99aafacbe6eb3b1da3a0aa9ca22498ef73cb49d488165b6c6726960d6a09
a5d46a3aec6cdde85198eef50041bf346ecf8dc3b5a06e03329da7998f475143
a6d6e99440ef346f3b99fb32adde3516fd20f9e478f4c6ef779ea50c0cf3cc6a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7edb22e9bf89f482e0661ea57a329b571f820c1fed8b119c76190efdfd0d89a
a7f6244773c00be797fbeb7872bd657b0d4ac4145aef01d13128ff24bfb3ed07
a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e
af6cbb7f3fd7f842a1412ccedc7d64c82a3178b146bc2ed9df7b80747d25ac92
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04c3edab0547d21ad681e49bac2554b7db1e60355fa306911381781b365869b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1acbf5976da684e47382f858b20e6ceb222a96b0dbad5eb527feb16518044a8
b1cee7dfcc18a026988558dee0c6226299a18928d5b3c72cc1f36836da6ea9f6
b71acad0dfb12aea811ad43eb6ffc6bbc6f0608a4b800dfccd91578b635b0a62
b78ada3f1604ec580791328e406cc92277aed4ef45e57432bfe626a7da7ba0a7
b81870c09e4546205428647dffb99435bfaeea2a481b8932dfd37b76a0654b1b
ba9357d36854fc9622246e4bfdbc75bd488fee568aa9649691f8934f2c2337cd
bbec6ad5fcc7993fa87de6e94b777d3c85c133e760873d9360379f9fa0d64a6a
bd61f80010cfb8b7f76b2ace43830cb6e3b67b436a5ac180ff69511d05a7d411
be292ec682dfc6f3a7e150c3ef0bc89adf714e4c9eec632cbb412c5dcf6b5365
bf87c3de097880a202daeb3676a61063e99094d3e72400a31523bc18e6c17d42
bfac01f1e0a8417d76b572c6c01e3459e4b026c3cddbeb12a335bc033adb9a5c
c0546498737a8547c8529a34eefdb32c02e492e0dc5784e4211ead8d00105667
c4eb18db5d95001c3ee1735748bebeaebc3a73adb5cdd3f30ae5d0e5188f17bb
c5ca0625e7d4f72a60746bed59dc1e1e2c2b3d902126070e72631577b595ca8b
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
cc5699231fdc88e30eb73ad21cd91bb3e67f8d63eca747080e88ca91643ec9da
ce8ff1c78273c1bccb85d85b6a591cd0030c06e49b59dde944449c136f47f6a0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d33157d0d879b1718ed80a08dd42795fbe18fe3ece5bc42ae6aacff102150121
d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19
d819ca91e194a55f3763ce322ba88e7447cac67fbe81d85872045a1432db5b2c
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9db27d4ca79f2af0936f4a1ab1c13ddb8a8203173710c43c659cf4d1e0ccfc4
dc3d45106d24333353604d863e28084cf0a66e99d9d4e155eacafbb6ae95f5fe
dc4506aa970b6143b290a9fc2109bd70ccf4d1782428aedf2591b40f1434ef82
de0529d3c675751b762e820612467f5df0c8c3d293602e0d20179e0aafcd6b60
e0171f98bcce5db650e9cc7f6820fae1801e348c305497f374623e8dd5573000
e06e90ffc052c36460d323b1f805209381164312d3943df8c0e1361f9bfc3f4c
e1c563384b96de069dbd94b764088e9c6b4cb6031b393d8ffa775e5b44e7b781
e248d1f1d1cd34170a12a1a6577c78ad6ded463820430e30620c37c3ace79f03
e2d076ba28142d1cdbadbe0022ac75e379a5170b95cffc7506576ae6a74776ec
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e87f45f61b25df8df5466d592f6d89b8c6b3f81a5659be31d33dd343ae5c5b
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4ae74653704f5c9ee71848b1e7b3b960dc899f57ee62e4fe2edb4cdd13f8572
e5fbb75d9a459a3b07cbcdeaa0c1d29da5d8efa904dc0a1ba3f2fce6a09ada5f
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e89e9cf76acc420ce8014fb5752eb639a3ddab8b5683f523a13ed1f9bca122bf
eb073c448ce4ccbe4368b8942f85b9541f317c686392ac158446ec290f3a4e7a
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
eb56b76369e01bc12c66895f9efab18841ae8b3fe2cb755e29d4077fd87c4f7a
eb966a500230295d966ef222294e88eda03a73c4d4bb46a95edb7b11f73c8c05
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef44797b1849fedaaf6cfd9e2f74ea70142162e6899a607c345f1f08849d696e
f0c4029e2ea812d0f8abfa9038646761e57c3438ca491289aa2d3d628150dd5b
f2dbd0aa03ec9d3bf431ba942c130ee7a069d7c4fee1f2f0cd401e8f5d40bf11
f3235e9bf4c052c68b18533e2df4e0ac23cc6fe9cced74f9c5164337f70fdab4
f36816c7dc5d5f46afaae8b35ccf2e20123f75a38ce319ca0293cd7b5e955c4c
f5c692a30ba514fd36fdf3aa960d0b027ef22bcc81fa8ae10e531da07dbf5512
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f72191af85455a05276109c064ed8ca67ab4c724c8ab2c50830e21cdfde8b4c6
f7cda432fd42a7521a36ef8ea1cf96b14d1049e16f25c32d9fb78d71113267c1
f9bb36e54614efd34ba6db6564d906e246879807e9d40c73a253c211b81731d7
f9d2c6a25e90b0ed8b3d9d794e3af37949365949e081d60a7e4dba916ce5df61
fb408a3f4c5c7ba9cd3672310df56a5a9a5f6e9fa36e73e20b54c643614f0af8
fb8a1cfa42b4970ab6c8f62e7e21d9588ec450fad27df4665c26f0046ba4995d
fc1288a71f843816808b8082a1c5098df6586a8f69d605b3769f9259d5731002
fd0bd9e5cf6b6bdb20992bb456abbbfd644d699b0ab336c63d87cc97774151ec
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff90d90185481a478993732e817e934db19ad84ed2da26278253b6886880c7e0

www.vesty.co.il Open in urlscan Pro 2.18.235.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

450 Requests

94 %HTTPS

57 %IPv6

41 Domains

71 Subdomains

55 IPs

8 Countries

9195 kBTransfer

23727 kBSize

26 Cookies

29 Outgoing links

Redirected requests

450 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vesty.co.il Open in urlscan Pro
2.18.235.16 Public Scan

Screenshot
Live screenshot

Full Image

450
Requests

94 %
HTTPS

57 %
IPv6

41
Domains

71
Subdomains

55
IPs

8
Countries

9195 kB
Transfer

23727 kB
Size

26
Cookies

450 HTTP transactions
17 data transactions