urlscan.io logo urlscan.io
SecurityTrails logo

www.vesty.co.il Open in urlscan Pro
104.70.125.117  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Submission: On June 01 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 11 countries across 57 domains to perform 396 HTTP transactions. The main IP is 104.70.125.117, located in Hamburg, Germany and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il. The Cisco Umbrella rank of the primary domain is 425598.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 9th 2023. Valid for: a year.
This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 104.70.125.117 16625 (AKAMAI-AS)
9 2606:4700:440... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
26 151.101.1.44 54113 (FASTLY)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 172.67.70.134 13335 (CLOUDFLAR...)
12 143.204.98.18 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 8 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 2a02:6b8:a::a 208722 (GLOBAL_DC)
6 18.66.112.22 16509 (AMAZON-02)
3 18.66.97.37 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.16 16509 (AMAZON-02)
1 99.86.4.108 16509 (AMAZON-02)
2 4 2a03:2880:f17... 32934 (FACEBOOK)
22 2a03:2880:f08... 32934 (FACEBOOK)
1 34.198.41.114 14618 (AMAZON-AES)
8 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2a03:2880:f05... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.70 15169 (GOOGLE)
1 23.32.185.60 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 2a02:2638:d::d 44788 (ASN-CRITE...)
2 99.86.4.124 16509 (AMAZON-02)
4 35.164.82.183 16509 (AMAZON-02)
1 138.199.36.10 60068 (CDN77 ^_^)
1 2001:4860:480... 15169 (GOOGLE)
2 54.77.238.227 16509 (AMAZON-02)
7 34.248.242.36 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.128 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.101 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
49 2a00:1450:400... 15169 (GOOGLE)
8 141.226.228.48 200478 (TABOOLA-AS)
5 35.161.53.105 16509 (AMAZON-02)
1 34.254.215.196 16509 (AMAZON-02)
1 143.204.98.72 16509 (AMAZON-02)
1 2 37.157.5.132 198622 (ADFORM)
1 172.64.164.10 13335 (CLOUDFLAR...)
7 8 142.250.186.66 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
3 4 37.252.171.21 29990 (ASN-APPNEX)
4 34.98.64.218 396982 (GOOGLE-CL...)
4 2.18.161.51 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 130.211.23.194 15169 (GOOGLE)
1 2 54.246.207.140 16509 (AMAZON-02)
40 2a00:1450:400... 15169 (GOOGLE)
2 15.197.193.217 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
1 3.75.62.37 16509 (AMAZON-02)
1 3.65.115.221 16509 (AMAZON-02)
7 172.217.18.98 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
4 2600:1f13:800... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 143.204.215.89 16509 (AMAZON-02)
1 13.32.99.86 16509 (AMAZON-02)
3 65.9.66.111 16509 (AMAZON-02)
5 54.172.81.121 14618 (AMAZON-AES)
1 3 23.212.211.47 16625 (AKAMAI-AS)
1 2a03:2880:f05... 32934 (FACEBOOK)
4 2a00:1450:401... 15169 (GOOGLE)
1 1 74.125.8.166 ()
1 74.125.100.102 ()
2 69.173.144.165 ()
1 5 69.173.144.138 ()
2 3 67.220.226.233 ()
1 1 51.89.9.254 ()
1 1 13.225.78.109 ()
396 81
7    104.70.125.117 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-125-117.deploy.static.akamaitechnologies.com
www.vesty.co.il
totalmedia2.ynet.co.il
www.ynetnews.com
images1.ynet.co.il
9    2606:4700:4400::6812:23a3 (United States)

ASN13335 (CLOUDFLARENET, US)
ynet-pic1.yit.co.il
15    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
pubads.g.doubleclick.net
26    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
1    2606:4700:20::ac43:464d (United States)

ASN13335 (CLOUDFLARENET, US)
mrb.upapi.net
2    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
12    143.204.98.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net
cdn.flowplayer.com
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
6    18.66.112.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-22.fra56.r.cloudfront.net
tags.dxmdp.com
3    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
cdn.browsiprod.com
3    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.189.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-16.fra2.r.cloudfront.net
ecdn.analysis.fi
1    99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net
ecdn.firstimpression.io
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
22    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    34.198.41.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-41-114.compute-1.amazonaws.com
trinitymedia.ai
8    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
2    2a03:2880:f058:10c:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
scontent-lhr8-2.xx.fbcdn.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ads.google.com
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    99.86.4.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-124.fra6.r.cloudfront.net
cdn.firstimpression.io
4    35.164.82.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-82-183.us-west-2.compute.amazonaws.com
api.userway.org
1    138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-10.bunnyinfra.net
vd.trinitymedia.ai
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    54.77.238.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-238-227.eu-west-1.compute.amazonaws.com
tag.escalated.io
7    34.248.242.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
event.dxmdp.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    13.224.189.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-128.fra2.r.cloudfront.net
cf.dxmcdn.com
15    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    65.9.66.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-101.fra56.r.cloudfront.net
cnt.trvdp.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
27    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
49    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
5    35.161.53.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-53-105.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    34.254.215.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-215-196.eu-west-1.compute.amazonaws.com
yield-manager.browsiprod.com
1    143.204.98.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net
go.trvdp.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    172.64.164.10 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
8    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    54.246.207.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-207-140.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
40    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2a05:d018:d29:3601:a02a:b4dd:86d8:2318 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.65.115.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-115-221.eu-central-1.compute.amazonaws.com
x.bidswitch.net
7    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2600:9000:223f:8a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2600:1f13:800:7781:39e7:d3d6:74ed:31eb (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net
stg.truvidplayer.com
1    13.32.99.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-86.fra60.r.cloudfront.net
s.trvdp.com
3    65.9.66.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-111.fra56.r.cloudfront.net
src.trvdp.com
5    54.172.81.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-81-121.compute-1.amazonaws.com
p.trvdp.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
scontent-lhr8-1.xx.fbcdn.net
4    2a00:1450:4017:811::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    74.125.8.166 (None, )

ASN- ()
rr1---sn-5hne6n6l.googlevideo.com
1    74.125.100.102 (None, )

ASN- ()
rr1---sn-5hnekn7z.googlevideo.com
2    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
5    69.173.144.138 (None, )

ASN- ()
pixel.rubiconproject.com
3    67.220.226.233 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    51.89.9.254 (None, )

ASN- ()
onetag-sys.com
1    13.225.78.109 (None, )

ASN- ()
cm.smadex.com
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
662 KB
40 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 324
622 KB
40 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 221
ad.doubleclick.net — Cisco Umbrella Rank: 181
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
cm.g.doubleclick.net — Cisco Umbrella Rank: 231
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 351
pubads.g.doubleclick.net — Cisco Umbrella Rank: 435
337 KB
36 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 950
trc.taboola.com — Cisco Umbrella Rank: 650
vidstat.taboola.com — Cisco Umbrella Rank: 2834
trc-events.taboola.com — Cisco Umbrella Rank: 1867
am-trc-events.taboola.com — Cisco Umbrella Rank: 12936
images.taboola.com — Cisco Umbrella Rank: 2011
imprammp.taboola.com — Cisco Umbrella Rank: 12256
am-match.taboola.com — Cisco Umbrella Rank: 12293
am-vid-events.taboola.com — Cisco Umbrella Rank: 11485
pips.taboola.com — Cisco Umbrella Rank: 1611
cds.taboola.com — Cisco Umbrella Rank: 1845
896 KB
23 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 689
scontent-lhr8-2.xx.fbcdn.net — Cisco Umbrella Rank: 10997
scontent-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 9837
694 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 366
327 KB
13 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 41780
event.dxmdp.com — Cisco Umbrella Rank: 42290
136 KB
12 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4630
api.userway.org — Cisco Umbrella Rank: 4698
237 KB
12 flowplayer.com
cdn.flowplayer.com — Cisco Umbrella Rank: 39989
192 KB
11 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 35745
go.trvdp.com — Cisco Umbrella Rank: 30666
s.trvdp.com — Cisco Umbrella Rank: 31868
src.trvdp.com — Cisco Umbrella Rank: 39593
p.trvdp.com — Cisco Umbrella Rank: 25734
245 KB
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117
eus.rubiconproject.com — Cisco Umbrella Rank: 614
token.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
pixel.rubiconproject.com
13 KB
10 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 947
static.adsafeprotected.com — Cisco Umbrella Rank: 633
dt.adsafeprotected.com — Cisco Umbrella Rank: 572
129 KB
9 browsiprod.com
cdn.browsiprod.com — Cisco Umbrella Rank: 13159
events.browsiprod.com — Cisco Umbrella Rank: 10845
yield-manager.browsiprod.com — Cisco Umbrella Rank: 12428
90 KB
9 yit.co.il
ynet-pic1.yit.co.il — Cisco Umbrella Rank: 52072
728 KB
8 google.com
ads.google.com — Cisco Umbrella Rank: 19943
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 3
2 KB
8 yastatic.net
yastatic.net — Cisco Umbrella Rank: 5835
194 KB
4 gstatic.com
csi.gstatic.com
396 B
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1314
660 B
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 474
648 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
213 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 1866
21 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
81 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 486
467 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1054
api.btloader.com — Cisco Umbrella Rank: 1153
7 KB
3 amazon-adsystem.com
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
ups.analytics.yahoo.com — Cisco Umbrella Rank: 315
979 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8155
www.google.de — Cisco Umbrella Rank: 5230
1 KB
3 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 24310
cdn.firstimpression.io — Cisco Umbrella Rank: 22900
95 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1079
cloudflareinsights.com — Cisco Umbrella Rank: 1058
7 KB
3 ynet.co.il
totalmedia2.ynet.co.il — Cisco Umbrella Rank: 61619
images1.ynet.co.il — Cisco Umbrella Rank: 66968
80 KB
3 vesty.co.il
www.vesty.co.il — Cisco Umbrella Rank: 425598
30 KB
2 googlevideo.com
rr1---sn-5hne6n6l.googlevideo.com
rr1---sn-5hnekn7z.googlevideo.com
1 KB
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 27472
9 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 365
531 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1137
1 KB
2 adform.net
track.adform.net — Cisco Umbrella Rank: 3574
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 99
64 KB
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 34365
33 KB
2 trinitymedia.ai
trinitymedia.ai — Cisco Umbrella Rank: 13596
vd.trinitymedia.ai — Cisco Umbrella Rank: 20312
90 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
161 KB
1 smadex.com
cm.smadex.com
581 B
1 onetag-sys.com
onetag-sys.com
221 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 340
147 B
1 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 5547
556 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 70413
60 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
303 B
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2723
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1078
47 KB
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1400
1 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 28494
2 KB
1 ynetnews.com
www.ynetnews.com — Cisco Umbrella Rank: 343231
878 B
1 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1572
87 KB
1 upapi.net
mrb.upapi.net — Cisco Umbrella Rank: 64800
528 B
0 appier.net Failed
rcp.c.appier.net Failed
396 57
Domain Requested by
40 s0.2mdn.net www.vesty.co.il
s0.2mdn.net
imasdk.googleapis.com
39 pagead2.googlesyndication.com cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.vesty.co.il
www.googletagservices.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
27 tpc.googlesyndication.com www.vesty.co.il
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
securepubads.g.doubleclick.net
20 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 cdn.flowplayer.com www.vesty.co.il
11 cdn.taboola.com www.vesty.co.il
cdn.taboola.com
10 images.taboola.com www.vesty.co.il
10 googleads.g.doubleclick.net cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
www.vesty.co.il
pagead2.googlesyndication.com
10 securepubads.g.doubleclick.net www.vesty.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
9 ynet-pic1.yit.co.il www.vesty.co.il
ynet-pic1.yit.co.il
8 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
8 cdn.userway.org www.vesty.co.il
cdn.userway.org
8 yastatic.net 1 redirects yastatic.net
7 googleads4.g.doubleclick.net www.vesty.co.il
7 event.dxmdp.com tags.dxmdp.com
6 tags.dxmdp.com www.vesty.co.il
tags.dxmdp.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 p.trvdp.com
5 events.browsiprod.com cdn.browsiprod.com
5 www.google.com 3 redirects www.vesty.co.il
tpc.googlesyndication.com
4 csi.gstatic.com imasdk.googleapis.com
4 dt.adsafeprotected.com cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
4 static.adsafeprotected.com cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
srcdoc
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 am-trc-events.taboola.com www.vesty.co.il
4 www.googletagservices.com securepubads.g.doubleclick.net
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
4 api.userway.org cdn.userway.org
4 cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.facebook.com 2 redirects www.vesty.co.il
connect.facebook.net
4 imasdk.googleapis.com www.vesty.co.il
s.trvdp.com
imasdk.googleapis.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 src.trvdp.com s.trvdp.com
3 trc.taboola.com cdn.taboola.com
3 www.google-analytics.com www.googletagmanager.com
www.vesty.co.il
3 cdn.browsiprod.com www.vesty.co.il
cdn.browsiprod.com
3 www.vesty.co.il www.vesty.co.il
ynet-pic1.yit.co.il
2 token.rubiconproject.com eus.rubiconproject.com
2 eus.rubiconproject.com s.trvdp.com
eus.rubiconproject.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
2 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
2 fw.adsafeprotected.com 1 redirects www.vesty.co.il
2 api.btloader.com mrb.upapi.net
2 ad-delivery.net www.vesty.co.il
2 track.adform.net 1 redirects www.vesty.co.il
2 trc-events.taboola.com www.vesty.co.il
2 www.youtube.com www.vesty.co.il
www.youtube.com
2 tag.escalated.io ecdn.firstimpression.io
tag.escalated.io
2 cdn.firstimpression.io ecdn.firstimpression.io
2 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
2 scontent-lhr8-2.xx.fbcdn.net www.facebook.com
2 connect.facebook.net www.vesty.co.il
connect.facebook.net
2 www.googletagmanager.com www.vesty.co.il
www.googletagmanager.com
2 btloader.com 1 redirects www.vesty.co.il
2 totalmedia2.ynet.co.il www.vesty.co.il
1 cm.smadex.com 1 redirects
1 onetag-sys.com 1 redirects
1 rr1---sn-5hnekn7z.googlevideo.com
1 rr1---sn-5hne6n6l.googlevideo.com 1 redirects
1 scontent-lhr8-1.xx.fbcdn.net www.facebook.com
1 secure-assets.rubiconproject.com 1 redirects
1 s.trvdp.com go.trvdp.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 x.bidswitch.net am-match.taboola.com
1 ups.analytics.yahoo.com imprammp.taboola.com
1 am-vid-events.taboola.com www.vesty.co.il
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 metrics.getrockerbox.com www.vesty.co.il
1 go.trvdp.com cnt.trvdp.com
1 yield-manager.browsiprod.com cdn.browsiprod.com
1 vidstat.taboola.com cdn.taboola.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 cf.dxmcdn.com tags.dxmdp.com
1 www.google.de www.vesty.co.il
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 vd.trinitymedia.ai trinitymedia.ai
1 gum.criteo.com cdn.taboola.com
1 cdn.permutive.com tags.dxmdp.com
1 www.googleoptimize.com www.googletagmanager.com
1 widgets.outbrain.com www.vesty.co.il
1 ad.doubleclick.net www.vesty.co.il
1 ads.google.com ynet-pic1.yit.co.il
1 trinitymedia.ai www.vesty.co.il
1 ecdn.firstimpression.io www.vesty.co.il
1 ecdn.analysis.fi www.vesty.co.il
1 static.cloudflareinsights.com www.vesty.co.il
1 images1.ynet.co.il www.vesty.co.il
1 www.ynetnews.com www.vesty.co.il
1 yandex.ru www.vesty.co.il
1 mrb.upapi.net 1 redirects
0 rcp.c.appier.net Failed eus.rubiconproject.com
0 s.amazon-adsystem.com Failed eus.rubiconproject.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
396 103
Subject Issuer Validity Valid
qa.vesty.co.il
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-09 -
2024-01-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-10 -
2024-01-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.flowplayer.com
Amazon RSA 2048 M01		 2023-05-02 -
2024-05-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.browsiprod.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-02-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-02-28 -
2023-12-02		 9 months crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-10 -
2023-06-08		 3 months crt.sh
*.trinitymedia.ai
Amazon RSA 2048 M01		 2022-12-08 -
2024-01-06		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
adwords.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M02		 2023-02-09 -
2023-10-31		 9 months crt.sh
vd.trinitymedia.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-12-08 -
2023-12-08		 a year crt.sh
*.escalated.io
Amazon RSA 2048 M01		 2023-04-10 -
2024-05-08		 a year crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-23		 7 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
getrockerbox.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 29 frames:

Primary Page: https://www.vesty.co.il/main/article/b1ybxzs8h
Frame ID: 04CE9D9A05D5E0A1E1292A2E4FBC7036
Requests: 181 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Frame ID: 482DD3CB734DC4D2ADC3BAEEA935FFFE
Requests: 10 HTTP requests in this frame

Frame: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D28A83F02C88AD09FCBDC4EEEB41670B
Requests: 1 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=3bc34bda-d1ef-498e-9dab-c65a29ee6da2&monitoringConfig=%7B%22uuid%22%3A%22a5beb245-2949-4a76-95f5-bddfc2ec171c%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 524E534924E994D98256D73EFB72F0DD
Requests: 1 HTTP requests in this frame

Frame: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C62603B23824661F5D00C5B6051852A8
Requests: 26 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: 606F3027DD416746CFF9CFA2EF1E7AE2
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: C66B5501A3F607B677FE7B0F50352CAC
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Frame ID: B2AC29DCA966EF258647B3DE99F6D39E
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrZtucBlSvtaN9DUzVSneP43Ri7FWxUZN2CNqU9OQcLhJEAtIyAX3oAOVCZ8ac9OZGURYzxHDj6xuSKWOaQUX3Iv78HI6-jOcohO9wHBHunYpjbl3H2az2v0cu7s92nD41R_fJdDTbOAhyvFfFgbQcEDpBwK_uVzQ6qbNSiwXT0NOnp8rckpzVlmwhpwN0aA4KVtvShlEmkxh4kCDL_Q0pcpiUUrAKnqpHh1VjN2nG921jqP_9ll5IYQ9EHLnygKiVfUYBsHns2V0wr1asaewGexCkqnsQJ98oVH4TCRsiGW_Li3VcBdn5k6l7EJyMZHjgAFZVLky9TLphwR3Vaa6PUIi8pR8CEo7gY5jLvFbGu3M&sai=AMfl-YRFfvTBYY4gAe2Izt3CMT1TIb9MKHFt5gjpdRGt3C0Kll-oo-jtDapLyDA_21BVP3YrAK5RyijQKnbwg31us_lzHEmd5YSPVWXlRbNIFcksopp7k2NYFqBHxOE3TaSxyegicRY8ks_CjE7nySlY&sig=Cg0ArKJSzAAgKD54yeOhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C8A2B426601CC7AEA4AB179009BF12D4
Requests: 7 HTTP requests in this frame

Frame: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BBAC0655D4E4010CED1772C919DA232
Requests: 19 HTTP requests in this frame

Frame: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D664EFCFE1A0A0BD7EA812DE79C45D14
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNW2EwdA06iR87Lc-hN_H1Ty57ZrPYtM2P6drG8tSifikaW9KRLxU_mlzTnDAUmvke4Rw9Mp8O2bo773TJt3xen5okEq-gEuzdwPD14io-eUHyGXq_0FiTfSHfkpjo4EXj-C-EY7VdbCr7a2wPyL3vPG12HG144vYIa_8smbpuDyh4spJFw
Frame ID: 4E57FC7FC02CECE96E57F09937CDBAD1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWJiccCHj11qqlMEanulyLBdzc3Ij9nG9b8gLVT8QeeAy7neGAicx2Ln-_zL5WGPd3ApXfnhabdrkZHLkcMe48SivuDwRUQCDpx93CTNqc-PzyFKuxOrvPEIft6c-swineND03GdNaaCcCK1RhKmEjUwxoWuSfESPG5NwkLrmEjYiMsRFA
Frame ID: 7F8D2861993BFE1C8410DA528D065FDC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWTWqBAVKwqJV_XCrJ1NX7h4Pf7gpQVVC3S14zs4wDH3qqzGJDiWTYdWjgn_x0cZZWopFEEix8NVguSeZAT4OhVoR7rKqLTc75-GuzrEWJXf2g84ZxWLYwFvWy4S5I8GhpDDMdKf7p7yvMUIGNWW6-gOS3q_OKJCUHcMx1NQhVscnbN4EA
Frame ID: 19CCD8E13C37296ECB308D968EE4DB47
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1685598237209&uv=3286&tms=1685598237209&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=407dcd4c-22ca-4162-a7a0-60f148ff582c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 5B9B1CE397C1D938D76CA5682404DDEC
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F10C3CF93BE0C2511A4E6AAEEEADA93F
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6227350466491785267/CbV_MY24_C40_DE_Banner_970x250/index.html
Frame ID: 6F484C63F6E68717E424AA987EB9A958
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Frame ID: FFCC5F809649C06928CCEE8E84B68757
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Frame ID: 9DB7FE3D6129536EAE8783EE4A976A7F
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DAA5ED6C63086670D57381F949EAB10
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 74765D1FD6C05B52DAFAA0C89FF6DC0A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18C8D09DC8ACF8F059BD6720EE0BEAF2
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D0EF58AF5454F69DB376ABCB4BDEDAF7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_970x250.js
Frame ID: 96DC295DBB681742633C597B448B2E6B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Frame ID: 5E6548CB11ADC07E4890E8425C248DAE
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D81A1792559AD10A0BF4138AFAC79E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D843448F4837220A12CBF120049FFDEF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: 99F8729C6A7D3EC1C9CF2E24E392682E
Requests: 12 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Frame ID: E820BDBB8E169367F7E7768C76B915AA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Налог на сверхприбыли израильских банков: поможет ли он вкладчикам

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

396
Requests

94 %
HTTPS

40 %
IPv6

57
Domains

103
Subdomains

81
IPs

11
Countries

7156 kB
Transfer

23599 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
  • https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
  • https://btloader.com/tag?w=5732901039636480&upapi=true
Request Chain 22
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 193
  • https://track.adform.net/adfserve/?bn=64165442;1x1inv=1;srctype=3;gdpr=${gdpr};gdpr_consent=${gdpr_consent_50};ord=[timestamp] HTTP 302
  • https://track.adform.net/adfserve/?CC=1&bn=64165442;1x1inv=1;srctype=3;gdpr=${gdpr};gdpr_consent=${gdpr_consent_50};ord=[timestamp]
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHgwHOC8ZDe1xa7EUWWabwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ1rQ0qewXKILPZ_pgvwuJA&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ1rQ0qewXKILPZ_pgvwuJA%26google_cver%3D1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyODEyMjc2NTkyMDU2MjIyMA%3D%3D
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
Request Chain 221
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 222
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 233
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 282
  • https://fw.adsafeprotected.com/rfw/st/1431402/70901275/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-9314111824787632&ias_chanId=1&ias_placementId=20014188934&bidurl=https://www.vesty.co.il/main/article/b1ybxzs8h&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hsbGlZBECf4qfuqjADeKIS&adContainerId=brand_safety_HDB4ZM3iOpDjgAfxvI2QAQ&cbFunctionName=goog_wrapCb_HDB4ZM3iOpDjgAfxvI2QAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.vesty.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.vesty.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fcb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fcb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:4a86de1a-869e-003e-849e-19186a068e57,c:egjXqc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5b89c49c56-d7l2v,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tFUaqoN+11%7C12%7C13%7C14%7C15*.1431402-70901275%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:53,oid:4d4f3492-003f-11ee-87d7-ee5a1f075640,v:19.8.415,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 352
  • https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width= HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Request Chain 381
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Request Chain 405
  • https://rr1---sn-5hne6n6l.googlevideo.com/videoplayback?expire=1685627041&ei=ITB4ZOC0DZDEx_AP_66o6AQ&ip=2a03:1b20:6:f011::2e&id=032acdc49958d775&itag=22&source=youtube&requiressl=yes&mh=y7&mm=31&mn=sn-5hne6n6l&ms=au&mv=m&mvi=1&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=29.930&lmt=1685429352202729&mt=1685596376&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgPbjj0HHBSKZl2aZjizDyfAW0RBKht_jMa_udcZpB1lMCIQC9v4h8RrK2ewQTMEcG9Rba6eReiGOdQqN394z-zoo3aw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgc8K1wTpiOsvnR02AuUqLYI5bwul5iw6K62XiI6wvhxkCIHT3HJZiGx_hG0RyNh_F1wO0Lmt_WCInQkVD38DtPGk5&cpn=kKxS4OLrI9sXwcoh HTTP 302
  • https://rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1685627041&ei=ITB4ZOC0DZDEx_AP_66o6AQ&ip=2a03:1b20:6:f011::2e&id=032acdc49958d775&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=29.930&lmt=1685429352202729&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgPbjj0HHBSKZl2aZjizDyfAW0RBKht_jMa_udcZpB1lMCIQC9v4h8RrK2ewQTMEcG9Rba6eReiGOdQqN394z-zoo3aw==&cpn=kKxS4OLrI9sXwcoh&redirect_counter=1&rm=sn-5hnezl7e&req_id=190c4974bfd136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=y7&mip=185.213.155.145&mm=31&mn=sn-5hnekn7z&ms=au&mt=1685597814&mv=m&mvi=1&pl=24&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIge2jN-XE9HILEeSoyz9NjCJIiHhF5jxy0NH2YLc4s_lwCIG4eOCxuBmJGvY2nuVbNJKP-JbzBJr39CcCNhgCQZGvF
Request Chain 416
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ltqj4418Qbiia7JpAE34Lw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ltqj4418Qbiia7JpAE34Lw
Request Chain 417
  • https://onetag-sys.com/match/?int_id=4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
Request Chain 420
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=a6783245-59cb-40d3-9c9c-161b95c079ab&expires=30

396 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request b1ybxzs8h
www.vesty.co.il/main/article/ 		102 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00fd381e742154a662ef37040e24b1148b4af824e8b0abb9641cb291e31b7a15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
29045
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Jun 2023 05:43:53 GMT
Last-Modified
Thu, 01 Jun 2023 05:43:51 GMT
OSV
c8
V-TTL
0
VX-Cache
MISS
Vary
Accept-Encoding
WAI
02
X-Frame-Options
SAMEORIGIN
X-me
${S_HOSTNAME}
X-version
V3
YS-Cache
540e3c076fb4468ef8e98d4d1ea00d98
backend-cache-control
vg_id
2
vesty.cbe686046045a1f6deefae01910fd905.css
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 		657 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.cbe686046045a1f6deefae01910fd905.css
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d71480d1558fff5af3c6cc2a25b6e771ff309726337719501229b7db44e6f06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 29 May 2023 08:05:05 GMT
server
cloudflare
age
2047
cf-polished
origSize=718325
etag
W/"de103047492d91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
7d052442482a927f-FRA
expires
Sun, 02 Jul 2023 05:43:53 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40cd6bad06286f661be9d98f8744feb752d555d4c2678d1becf7804ec4b139d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25194
x-xss-protection
0
server
cafe
etag
159 / 19509 / 31074978 / config-hash: 15571386564161109570
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:53 GMT
jquery-3.6.3.min.js
ynet-pic1.yit.co.il/Common/Api/Scripts/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/Api/Scripts/jquery-3.6.3.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Mar 2023 12:58:30 GMT
server
cloudflare
age
55
etag
W/"4de1350be5cd91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
7d052442482c927f-FRA
expires
Sun, 02 Jul 2023 05:43:53 GMT
gpt_script_yns_ynv.js
totalmedia2.ynet.co.il/new_gpt/vesty/ 		133 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c9901eba322320d37653843ced2b7ef18b27e92f36c7407211d564ab762508a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:54 GMT
content-encoding
gzip
last-modified
Tue, 31 Jan 2023 11:37:21 GMT
server
AkamaiNetStorage
etag
"426e89a68e4518ad06657e926f8e1b9b:1675239101.242226"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
27319
ynv_templates.js
totalmedia2.ynet.co.il/gpt/ynv/ 		110 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:54 GMT
content-encoding
gzip
last-modified
Thu, 07 Feb 2019 09:15:22 GMT
server
AkamaiNetStorage
etag
"0d986196c56347b4af883296acc3ef7f:1549530922"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
loader.js
cdn.taboola.com/libtrc/ynet-vesty/ 		898 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9efb2ec23ca8bdfb0acd203ca3292260873761f487e47ac24d3091835ee4edf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
7d6B.C1ZpkPKW8B2UQ4oRSBiBxZe13Ky
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:55 GMT
x-amz-request-id
CG5JDCK0C5HGT4MW
age
92
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
72230
x-amz-id-2
PZ5VHHBHUkAPoVQne0x171QpL/ZMs7D/GjB5kaAAISr4nAUMTa6Hd0r8mDapys37BThkiFbE4/M=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 31 May 2023 09:11:17 GMT
server
AmazonS3
x-timer
S1685598235.016995,VS0,VE1
etag
"2f5585a2033e24f8106d7f7371a397a7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
tag
btloader.com/
Redirect Chain
  • https://mrb.upapi.net/code?w=5732901039636480&uponit=true
  • https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
  • https://btloader.com/tag?w=5732901039636480&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856242afa71cc84545c0bb3bbb3cfe7226d1071a1f3e87607cbad2bf8daae497

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Jun 2023 05:00:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2587
etag
W/"202d6f2845179ed4a3b9d3d007610ee1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6bI29cTCw8kPWk1s9VTPwqL26gUGfMqg7VdsATXvRoDntCU0RXK6ONi3VhUjYlY%2B%2BmWs4hcqIpPUM%2BrjuHQP6Q8HO7XUDTdpzvAGcWzi83ER6ihgzIOSDLh0CYNtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7d0524520fe65be1-FRA

Redirect headers

date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2587
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXA9oNRBO5Gn3bdC7Z4KovgZPhNslVjb2U5R6BiR7rXT%2BFnw0BNSNmTXcpcFXcU0tHNLt%2FabWbOArln9ZHmQgb9yoyHTK34h2yMfzc75wN2a84icVac9qFiEBpxDsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?w=5732901039636480&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
7d0524519f965be1-FRA
vendors-widgets.5a75e38506bb012f5b8b.js
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 		1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf06609adc2161bf2be5cae5a5f800e50539f0ee1f06e410eb5285d835e9b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 29 May 2023 12:35:22 GMT
server
cloudflare
age
109
cf-polished
origSize=1967504
etag
W/"e4bd2692a92d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
7d052449498d927f-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
widgets.6af3fa34025e8167c434.js
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 		2 MB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/widgets.6af3fa34025e8167c434.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd20055d8c801ef0e0c4698fe5f5bce77cbe3e1acc8dc99625fbbbf59047985d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 30 May 2023 06:52:53 GMT
server
cloudflare
age
214
cf-polished
origSize=3022159
etag
W/"7458505bc392d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
7d0524494992927f-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
flowplayer.min.js
cdn.flowplayer.com/releases/native/3/stable/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/flowplayer.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a40f7092b6c797f55054048dabc6314a3558b238d31ade75917a520a933ba9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
d6mY0kniDBiZZ8OPZgss1YwkJMJWb60j
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Thu, 01 Jun 2023 03:46:43 GMT
x-amz-cf-pop
FRA50-C1
age
7033
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:31 GMT
server
AmazonS3
etag
W/"b349de78af5afe5cf4ca17f42a248f9b"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
g3VcsEORfJ0fm7hMxz1M8RUmE6Z14Q4Ojc6KtyjwT41qaowwNJIfxg==
flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d5e0849332acff7b91d64ac054f09bd1f5db75df129c800b2feb90cd2a841e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
txbeu6tdVF7qSZ.P5wqYvb7XJ3LQkxMO
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 23:58:42 GMT
x-amz-cf-pop
FRA50-C1
age
20712
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:46 GMT
server
AmazonS3
etag
W/"eb4c450a71248f9837360b0bf07cc7d7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
ChOqdE7qOBNnzsGTSRoSIeJlZQqX-64q5ep3NTackwIV_PdpW-dq1g==
ads.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		100 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/ads.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ead3191b9474219c0a9d6951bb245857e62390003d50d08d80a182e99fad9a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
0Qq2y.O4WG25IP6dYCfrUVlIkf3549ZG
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 13:51:39 GMT
x-amz-cf-pop
FRA50-C1
age
57135
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:33 GMT
server
AmazonS3
etag
W/"54e7990442499d3e4f6cdf7c1da6b9ff"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
0-8WXGBbqkgytLCxFw_RXSuZOQ8lmwEa6efbbRVOvWolNlZKhRxASw==
cuepoints.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/cuepoints.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
ToNpIzKzYDT2buJN8rzrYqkMZJTKXqQv
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 16:11:07 GMT
x-amz-cf-pop
FRA50-C1
age
48767
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:36 GMT
server
AmazonS3
etag
W/"bd50097b30cd0caf23b8970fee9bcd6d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
FfzOLby2-TbJLiUeTVLsUg5NVOAUBfwZD46F74OjPo01l0_4jSejXg==
google-analytics.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/google-analytics.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
102226e81d3a3109c21b53da10db1d22de84674944ae961a7c6feff84afd58f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
9BVd.bJAoelOz2Z5jdiTR4Y87G0FTsE6
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 16:10:50 GMT
x-amz-cf-pop
FRA50-C1
age
48783
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:39 GMT
server
AmazonS3
etag
W/"5f8894853e281a91fa61461df703f3f7"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
x7KMgWHhgqtxA2wZEa_9g4wsQgd0-tvtN9efZ32MfykHhNNL4Ymb1Q==
keyboard.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/keyboard.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a9619c6c2cd4801860b4d461af81cbec9b653514837103043e326ea9813b9a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
pZZ9LsB_lARzvM8o019TRN8cYKQgUPb9
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 16:10:53 GMT
x-amz-cf-pop
FRA50-C1
age
48780
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:40 GMT
server
AmazonS3
etag
W/"04bb3154e889934e79587995cf848077"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
YtmOLWkoDkLqgZ2hGxNqgtKj4Hq4KaJ6Jk_KO0AywcE6FWlq7oTFHA==
share.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/share.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ac5d86cbcdf58b89344f83ac426d0300c5d6adc80226c2e62f9d2e3d0be2a40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
3sJypyFKl4iGcPf8KdZDiWW6z48Xh4lk
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 13:42:06 GMT
x-amz-cf-pop
FRA50-C1
age
57708
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:44 GMT
server
AmazonS3
etag
W/"246c3fc5ca6a8d2054d51c89871e14d1"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
s0tl-IhSuaqDr1YvjRizW3_o5qvllOWXexrWpHiaj6hvMqCD3XmNqw==
qsel.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/qsel.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afa1ff79dda80807b1b38e3a4b80b4467b695ca9ce7c15cfefa890bdcb35e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
dM0V1yxxEKlXef0HwFVj3vieSresBvvk
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 22:38:14 GMT
x-amz-cf-pop
FRA50-C1
age
25539
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:43 GMT
server
AmazonS3
etag
W/"a7ea19581cf13f8fc43dde55ca66c7d9"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
2XhRIaBSrUyY5DB8mHAVLZu7C7zcg5oPC_ClnpA4RGZ2jRIR2-k5PA==
asel.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/asel.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b714da0ee71995873912f31aa8da3bc842f3a5d065cfefc26ae0c90fb239f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
yHYEBXqt3AeQxeC5sYMNAXZzFglZaxjU
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Wed, 31 May 2023 18:04:51 GMT
x-amz-cf-pop
FRA50-C1
age
41943
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:34 GMT
server
AmazonS3
etag
W/"d7697cc614e43c3b3006bb97291ce04e"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
eKjUYszBzCebrwbhGvoEyWg-iZslOlPYSDt9tIH7cuKrqr8Bn4AYqg==
hls.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		386 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/hls.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
038bd0b34b7d1c79b7553c709e463043c2bcefda39ef73cbbab315072846d0a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:03:06 GMT
x-amz-version-id
4jueDBNDJvtWPomBoodiiXxnELYAUMmJ
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
56448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:39 GMT
server
AmazonS3
etag
W/"2693b2f4455226a0977083f8a1871a24"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
lNAGCwvFVEyprrOogIio5ovNrrXJ3ngl_dGzI_Np8o6DjeycGIKyxw==
float-on-scroll.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/float-on-scroll.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb505f9b238a9e432f0fef92f30b51a7382134621126778726f08e371d7ab899

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:24:53 GMT
x-amz-version-id
VG0UrO_BR6mYmRWtmW7ju_UNEnHRRz4G
content-encoding
gzip
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
58741
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 25 May 2023 16:10:38 GMT
server
AmazonS3
etag
W/"9f382ce9671b335c858881a0e301175d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
d3SuDVFc-moMk8oBEAIOM7tXILRWEaVNuA0fDbbrSHy3kAVd1E2B4A==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123025
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:54 GMT
flowplayer.lang.ru.js
cdn.flowplayer.com/releases/native/translations/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
295 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0b5c146f4e10f164d2492237600fa47a59a3b5b1568c147e4a8ec13198f9904e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1685598234171575-9437610050495775239-balancer-l7leveler-kubr-yp-vla-93-BAL-420
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 01 Jun 2023 06:43:54 GMT

Redirect headers

date
Thu, 01 Jun 2023 05:43:54 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location
https://yandex.ru/ads/system/context.js
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
dmp-provider.js
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9e37f8709ca8dc7c4f0094e4eda5c8900887c5448aff04bfaf9eaa71a96de5b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 02:23:50 GMT
content-encoding
br
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
12005
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
ejPBh_z0_yQsdTxIIC7IPoGSX_iGsqO1ku9ZkkwLlOj_w4P90rjvRQ==
1310.png
www.ynetnews.com/Cnt/Images/Weather/ 		672 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ynetnews.com/Cnt/Images/Weather/1310.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

backend-cache-control
date
Thu, 01 Jun 2023 05:43:55 GMT
last-modified
Tue, 30 May 2023 16:43:50 GMT
etag
"c2826d31d827d41:0"
content-type
image/png
vx-cache
MISS
cache-control
private, max-age=471554
wai
01
accept-ranges
bytes
content-length
672
v-ttl
0
expires
Tue, 06 Jun 2023 16:43:09 GMT
____.png
ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/____.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9647129e04fb0087ff7d9aa50a657bbce11fcfcd89f2688cba822d0d7bf1f025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
cf-cache-status
HIT
age
6637
cf-polished
origFmt=png, origSize=4244
content-disposition
inline; filename="____.webp"
content-length
3152
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Jan 2023 12:16:18 GMT
server
cloudflare
etag
"5a4db457ed24d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7d0524494993927f-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
vesty_logo.png
ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/08/SkVVgBdcj/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/08/SkVVgBdcj/vesty_logo.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54e851db62143344146dd02717567e87695725d3e25e18a2feafd3dc6ba5714

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
cf-cache-status
HIT
age
5149
cf-polished
origFmt=png, origSize=1692
content-disposition
inline; filename="vesty_logo.webp"
content-length
1248
cf-bgj
imgq:85,h2pri
last-modified
Sun, 08 Jan 2023 13:08:35 GMT
server
cloudflare
etag
"269da9506223d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7d0524494994927f-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
DOAR_ADOM_A.gif
images1.ynet.co.il//PicServer5/2019/05/13/9242159/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images1.ynet.co.il//PicServer5/2019/05/13/9242159/DOAR_ADOM_A.gif
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
last-modified
Mon, 13 May 2019 09:21:28 GMT
server
Microsoft-IIS/10.0
etag
"b27baa3e6d9d51:0"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2104724
accept-ranges
bytes
access-control-allow-headers
*
content-length
9053
expires
Sun, 25 Jun 2023 14:22:39 GMT
SJZICEO1q_25_25_452_255_0_x-large.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/02/14/SJZICEO1q/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/02/14/SJZICEO1q/SJZICEO1q_25_25_452_255_0_x-large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
118ab0bb925b77bc7e6e5ab12aefc99212d01819af7e18348a5796f97584da2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=17947
content-disposition
inline; filename="SJZICEO1q_25_25_452_255_0_x-large.webp"
content-length
13818
cf-bgj
imgq:85,h2pri
last-modified
Wed, 31 May 2023 18:44:33 GMT
server
cloudflare
etag
"2c8ce3f0ef93d91:0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7d0524494997927f-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee59a729348a1ee72417458ddb4879d4e09668334d2a715f3a700edb5e19bf04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
1t9oY5dsI2O5mQBgGHRbvmpc_xaX5j1v
content-encoding
br
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
date
Thu, 01 Jun 2023 05:32:03 GMT
last-modified
Thu, 11 May 2023 07:31:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
714
x-amz-server-side-encryption
AES256
etag
W/"32453f3d63d4172abe613f1936f6ee5d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=3600
x-amz-cf-id
zekkl_e6zGi1PgUqZabfT-UoSx4HF6i0Q0w_Ip-2CD2Pc_8PSZEiaQ==
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7d0524498a2e3a44-FRA
gtm.js
www.googletagmanager.com/ 		245 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fdfc4de862c4b94a7f110229dd94d12a420e2208c10c69f919f3f0ffd36315bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83366
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jun 2023 05:43:55 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 		405 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
68855
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128027
x-xss-protection
0
server
cafe
etag
5295197450709426467
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 30 May 2024 10:36:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		154 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vesty.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11981e7d8a5ea45c1d0818f7fa49bf648eda510e5f5e6dd7f20a9e9a09ff570e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:54 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-16.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:10:22 GMT
content-encoding
gzip
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2014
x-cache
Hit from cloudfront
content-length
1696
last-modified
Tue, 30 May 2023 11:07:18 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-5fce734db8580-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
vmAaApshB6mQ0p0_O9sXwWQCdZjp08Zoj2buyVzcMi0tBvp04NqNMg==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
4f81646d99b3fc74d8e01a5341ec6e5e51138daecd799f62e01ff59a7bb1c61c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 05:10:25 GMT
Content-Encoding
br
Via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2010
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Thu,01 Jun 2023 05:10:25 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"2acbad7b68002503a5a1a165245b1b9b"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
OXyDG_6O969Uw1jn40SN9RQ6xLBgwnStl3GKmVL6tFrVtCT3bM2mmg==
17dc5afd0f050bda052b.js
yastatic.net/partner-code-bundles/779240/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/779240/17dc5afd0f050bda052b.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
1991c1d27c9548141c21c2cae1ed61ab2af64506a1c26e8d4077c9aa401ce8ac
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4778
last-modified
Mon, 29 May 2023 15:13:21 GMT
server
nginx/1.17.9
etag
"a944b37662cf38b1920fa7759d8b3caf"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 31 May 2053 12:17:56 GMT
28928deada80ac7a4913.js
yastatic.net/partner-code-bundles/779240/ 		114 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/779240/28928deada80ac7a4913.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
746249137d6bbb4e5f2be33b3e875cd1202809ef26e0c9af1533e398712cf5d5
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24220
last-modified
Mon, 29 May 2023 15:13:21 GMT
server
nginx/1.17.9
etag
"6eac44edfe7a77816d9fe3443277cf80"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 31 May 2053 12:17:56 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 31 May 2053 12:19:20 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
db7407d670c314ee
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 31 May 2024 11:32:32 GMT
49ea91010103fc9d39a6.js
yastatic.net/partner-code-bundles/779240/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/779240/49ea91010103fc9d39a6.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0a9115c7f15f56a5280059185aafd63eeaf124193165362eda62102d2f13d255
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7926
last-modified
Mon, 29 May 2023 15:13:21 GMT
server
nginx/1.17.9
etag
"d7db9eebe88d6d4f0244a98ac1e40f78"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 31 May 2053 12:17:56 GMT
8c65a4022d8997c068a6.js
yastatic.net/partner-code-bundles/779240/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/779240/8c65a4022d8997c068a6.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b9756ab3110569adb981f1b23475d67749b2e9717b4c74c084e280d9ddf20459
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2079
last-modified
Mon, 29 May 2023 15:13:21 GMT
server
nginx/1.17.9
etag
"1ba46d1d2d2f2d6dbef6b9ca66f9290f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 31 May 2053 12:17:56 GMT
daef6c086537d83376cf.js
yastatic.net/partner-code-bundles/779240/ 		622 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/779240/daef6c086537d83376cf.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c4d130b5b897b093c4df9a9cea0b5bdab26720880f95555684f1f354e43464dc
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
120523
last-modified
Mon, 29 May 2023 15:13:22 GMT
server
nginx/1.17.9
etag
"a92674dea6c2a2e1c0f60a632d885eb0"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 31 May 2053 12:17:56 GMT
likebox.php
www.facebook.com/plugins/ Frame 482D 		38 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6eeda07454b179d45f6a9b5a3d35fbd116aa2efe54319088a18369176d6f6f9c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:55 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
M8TgKIwNdszz228iICsPgYARcEZIEHRxkv5G2mQ9yW0HgmZUmL7S02RtARla8imJ+1Ydlz+JHCRl1rS6QrQRiA==
x-fb-rlafr
0
x-xss-protection
0
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
427176ef763337a66afbc5a4cae5bf4afe5b2e157865bd62e77fed481710d431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Jun 2023 05:43:55 GMT
content-md5
OrPmI+hbg6zAxvB1oc1Yqg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
P/tUFye17g+UOJWMZyg+KtYyq9q3uSEhro8yuXvf2Hbcwximv76r4JQBl0p2JZsC+aYC0yH+MYT5tpOSRdT5Bw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
2e0b15d37107b1d6216cb8e6ffbb6e28
cross-origin-opener-policy
same-origin-allow-popups
etag
"036a7b260744304075265d21d0a9a91e"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:51:55 GMT
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		276 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		702 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		639 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		241 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		370 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7c75468e63bbfc47e9b7e43bf8c709185836b2868ea3a893339966c208435c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9176dfafa2beac923666d80208d52163366268d65a3f6d4c9c7dc062f13db1fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b1645d05205c0de76ee78715ddbbbe2a5e4b2fe9f5faee9037e070c07691212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		864 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cab9d462a9a175760c61a7064803d06ffef31dedbf1f1e60a0a32a5cb2f3c273

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8d6537559bba91d5987243b73b24db1fb3ed42d7cc66a3a3799939b3145cc55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		799 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8783883968da07275df5ed817ae769253fa3a51509283f371d81aff455039d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		935 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
018144810275161f79a9ef6fe1708661f13c78fc5d5d87770a3bfc90c9be8ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		787 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aace298e700157aedcfe9b062cc530a67ece01ad08c3af7fe8a52be86bc01d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11dbe46578266e04259c1ca0a713ffbf86c3803b94a379e5fc6ef8a381095084

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
NarkissBlock-Medium.woff2
ynet-pic1.yit.co.il/Common/images/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/images/fonts/NarkissBlock-Medium.woff2
Requested by
Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.cbe686046045a1f6deefae01910fd905.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf

Request headers

Referer
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.cbe686046045a1f6deefae01910fd905.css
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
cf-cache-status
HIT
last-modified
Thu, 05 Nov 2020 12:15:54 GMT
server
cloudflare
age
280
etag
W/"0797f686db3d61:0"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
7d052449aa021cc7-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
NarkissBlock-Bold.woff2
ynet-pic1.yit.co.il/Common/images/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/images/fonts/NarkissBlock-Bold.woff2
Requested by
Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.cbe686046045a1f6deefae01910fd905.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a125935da70c13b8e02899542b319dde2d65cee1abc837f5743edd9153a3ed1

Request headers

Referer
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.cbe686046045a1f6deefae01910fd905.css
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
cf-cache-status
HIT
last-modified
Thu, 05 Nov 2020 12:15:54 GMT
server
cloudflare
age
280
etag
W/"0797f686db3d61:0"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
7d052449aa041cc7-FRA
expires
Sun, 02 Jul 2023 05:43:55 GMT
/
trinitymedia.ai/player/trinity/2900001404/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trinitymedia.ai/player/trinity/2900001404/?pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.41.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-41-114.compute-1.amazonaws.com
Software
Apache /
Resource Hash
155385e136685bbcd1a0221f640bee645f843f00b409b3002ecc9fc2fd7611a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
server
Apache
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store
content-length
1689
widget.js
cdn.userway.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
817912f74c243cb931e0ba11ae0aa155f9a508208c4288223f9cee5ce07892ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:55 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
122
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
1522
x-accel-date
1685596713
x-77-nzt
AcO1rydgJzv/8gUAAA
x-accel-expires
@1685600313
last-modified
Wed, 31 May 2023 22:15:09 GMT
server
CDN77-Turbo
etag
W/"3c8c56d1ff6ea75ecc162b719457f00c"
x-77-nzt-ray
25b021312677e8c71b3078646b529810
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
content-type
application/javascript
x-amz-cf-id
Fwbq4QM8WoZ7k8B7t7FZteSnS2uKWRqwjDekq4ZVgVo9UBCMtnKYoA==
impl.20230530-4-RELEASE.js
cdn.taboola.com/libtrc/ 		766 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
77e67726f5b10d4e887da34c9d7647f8ad709550b024eebb0dcacedbc142c8f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
nEuYABMNvZE_T82s6eolCJS83jnVRQX3
content-encoding
br
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:55 GMT
x-amz-request-id
3FN5EAGKNDT9G0JY
age
15885
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
163046
x-amz-id-2
UGzrirSYhD9c6kaKC59lbnmOaTNm3tU3mYHqd30JsM/rlyn3LDxGoxfHOUd4nsojja8A44QERrQ=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Tue, 30 May 2023 09:13:18 GMT
server
AmazonS3-br
x-timer
S1685598235.249402,VS0,VE0
etag
"6d4624042d0f1c5ad342aef393e8fde3"
vary
Accept-Encoding
content-type
application/javascript
abp
3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1288
06ZX3mXSkRb.css
static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/ Frame 482D 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/06ZX3mXSkRb.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
34879b9e2bf687d73136aa78381006501b3565c161d6d633b8ecd98cd7c598a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MwoIf/JO9b6CSdlqTCIFLQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6961
x-fb-rlafr
0
x-fb-debug
s6CUtpFcI7lLwKQNuqa9nizQX4BUphium1UfAaiPHk6+tR5at9ZTuNv/qymykyLX8SMQG8VRD/cBhqDgQbJzaw==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 30 May 2024 20:15:37 GMT
ieFmvuml2gZ.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 482D 		307 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/ieFmvuml2gZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0ee77e6f6023a7d56c375a41920b9be9fcb5e66827eee6c645c19364726373d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Yng1/TxPPBHuP+qVdHg8AA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81976
x-fb-rlafr
0
x-fb-debug
BsE+86ckpDwEAqdWmzQ865DP6rh8u7yAIlVTBNhkTM5HWSATXHXcV0G0aw4A+c0Sj2/nhWdpr/iuzsPwp6ngjg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 31 May 2024 00:15:09 GMT
kpHH9AWO-Rm.js
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 482D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/kpHH9AWO-Rm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1f8548f59ad3046366b3c82d923308cf960624c7be4e4b9fc4732314940795c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
f9iDZEtIS7q8noiwqN/TJg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1859
x-fb-rlafr
0
x-fb-debug
jIuo6BcfxkNXHVJqks6uYyxo8n+coWDkYQ34+LN+NgiM+7/dublAjvcwuxhxM4xN/nWp7HJqcyfiw5vfya1HXQ==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 30 May 2024 19:19:52 GMT
Ka6Q-fwfz0F.js
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 482D 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/Ka6Q-fwfz0F.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805f911869d903d297ec0cb6fb3f02540a883908096434d0c2535f48934ce767
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uBm8JcmVCIJHvBWgcOW/3A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
29615
x-fb-rlafr
0
x-fb-debug
em1h1nIYVONsCOzkI/00x3+97pCGMlsXeseJj/0y/bKmbH8M50axa42q1OT69LNFlhfps6PHAHYIAG9ADkkOVg==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 24 May 2024 17:51:52 GMT
wwRV14_DSFk.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yG/l/de_DE/ Frame 482D 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yG/l/de_DE/wwRV14_DSFk.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5acac149b50071f4f0435867b53804101eac47a91975d5d44347565fca062cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Y6t15LcYwek0hwdpZxnPEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30686
x-fb-rlafr
0
x-fb-debug
snHp2Qnro72KJvmB2vsoJGX+uC/Jr67H6B3ue/PEGvbpq7j8wL5RbnGo8lqgIsNkJ920CMUUSoOp+LSFpwEV1w==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 30 May 2024 01:46:09 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 482D 		507 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
J374RapVad6m0YC/w4JhHWRdfoJP0DSj/wcpL1hWaXfmd1xqwhMOs7rrZcddU/fcgDcw7Q05N9rJzxxGOFln/w==
x-fb-trip-id
1679558926
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 23 May 2024 00:18:53 GMT
336298928_2992004974427750_8732295176742565021_n.jpg
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/ Frame 482D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/336298928_2992004974427750_8732295176742565021_n.jpg?stp=dst-jpg_p130x130&_nc_cat=101&ccb=1-7&_nc_sid=dd9801&_nc_ohc=n4Ev5n2tlegAX8AYjNB&_nc_ht=scontent-lhr8-2.xx&edm=AEDRbFQEAAAA&oh=00_AfDsWqSmFjGPoaC7mic9TCxzYD0fmY6M1vjmEiXYRLKPVA&oe=647CF96B
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
49b6f7a70ee3d7f71c178641dec7c2b4cae50de328e404d593f7318d9a8b6c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum
1333204721
date
Thu, 01 Jun 2023 05:43:56 GMT
x-fbtype
30808
content-digest
adler32=2329757484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16135
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 05 Apr 2023 07:37:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-needle-checksum
1347642013
accept-ranges
bytes
timing-allow-origin
*
336653612_1272733246996756_5037226267515267926_n.jpg
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-1/ Frame 482D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-1/336653612_1272733246996756_5037226267515267926_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=x8tSvxFXh10AX_4XaRG&_nc_ht=scontent-lhr8-2.xx&edm=AEDRbFQEAAAA&oh=00_AfA6FRveTEdwHHdCh0oRd9k1rjGeiWCgdFpmmVGT_F82UA&oe=647D88D2
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab32b2c4c4edb597ff057500e0716830305580857189e611e5b07acbba87d78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum
2147604827
date
Thu, 01 Jun 2023 05:43:56 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 05 Apr 2023 07:37:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1081392817
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
439318
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1442
/
ads.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/acx-adwords-navigation-frontend-prod/1;script-src 'report-sample' 'nonce-YvVnS96XI3BaIQXrzbZNMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/encsid_AYjjsg5yjxztfuVH73DtwhoZZudWgJJ-9Km12zTZC-uMyNJ1ItyWlnooteMxEwb4U6JFRw
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

acx-server-start-time
1685598235493
acx-server-time
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/acx-adwords-navigation-frontend-prod/1;script-src 'report-sample' 'nonce-YvVnS96XI3BaIQXrzbZNMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/encsid_AYjjsg5yjxztfuVH73DtwhoZZudWgJJ-9Km12zTZC-uMyNJ1ItyWlnooteMxEwb4U6JFRw
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="AYjjsg5yjxztfuVH73DtwhoZZudWgJJ-9Km12zTZC-uMyNJ1ItyWlnooteMxEwb4U6JFRw"
date
Thu, 01 Jun 2023 05:43:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"AYjjsg5yjxztfuVH73DtwhoZZudWgJJ-9Km12zTZC-uMyNJ1ItyWlnooteMxEwb4U6JFRw","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AYjjsg5yjxztfuVH73DtwhoZZudWgJJ-9Km12zTZC-uMyNJ1ItyWlnooteMxEwb4U6JFRw"}]}
server
ESF
server-timing
server-processing;dur=6
strict-transport-security
max-age=3600; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-trace-id
2159496383826859447
x-xss-protection
0
/
ads.google.com/ 		0
0
1310.png
www.vesty.co.il/Cnt/Images/Weather/ 		672 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vesty.co.il/Cnt/Images/Weather/1310.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/main/article/b1ybxzs8h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

backend-cache-control
Date
Thu, 01 Jun 2023 05:43:55 GMT
Last-Modified
Thu, 01 Jun 2023 01:29:26 GMT
ETag
"c2826d31d827d41:0"
Content-Type
image/png
VX-Cache
MISS
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
672
V-TTL
0
0
www.vesty.co.il/iphone/json/api/talkbacks/list/b1ybxzs8h/end_to_start/ 		24 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/iphone/json/api/talkbacks/list/b1ybxzs8h/end_to_start/0
Requested by
Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.70.125.117 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-70-125-117.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
048a6099e10c5ac79ff998eb79a4b5d5679e9dbef7cada30c224dfbc262c7fdb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.vesty.co.il/main/article/b1ybxzs8h
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

backend-cache-control
X-me
${S_HOSTNAME}
X-version
V3
Date
Thu, 01 Jun 2023 05:43:55 GMT
VX-Cache
HIT
WAI
02
Connection
keep-alive
Content-Length
24
V-TTL
63
Last-Modified
Thu, 01 Jun 2023 05:41:48 GMT
OSV
c8
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
vg_id
2
Accept-Ranges
bytes
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 17:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44780
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 17:17:35 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Sat, 01 Jul 2023 05:43:55 GMT
date
Thu, 01 Jun 2023 05:43:55 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
sdk.js
connect.facebook.net/ru_RU/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=4775e7da62ac7bf030f15568e658d29c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9952a8dcad912fe91be6574b823e231879e5f43666abb1000e647eb6d2f6b6e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Jun 2023 05:43:55 GMT
content-md5
oXWCbk2UEiS8v3p06/GJUw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88897
x-fb-rlafr
0
x-fb-debug
+E7ScsRNWIdq46qjloVcsm08dnob6t8/dLxlq4LcPr9zgSRPKwyhx/j46g3kQhFMfkO7HFyMnSsIAJ8dvE2pDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
9c0c95a5a31f5f0bbfff197171cbce11
cross-origin-opener-policy
same-origin-allow-popups
etag
"fe7b3d94c13a0177365a3296ccb86553"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 31 May 2024 04:07:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
457 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		236 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3894130574439625&correlator=3830078025490540&eid=31074922%2C31074926%2C31074978%2C31074985%2C31068367%2C31068826&output=ldjh&gdfp_req=1&vrg=202305250101&ptt=17&impl=fifs&iu_parts=6870%2Cvesty%2Cdesktop%2Cinterstitial.adx%2Ctop%2Ceconomy%2Cmoney%2Cbox.1%2Cbox.2%2Cbox.3%2Cdisplay.videoinpage.1%2Cskyscraper.left%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2F6%2C%2F0%2F1%2F2%2F7%2F5%2F6%2C%2F0%2F1%2F2%2F8%2F5%2F6%2C%2F0%2F1%2F2%2F9%2F5%2F6%2C%2F0%2F1%2F2%2F10%2F5%2F6%2C%2F0%2F1%2F2%2F11%2F5%2F6%2C%2F0%2F1%2F2%2F12%2F5%2F6&prev_iu_szs=1x1%2C1x1%7C1x2%7C970x90%7C970x250%7C1000x200%7C970x130%7C970x350%7C970x100%7C1192x250%7C1192x350%7C1192x90%7C1192x100%7C1192x130%2C300x250%2C320x50%7C300x250%2C300x250%2C320x50%7C1x1%7C1x2%2C160x600%7C160x601%7C1x1%2C160x600%7C160x601%7C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2Cheight%2C0%2C0&ifi=1&adks=2106902652%2C4012105087%2C3205280339%2C3397345310%2C1328487900%2C3609515323%2C2446443006%2C824806406&didk=3322118780~3142012961~1729980458~1729980461~1729980460~1228416181~3692076097~876052599&sfv=1-0-40&ists=128&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0&cust_params=ynfi%3D0%26dckw%3D0%26ngch%3D0%26yrca%3D0%26dcTag%3D%26ynch%3D50.Vesti-13160.VEconomy-13236.Vmoney%26dcPath%3D50.Vesti-13160.VEconomy-13236.Vmoney%26dccg%3Darticle%26ynvc%3D0%26yncd%3Db1ybxzs8h%26callType%3DGPT%26dcsch%3Dnull%26dccw%3Dhigh_res%26dcsw%3D1600%26dcunigpt%3Dview1%26charset%3DUTF-8&sc=1&cookie_enabled=1&abxe=1&dt=1685598235633&lmt=1685598231&dlt=1685598233854&idt=1596&adxs=-9%2C315%2C1120%2C1120%2C1120%2C180%2C0%2C1440&adys=-9%2C5%2C223%2C1598%2C1958%2C1086%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C1%7C2%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&frm=20&vis=1&psz=0x-1%7C1240x10%7C300x-1%7C300x-1%7C300x-1%7C824x1840%7C1600x2728%7C1600x2728&msz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C824x0%7C160x-1%7C160x-1&fws=2%2C0%2C0%2C0%2C0%2C0%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1907318486.1685598236&ga_sid=1685598236&ga_hid=1777225161&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c99077787e257c7edd731fe6edd4c4f89d3938a8da03c945e53ae65f39dff746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42867
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,-1,5417660538,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,-1,138317008969,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D28A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:55 GMT
expires
Fri, 31 May 2024 05:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl_page_level_ads.js?cb=31074978
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34604045879551d9e3dc0a6bfff8ccc4f5acc35f7d91edd7855937ef417a9736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 10:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
68830
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13015
x-xss-protection
0
server
cafe
etag
10195340191529681258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 30 May 2024 10:36:45 GMT
widget_app_base_1685571097325.js
cdn.userway.org/widgetapp/2023-05-31/ 		133 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c35827c134a532b9e68396abb6e4e6b79e42039d083a963aa6efd65ee9384926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:55 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
93
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
26729
x-accel-date
1685571506
x-77-nzt
AcO1ryckJOL/aWgAAA
x-accel-expires
@1711491506
last-modified
Wed, 31 May 2023 22:15:04 GMT
server
CDN77-Turbo
etag
W/"6208a7f53e30ecff037839affd4eb5e3"
x-77-nzt-ray
25b021312677e8c71b30786448282f27
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
5CYH7jJmCldaCUic6JTnnBcRBrn7daIFM-sU2ADSV2oXl0C5DLpBvQ==
optimize.js
www.googleoptimize.com/ 		119 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-KXPKGJR
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68425923e30ccc97de3488098f07323215808c761c5b709c4cddada4fc49d887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47420
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 01 Jun 2023 05:43:55 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Jun 2023 05:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2341
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 01 Jun 2023 07:04:54 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9561314ad3f5e017885ee51821e21db5ed0c47f328939c92bbc2c69315e695e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81157
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jun 2023 05:43:55 GMT
PRE
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
age
7572
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Jun 2023 03:37:43 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id
5TZxrs4ZAZOkgMeGrsslsjsLwcaeHajeyFEi01NXc5SuFYltNz7gLg==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js?d=2023-06-01
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
PRE
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 		0
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/javascript

Response headers

date
Thu, 01 Jun 2023 03:42:22 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
7293
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
CgXD7sY5x4w--94O9gbAvuXuuezML0jL550FYLotJ65y2NviT96Tnw==
POST
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 		0
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/javascript

Response headers

date
Thu, 01 Jun 2023 01:30:32 GMT
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
15203
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
YhqJtM2NydKCN4czQ-t571C3xtspiB95YeCHni2aVU68P_S59B7jLg==
POST
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
age
14843
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Jun 2023 01:36:32 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id
KLPNU2gerqJ9kXhx1xGv5iM8GJiAbWpc7Dt9euwM4Hd8KZTS3TRgZQ==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
card-interference-detector.20230530-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20230530-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e14b921d38dacc2a9cd9d714c70dd0fc57e6f9ee71c8785fa7ccbd51264e3cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
IvyC8_sErvTq6qL1zIzlt9z6zJOHGOuX
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:55 GMT
x-amz-request-id
DBETA5F8EQ3ZK8Q5
age
74324
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2179
x-amz-id-2
wy7SAEYAbaDxhIhxgmfeIuBGNWtU7R2F5x+Lpnr7dPt33HVlfQ+5osaatXdpbqCS5UvyMQhzeQg=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 31 May 2023 09:05:12 GMT
server
AmazonS3
x-timer
S1685598236.811307,VS0,VE0
etag
"8a82183552d648a7ce823cda883537de"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4624
sync
gum.criteo.com/ 		46 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
346680
expires
60
json
trc.taboola.com/ynet-vesty/trc/3/ 		101 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/trc/3/json?tim=05%3A43%3A55.786&lti=deflated&data=%7B%22id%22%3A982%2C%22ii%22%3A%22%2Fmain%2Farticle%2Fb1ybxzs8h%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1685524254209%2C%22vi%22%3A1685598235749%2C%22cv%22%3A%2220230530-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h%22%2C%22vpi%22%3A%22%2Fmain%2Farticle%2Fb1ybxzs8h%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2728%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-z-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%20ND%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%20ND%22%2C%22cd%22%3A493%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbs-feed-01-b-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Wide%20ND%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Wide%20ND%22%2C%22cd%22%3A2309.859375%2C%22mw%22%3A824%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmain%2Farticle%2Fb1ybxzs8h%2CBelow%20Article%20Thumbnails%20Wide%20ND%3Dthumbs-feed-01-b-nd%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%20ND%3Dthumbnails-z-nd%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
451ec16adec4941d6711bb005aef648a1bf76dc259a4eae0b77901389cc73077

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
673
date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230139-FRA
server
nginx
x-timer
S1685598236.815739,VS0,VE673
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.vesty.co.il
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
spc_fi.php
cdn.firstimpression.io/delivery/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=7787&url=%2Fmain%2Farticle%2Fb1ybxzs8h&charset=UTF-8&ch=5&ref=www.vesty.co.il&viewerId=null&referer=&_firid=90106826
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
19e096f7ffa2dc5236c46a3a65a2db3da73d021509148ff48c66326318fb6b1f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 05:43:55 GMT
Content-Encoding
gzip
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
1030
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.vesty.co.il
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
agT1NrM5eKI4SrfE4wBVNcqR-8DIkR967wCig2qJ1xHaEOWRbMY9BA==
Expires
0
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 482D 		573 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/06ZX3mXSkRb.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yl/l/0,cross/06ZX3mXSkRb.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:55 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
LRdSTsi2gmtRJwa8GsPx7GSWL4PXXOjEc9fWCfixCxgFuPn0BEdVn9Ym/s3JFxaMtrEe9TFKUdpoc/X3t8F+PA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 23 May 2024 23:45:45 GMT
TMdH3tdGg3
api.userway.org/api/tunings/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/TMdH3tdGg3
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.164.82.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-82-183.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
82d7f0ae53ddbe8de962a23c632fbc9f93e18005368a95671ade348794ba1197

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
etag
W/"5f5-t9WYmx+6En8PBN2XGDkjC9Pefks"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr7926434ee541480
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
1525
x-service-version
uw-pr
trinity-injector-script.js
vd.trinitymedia.ai/trinity-player/tts-player/20230530_d3451cecabc9e16e301bcff67caf9d3261d556e2/ 		277 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vd.trinitymedia.ai/trinity-player/tts-player/20230530_d3451cecabc9e16e301bcff67caf9d3261d556e2/trinity-injector-script.js
Requested by
Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001404/?pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-36-10.bunnyinfra.net
Software
BunnyCDN-DE1-1053 /
Resource Hash
851fd64c4950fca21be89e6dde49ef1223b87227c12da7320528be240b7c45f4

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
x-amz-version-id
MR7FG4CFPo163H7vh4ytexhE5aE81DOp
content-encoding
br
cdn-edgestorageid
1048
x-amz-request-id
SCHWCAM98F71X8XJ
cdn-cachedat
05/30/2023 15:48:25
cdn-pullzone
112690
x-amz-id-2
wET1DrTzFxBiHLZuMIiOqo7sLjaESiOOaHns2L+g/EWUgslbHpRTdavdSw4xflV9dIlm/1oN7DM=
last-modified
Tue, 30 May 2023 14:29:47 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"0e3fe12e44dd68faf30b7f744d5e8f26"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
acbc2e0b-1875-472e-93e7-be7f028b2851
access-control-max-age
3000
cache-control
public, max-age=604800
cdn-requestid
097d5af7d6d28d0ec75f0df0a60115e7
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
dmp-main.js
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 		219 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-22.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
cbfeec5e4fcd8eb68c82bae4d6fed0e5c3d462bf8d374dbf9f549221ed1d7c48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 01:50:34 GMT
content-encoding
br
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
14001
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
mbiEclfI6NG8GVHdndaZ19UiC67_II4kR3quduA6aqxsonOTeCbtDg==
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=45je35v0&_p=1777225161&cid=1907318486.1685598236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685598235&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&dt=%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%20%D0%BD%D0%B0%20%D1%81%D0%B2%D0%B5%D1%80%D1%85%D0%BF%D1%80%D0%B8%D0%B1%D1%8B%D0%BB%D0%B8%20%D0%B8%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%BE%D0%B2%3A%20%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D1%82%20%D0%BB%D0%B8%20%D0%BE%D0%BD%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%87%D0%B8%D0%BA%D0%B0%D0%BC&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
tag.escalated.io/ 		76 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.vesty.co.il&type=display&cust=7787&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.77.238.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-238-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
df4acba18ca9890f91ffb3945d31079bc2cd527ac59eefef5dfa28570c538e7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 05:43:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 May 2023 19:03:48 GMT
Server
nginx
ETag
W/"645bea94-1319b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
collect
cdn.firstimpression.io/tracking/ 		2 B
579 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/collect?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-124.fra6.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date
Thu, 01 Jun 2023 05:43:55 GMT
Access-Control-Request-Method
*
Via
1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Access-Control-Allow-Methods
OPTIONS, GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.vesty.co.il
X-Cache
Miss from cloudfront
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
2
X-Amz-Cf-Id
y-sRt04F26BRFynOttqRTL8TpycFXHgSsaZKVhsoMVqwu8B2xlMmvg==
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5536870-20&cid=1907318486.1685598236&jid=1555881424&gjid=1937339436&_gid=829797926.1685598236&_u=aCDAgEABQAAAAEAAI~&z=2008404912
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1777225161&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&dp=%2Fmain%2Farticle%2Fb1ybxzs8h&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%20%D0%BD%D0%B0%20%D1%81%D0%B2%D0%B5%D1%80%D1%85%D0%BF%D1%80%D0%B8%D0%B1%D1%8B%D0%BB%D0%B8%20%D0%B8%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%BE%D0%B2%3A%20%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D1%82%20%D0%BB%D0%B8%20%D0%BE%D0%BD%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%87%D0%B8%D0%BA%D0%B0%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQAAAAAAAI~&jid=1555881424&gjid=1937339436&cid=1907318486.1685598236&uid=0&tid=UA-5536870-20&_gid=829797926.1685598236&gtm=45He35v0n71NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2023%2F06%2F02%2006%3A43%3A56&cd12=Article&cd14=50.Vesti-13160.VEconomy-13236.Vmoney&cd15=%D0%94%D0%B0%D0%BD%20%D0%A0%D0%B0%D0%B1%D0%B0%D0%BD&cd16=2023-05-31%2020%3A44%3A03&cd17=2023-05-31%2020%3A44%3A03&cd18=&cd19=b1ybxzs8h&cd21=356&cd23=Eli%20K&z=2026374152
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 23:27:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22586
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5536870-20&cid=1907318486.1685598236&jid=1555881424&_u=aCDAgEABQAAAAEAAI~&z=1075453833
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5536870-20&cid=1907318486.1685598236&jid=1555881424&_u=aCDAgEABQAAAAEAAI~&z=1075453833
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Jun 2023 05:43:56 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Jun 2023 05:43:56 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
events
event.dxmdp.com/rest/api/v1/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
1160b526d9e1495566951f48d527fafc9805346d264fdf486528712485192c8e

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:56 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sync
event.dxmdp.com/rest/api/v1/ 		13 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:56 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
iframe_api
www.youtube.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1384259e6f4ab2c7553cb9b40c64bcc72a3ddfee4a3665a92fc9b6bf617413c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 01 Jun 2023 05:43:56 GMT
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=xcYmesNs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 01 Jun 2023 05:43:56 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		23 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=xcYmesNs
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.242.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-242-36.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6644b38612adab7c985316a135aa23e3accb658eb27bd7d9239b18b6109f74ad

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:56 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 524E 		193 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=3bc34bda-d1ef-498e-9dab-c65a29ee6da2&monitoringConfig=%7B%22uuid%22%3A%22a5beb245-2949-4a76-95f5-bddfc2ec171c%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-128.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
70039
content-encoding
br
content-type
text/html
date
Wed, 31 May 2023 10:16:38 GMT
etag
W/"26fac2aab0da1220dfb31537337da864"
last-modified
Tue, 25 Apr 2023 09:13:58 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-id
f-h6KwpfrIbWpySgBUHDMiotWziTlA5vvDYEwYIcipam8ObID824sA==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
hJH5hjr7p_V6ZdbVarTFlu9NX1ZPV5mO
x-cache
Hit from cloudfront
www-widgetapi.js
www.youtube.com/s/player/f55759b8/www-widgetapi.vflset/ 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f55759b8/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06b37316b38c8f1f7d9a254158baeff84ea85bdb10e5e261bc75a17b20ce3b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
53219
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62809
x-xss-protection
0
last-modified
Wed, 31 May 2023 01:50:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 30 May 2024 14:56:57 GMT
container.html
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C626 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:55 GMT
expires
Fri, 31 May 2024 05:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305221508000/ Frame 606F 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61790
x-xss-protection
0
server
sffe
etag
"dc39a5ea8e84372b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 606F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"68ea093d80ab2def"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 606F 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"52a0fa5b1f73dc96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 606F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"64a18d292337e38c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame 606F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"4886bdcdd7fc48e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
truncated
/ Frame 606F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f28180ef39ca232cf1ccd46c1161d8513d87148f7c70d9c6ccb916c322530769

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305221508000/ Frame C66B 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61790
x-xss-protection
0
server
sffe
etag
"dc39a5ea8e84372b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame C66B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"68ea093d80ab2def"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame C66B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"52a0fa5b1f73dc96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame C66B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"64a18d292337e38c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame C66B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"4886bdcdd7fc48e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
truncated
/ Frame C66B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4df7f2de9ea8edc3db32a53bcaeaf46daee08607763062bcf7652bcaa57bf8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305221508000/ Frame B2AC 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61790
x-xss-protection
0
server
sffe
etag
"dc39a5ea8e84372b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame B2AC 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5228
x-xss-protection
0
server
sffe
etag
"68ea093d80ab2def"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame B2AC 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"52a0fa5b1f73dc96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame B2AC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1912
x-xss-protection
0
server
sffe
etag
"64a18d292337e38c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305221508000/v0/ Frame B2AC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305221508000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 May 2023 17:10:01 GMT
age
131635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"4886bdcdd7fc48e5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 29 May 2024 17:10:01 GMT
truncated
/ Frame B2AC 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c0f2704adbc7e87811cb477aa3ddcdfe20e68f8610ba6b8f28e58fa6bfb7fcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C8A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrZtucBlSvtaN9DUzVSneP43Ri7FWxUZN2CNqU9OQcLhJEAtIyAX3oAOVCZ8ac9OZGURYzxHDj6xuSKWOaQUX3Iv78HI6-jOcohO9wHBHunYpjbl3H2az2v0cu7s92nD41R_fJdDTbOAhyvFfFgbQcEDpBwK_uVzQ6qbNSiwXT0NOnp8rckpzVlmwhpwN0aA4KVtvShlEmkxh4kCDL_Q0pcpiUUrAKnqpHh1VjN2nG921jqP_9ll5IYQ9EHLnygKiVfUYBsHns2V0wr1asaewGexCkqnsQJ98oVH4TCRsiGW_Li3VcBdn5k6l7EJyMZHjgAFZVLky9TLphwR3Vaa6PUIi8pR8CEo7gY5jLvFbGu3M&sai=AMfl-YRFfvTBYY4gAe2Izt3CMT1TIb9MKHFt5gjpdRGt3C0Kll-oo-jtDapLyDA_21BVP3YrAK5RyijQKnbwg31us_lzHEmd5YSPVWXlRbNIFcksopp7k2NYFqBHxOE3TaSxyegicRY8ks_CjE7nySlY&sig=Cg0ArKJSzAAgKD54yeOhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:56 GMT
3316.js
cnt.trvdp.com/js/743/ Frame C8A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/743/3316.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
373d96dce358894b5896f2c8879e06398958dfe80db8291294d6f0d3b85e8a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 20:37:46 GMT
content-encoding
gzip
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2023 08:07:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
4525570
etag
W/"bfa15871a35c1df2d2e6fd5e9cd7dd1c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
66z5rnZgIerIb-nubgJP6i2txgZXcUGKERgKaekjivbgW6BC8axsfA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8A2 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
container.html
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BBA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:55 GMT
expires
Fri, 31 May 2024 05:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D664 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:55 GMT
expires
Fri, 31 May 2024 05:43:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5942597833509980956
tpc.googlesyndication.com/simgad/ Frame 606F 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5942597833509980956
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602c46beb922196484bee4f9ba8e6c6c2fd4b019fc12141200bd8e277c45807c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 18:32:49 GMT
x-content-type-options
nosniff
age
126667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95773
x-xss-protection
0
last-modified
Thu, 11 May 2023 10:57:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 May 2024 18:32:49 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 606F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 18:10:22 GMT
x-content-type-options
nosniff
server
cafe
age
41614
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Thu, 01 Jun 2023 18:10:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 606F 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 19:03:49 GMT
x-content-type-options
nosniff
server
cafe
age
38407
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 01 Jun 2023 19:03:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 606F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CudRxGzB4ZOzzLY2Q7_UP_62j8Azc3ebDcM600I6wEaCHgOyQAhABIJn7oCtgleKQgqAHoAGWk-njA8gBA6kCbDe00ne-eD7gAgCoAwHIAwiqBIsCT9CarZertVGE-5ojzZ2JFsSrAKMS481z9Yrr8rMfsDiQZwKICVNxHHkF77YQR-JYPkUMf_ZUn-Y4UvCxVfuHUsukdSQdEt-370PyT0QC1rkmyNk-4QCl3F8kW6s9Nlf7dCdnWHxbsg49ruW8jwWWhjf1Ns1IF3PdndSdu9ZWkW2bYwVopFjgdoN6MAmCzRJxHDiycB6PgPUdiQukf1vBH8U9WFNY2Mb5559n4yxfIrWDRInQ622Kxw519JAgQoGqBeW9VMje3hwbP5FW5PY4enx_HvDW_OgCWWslEt0fksdtP7yWZAWv20Cl9IVz7bvFPeNyYZ5kM0UU6Q4pn0UZoi7b5Ns2kLBCXAb4wASEsPansQTgBAGSBQQIBBgBkgUECAUYBKAGA4AH0uyWHKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIjhH9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDIwNzY1Nzk3MTEyNjkzMBi5sw0&sigh=pWuN0VQS-eA&uach_m=[UACH]&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
3831386948471483384
tpc.googlesyndication.com/simgad/ Frame C66B 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3831386948471483384
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d04c51e09fe885a7eb542fbef102f22f52072c5cf07e2e1719744b812fdc4ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 17:55:32 GMT
x-content-type-options
nosniff
age
128904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50427
x-xss-protection
0
last-modified
Thu, 11 May 2023 10:48:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 May 2024 17:55:32 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C66B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 18:10:22 GMT
x-content-type-options
nosniff
server
cafe
age
41614
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Thu, 01 Jun 2023 18:10:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C66B 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 19:03:49 GMT
x-content-type-options
nosniff
server
cafe
age
38407
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 01 Jun 2023 19:03:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C66B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Csh-WGzB4ZO3zLY2Q7_UP_62j8Azc3ebDcOjBw6OfEbChsu-DAhABIJn7oCtgleKQgqAHoAGWk-njA8gBA6kCbDe00ne-eD7gAgCoAwHIAwiqBIsCT9BUuPP0v0YeeibR_cqsdCjS7cMnvy0gL1AJfae-RzvPxgiULzO_RLCYhSTh-EgmpmeU88hGTRomAA-rSjPIPylIcZGS_3LFVV3W-ghekt6xTDetptNJmKc62gd_Eo-OALwgLmnxDXePPEQkCNLsycpZYYv4DxhMgnZMnUmLxvWJUPI4NNT_ZhnnNa12PyDYIoBorRKb60DuRXiCXyGwohWo4ozASpuFrfSlyhKb1KkcIsCsoUMfAwi_UrJw3fRZZZJS2MbaNeJAvDh0S3yrBDSpafUThLy5aYV5ImKLvej5bbCPR7PwBiPpqKlKoDzgmZu2Dg4mUstaCNBgfJUmy0qL5LluAGAOgFUFwATcr_ansQTgBAGSBQQIBBgBkgUECAUYBKAGA4AH0uyWHKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOyOFdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDIwNzY1Nzk3MTEyNjkzMBi5sw0&sigh=6buwoiTUmSw&uach_m=[UACH]&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
5942597833509980956
tpc.googlesyndication.com/simgad/ Frame B2AC 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5942597833509980956
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602c46beb922196484bee4f9ba8e6c6c2fd4b019fc12141200bd8e277c45807c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 18:32:49 GMT
x-content-type-options
nosniff
age
126667
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95773
x-xss-protection
0
last-modified
Thu, 11 May 2023 10:57:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 May 2024 18:32:49 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2AC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 18:10:22 GMT
x-content-type-options
nosniff
server
cafe
age
41614
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Thu, 01 Jun 2023 18:10:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2AC 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 19:03:49 GMT
x-content-type-options
nosniff
server
cafe
age
38407
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 01 Jun 2023 19:03:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B2AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClDu5GzB4ZO7zLY2Q7_UP_62j8Azc3ebDcM600I6wEbChsu-DAhABIJn7oCtgleKQgqAHoAGWk-njA8gBA6kCbDe00ne-eD7gAgCoAwHIAwiqBIsCT9AxgGFIg3itp7wDUDPqiVxjE38PJ9W-24sxK01XT71oTUPp_9fC2VAUESKRV5jUuvtqTrx6HzYJ0cXaEnSHBhyl9FgAN_f7w9lNyXyWJbfTGojaWcTisd3c6lgu3EiHJoX4rL_QfZlXFjq6Il4AbfNSxDWvpMVTOPx324Ql_9dacsWC5FRawRMXPp2_1pXrlupxufI0f3FBI-1xrN90K3nS94wDmtH6YwP40Pb841wRB46tL2rsCf4pMh0gKUeS7CsxfvbOrnQ_wqdTPzU-tu8QFd8LXfSw7oLZdDxUCdGg2N5fvHB07EqzeXBsEIUE9B2lFcqjZ0H-mAwzsDYrswRWWCVjlPznYFiZwASEsPansQTgBAGSBQQIBBgBkgUECAUYBKAGA4AH0uyWHKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMGSGdIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDIwNzY1Nzk3MTEyNjkzMBi5sw0&sigh=jNCPBrrs9C8&uach_m=[UACH]&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4E57 		624 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNW2EwdA06iR87Lc-hN_H1Ty57ZrPYtM2P6drG8tSifikaW9KRLxU_mlzTnDAUmvke4Rw9Mp8O2bo773TJt3xen5okEq-gEuzdwPD14io-eUHyGXq_0FiTfSHfkpjo4EXj-C-EY7VdbCr7a2wPyL3vPG12HG144vYIa_8smbpuDyh4spJFw
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C626 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C626 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BhztjUAlY8GvJWNMx1ZY2X542fbCuV7epPfHX8Rt4Z-3UJ77S-6HAXfoMoBs-_vq3LAfSSsB6lLlogaG9-ikV6WjEe7FgCyc3nGaZ_5ECbNoBuStw
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C626 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12343950399478706371&x=1&ct=76
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame C626 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 14:02:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame C626 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
56487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 14:02:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C626 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7F8D 		640 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWJiccCHj11qqlMEanulyLBdzc3Ij9nG9b8gLVT8QeeAy7neGAicx2Ln-_zL5WGPd3ApXfnhabdrkZHLkcMe48SivuDwRUQCDpx93CTNqc-PzyFKuxOrvPEIft6c-swineND03GdNaaCcCK1RhKmEjUwxoWuSfESPG5NwkLrmEjYiMsRFA
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0BBA 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBA 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrETZ-JLfSSuy9npZXHdz4Nb5vgZdWNNIF0zQmEzERGGSz0aCcsugWl0enDmfb_b4DffzkeLUzIIXLPIVQewyqV0c3R4e8ZpTnUnbdTrEwMlOeuJ8
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBA 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7786001719015664885&x=1&ct=76
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 0BBA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 14:02:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame 0BBA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
56487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 14:02:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BBA 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 19CC 		640 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWTWqBAVKwqJV_XCrJ1NX7h4Pf7gpQVVC3S14zs4wDH3qqzGJDiWTYdWjgn_x0cZZWopFEEix8NVguSeZAT4OhVoR7rKqLTc75-GuzrEWJXf2g84ZxWLYwFvWy4S5I8GhpDDMdKf7p7yvMUIGNWW6-gOS3q_OKJCUHcMx1NQhVscnbN4EA
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D664 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D664 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9tOh3GFlm3OUXZfG-PaY4GqdKHK8Zl4PrFx7-UVK887-qhMg-qblyRml9rHiIixY8jSMFvp21lJIIfFM0lKSdkM5atsQjMGu5AEc_bRdJEXOOaos
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D664 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6463894400237432959&x=1&ct=76
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame D664 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/window_focus_fy2021.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:02:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
56481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 14:02:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/ Frame D664 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230530/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 14:02:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
56487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7991
x-xss-protection
0
server
cafe
etag
2412543371950383451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 14:02:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D664 		171 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54276
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1685532878231373"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:56 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.0.1/ 		111 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1975025
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
31023
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Tue, 09 May 2023 09:06:26 GMT
server
AmazonS3
x-timer
S1685598237.556147,VS0,VE0
etag
"f42b894e197d2128ee7d3b438e0ac56d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits
162703
feed-card-placeholder.20230530-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230530-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a77ec63d5a2bba9eef75118a7c24ab1a9c96d8e9df77ac9f3bbad27e411b7fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
HHSr.Jj3yuSEyMJWE9l6mWKnKeoXixYT
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:56 GMT
x-amz-request-id
G6B35ZPM7K58QRNK
age
74317
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
sSFT9W7r6qQ0eMCwvkY/pklM1Syf9tFi918WGkA0WwyNZO0Vz1tdVqHbXvrUsvnllGbSN3LUR2A=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 31 May 2023 09:05:19 GMT
server
AmazonS3
x-timer
S1685598237.550992,VS0,VE0
etag
"a47093f521c3ddd2e9f3e06232d0a2e7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10582
userx.20230530-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230530-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e053500351e8398cc2da3b0fbc974df4ac7fc7dc6c3af1b474bde5668cd1ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
uq8bWuPQOim3vR8BJd8dqCDTGKDJXsi6
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:56 GMT
x-amz-request-id
P2MHHPSQ2923HYPH
age
74294
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
vsLX8F3sfA+pTMAOmuqaTwc5qDHMCn6MjrMEZfhlPVDBmU7RFO6POQXo0Hf+wrTtt4KymyxOU7Q=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 31 May 2023 09:05:43 GMT
server
AmazonS3
x-timer
S1685598237.566911,VS0,VE0
etag
"1ca3a62bd0088ac4567347e0b51d0975"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3681
distance-from-article.20230530-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230530-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9d145c23be845f9f5b13638ad97ce55256d3366ca513d7cd54bd7c849c629c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
QkrVb_.zPu7nlAdZFzHvNIKBwO6SFPfI
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:56 GMT
x-amz-request-id
VSQKJTG2A5D14211
age
74322
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1135
x-amz-id-2
ABfIGgJnV6WdXBFzgSwj2QoKlNQljSisS6Utm9EUVPX5NazAacYY/WIoLcmASEyLugnF6EoXmlM=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 31 May 2023 09:05:15 GMT
server
AmazonS3
x-timer
S1685598237.567442,VS0,VE0
etag
"7f2f9f217c017e4f1f27230dcb77ce6c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11444
article-detection.20230530-4-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230530-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f73618b0508eb86558693335a9b05064a901da2fb79079aac6fe2270de03558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
ECkTbiDqD2ss3z_9nU2UFM5Dn1hQPLcG
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:56 GMT
x-amz-request-id
4QYVXGE5XZ002BXM
age
74328
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
dZpBybBi25e6ozcxCQHdmgLI34Oj0R4TQ8y+2p2CgrpzvBGXSt7dw+O0s1Xq0Er4ATC5NDTY0RQ=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 31 May 2023 09:05:09 GMT
server
AmazonS3
x-timer
S1685598237.567410,VS0,VE0
etag
"aca1d72e6d515f7a9bd4adfc8aeebe5f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11445
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:56 GMT
x-amz-request-id
AYAY8C5RV6VHFQFT
age
36
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
uXXi/CHzx4H+k/Dav0BANeZz2+huxUaTAYSpYKv6pyAG2ehKzSWgM89aoMgNsGGv1IubO09tKIk=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1685598237.589634,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
3
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
38
debug
trc-events.taboola.com/ynet-vesty/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/ynet-vesty/log/2/debug?tim=05%3A43%3A56.534&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20Wide%20ND%20%7C%20Card%208%20is%20missing%20from%20preloadRequest&llvl=2&id=7686&cv=20230530-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13580
debug
trc-events.taboola.com/ynet-vesty/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/ynet-vesty/log/2/debug?tim=05%3A43%3A56.534&type=warn&msg=Delta%20mode%20replace%3A%20placement%20Below%20Article%20Thumbnails%20Wide%20ND%20%7C%20Card%2010%20is%20missing%20from%20preloadRequest&llvl=2&id=2297&cv=20230530-4-RELEASE&lt=deflated&pct=1
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13580
abtests
am-trc-events.taboola.com/ynet-vesty/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ynet-vesty/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f00b2e7fd39ec3f9439cf6eefd52b35e&sd=v2_5c20d0e6cd9a41868fe9d86cf636cf3b_15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b_1685598235_1685598235_CNawjgYQyYtDGOXY76uHMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABooavF1rHfkux-cAA&ui=15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b&pi=/main/article/b1ybxzs8h&wi=5032864775780446144&pt=text&vi=1685598235749&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1685598236555%7D&tim=05%3A43%3A56.556&id=7872&llvl=2&cv=20230530-4-RELEASE&
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/ynet-vesty/log/2/ 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ynet-vesty/log/2/debug?tim=05%3A43%3A56.591&type=info&msg=Load%20publisher%20card%3A%20comments%2Bgoogle%20on%20Card%3A%209%20with%20the%20anchor%20element%20selector%3A%20%23taboola-after-comment%20succeed&llvl=2&id=5163&cv=20230530-4-RELEASE&lt=deflated&idx=pc&pc=comments%2Bgoogle&st=1
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13538
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
supply
events.browsiprod.com/events/v2/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=geTkcyAiVNC@XXYoxIHW
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.53.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-53-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:57 GMT
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=vesty&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&bid=geTkcyAiVNC%40XXYoxIHW&at=%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%20%D0%BD%D0%B0%20%D1%81%D0%B2%D0%B5%D1%80%D1%85%D0%BF%D1%80%D0%B8%D0%B1%D1%8B%D0%BB%D0%B8%20%D0%B8%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%BE%D0%B2%3A%20%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D1%82%20%D0%BB%D0%B8%20%D0%BE%D0%BD%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%87%D0%B8%D0%BA%D0%B0%D0%BC&sw=1600&sh=1200
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.215.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-215-196.eu-west-1.compute.amazonaws.com
Software
akka-http/10.2.1 /
Resource Hash
461a72811f65ea900f55a1dc78606600a3dbe294b48a438ea13ae7a2649bb895

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
akka-http/10.2.1
content-type
application/json
3316.js
go.trvdp.com/init/ Frame C8A2 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/3316.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/743/3316.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-72.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bcf979135eb6c90265d617e208d32c68a0e38e4434386d987259482a93db4da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 11:36:09 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
last-modified
Mon, 27 Mar 2023 11:16:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
5681271
etag
"5ad5a95bcc9dbb9ec1b8a61076b2fe42"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5844
x-amz-cf-id
zN-F10FSStmuD5UobMsfACypcQLmotIXyveUl4qmjUar9dMsWdBPrQ==
/
track.adform.net/adfserve/
Redirect Chain
  • https://track.adform.net/adfserve/?bn=64165442;1x1inv=1;srctype=3;gdpr=${gdpr};gdpr_consent=${gdpr_consent_50};ord=[timestamp]
  • https://track.adform.net/adfserve/?CC=1&bn=64165442;1x1inv=1;srctype=3;gdpr=${gdpr};gdpr_consent=${gdpr_consent_50};ord=[timestamp]
35 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/adfserve/?CC=1&bn=64165442;1x1inv=1;srctype=3;gdpr=${gdpr};gdpr_consent=${gdpr_consent_50};ord=[timestamp]
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
image/gif
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type
text/html; charset=utf-8
location
https://track.adform.net/adfserve/?CC=1&bn=64165442;1x1inv=1;srctype=3;gdpr=${gdpr};gdpr_consent=${gdpr_consent_50};ord=[timestamp]
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
v5
metrics.getrockerbox.com/track/ 		44 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=25139733&tier_three=3692726815&tier_four=ynet-vesty&tier_five=Desktop&auction_id=2023-06-01+05%3A43%3A56&referrer=vesty.co.il&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.164.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHIMlkf7SC91GnmNPNCCrti8ekNE5M3yu1OvjCDDSRS30T42R8OJADBNJSI7pxwuOaNtbhg8RRuWX0WkFd1hCXQ7PkFx9WZPZnhVrDQvSCrfnvF5OoS9PzSCLhWGfYSQE%2FEDFZsM85Hm%2Fwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
7d0524533ab0bc01-FRA
alt-svc
h3=":443"; ma=86400
B1fLyh1dki_0_134_1280_720_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_556%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/08/27/B1fLyh1dki/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_556%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/08/27/B1fLyh1dki/B1fLyh1dki_0_134_1280_720_0_large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d63c657f5953949a641627cfb91bad8589c232e5f14610316e114d157fb61740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_556%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/08/27/B1fLyh1dki/B1fLyh1dki_0_134_1280_720_0_large.jpg
age
1172746
edge-cache-tag
580055398722886271274115120393400821863,447299608340074014829184763384367415541,29ecf9b93bbf306179626feeda1fab70
cache-tag
580055398722886271274115120393400821863,447299608340074014829184763384367415541,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
516
req-referer
https://www.vesty.co.il/
content-length
47622
x-request-id
fb86bbff5653043695fec5b3170a890a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000081-IAD, cache-iad-kjyo7100122-IAD, cache-lga21967-LGA, cache-iad-kiad7000031-IAD, cache-fra-eddf8230139-FRA
last-modified
Thu, 18 May 2023 15:57:06 GMT
server
nginx
x-timer
S1685598237.672513,VS0,VE1
etag
"6a32231851a1576d6bd3e7c42c89a6a9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 31, 1
779c5967898a6d19145c3765a4b44c6d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_556%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_556%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/779c5967898a6d19145c3765a4b44c6d.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0bec93ecbc699c0afeb25f95414f14fde249e10dd5ca045a9d599e985ee0e393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_556%2Cw_1000%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/779c5967898a6d19145c3765a4b44c6d.jpg
age
26314
edge-cache-tag
421634595499057917984095113131397386075,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
421634595499057917984095113131397386075,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
238
req-referer
https://www.express.de/
content-length
72702
x-request-id
986ae462b3cf476719fc76793092fa8f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200085-IAD, cache-iad-kcgs7200026-IAD, cache-chi-kigq8000155-CHI, cache-iad-kcgs7200021-IAD, cache-fra-eddf8230139-FRA
last-modified
Fri, 26 May 2023 07:19:26 GMT
server
nginx
x-timer
S1685598237.682681,VS0,VE1
etag
"82ee0495b8ee0a49806b4346f31c167a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
89a778f7d99520834aa3ac0f2044dbd5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/89a778f7d99520834aa3ac0f2044dbd5.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b0eb91bfc4c69db12b5d45caa4f04374a4caaf210106732323d646fb62d4c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/89a778f7d99520834aa3ac0f2044dbd5.jpg
age
26967
edge-cache-tag
555595709626915174871002370834671236692,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
555595709626915174871002370834671236692,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
100
req-referer
https://www.telemundodenver.com/
content-length
21030
x-request-id
94d70b3a28af10cdacee57307faba35b
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100149-IAD, cache-chi-klot8100164-CHI, cache-iad-kcgs7200022-IAD, cache-fra-eddf8230139-FRA
last-modified
Fri, 26 May 2023 07:19:16 GMT
server
nginx
x-timer
S1685598237.683137,VS0,VE1
etag
"acce0dfed04f66bdc20783b292fc071c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1, 1
1c1a4485433896736fceec0da2d04937.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c1a4485433896736fceec0da2d04937.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0a2ba70282f4bec77e1b3ecdcc81944a182604ccd340280b7b35844df2787e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c1a4485433896736fceec0da2d04937.jpg
age
934862
edge-cache-tag
338421578226034756314113718938328315085,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
338421578226034756314113718938328315085,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
210
expiration
expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.vesty.co.il/
content-length
13310
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200029-IAD, cache-iad-kjyo7100068-IAD, cache-lax10651-LGB, cache-iad-kiad7000101-IAD, cache-fra-eddf8230139-FRA
last-modified
Thu, 11 May 2023 18:08:42 GMT
server
nginx
x-timer
S1685598237.682851,VS0,VE1
etag
"70a2aec618f31b64aefa111057d2f098"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 22, 1
88af142318b08125669e5f91aa4c0653.png
images.taboola.com/taboola/image/fetch/h_556,w_1000,c_fill,g_xy_center,x_468,y_343/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_556,w_1000,c_fill,g_xy_center,x_468,y_343/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88af142318b08125669e5f91aa4c0653.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
84b5d14131b0ce563122630184fca4dbff248880636ab2ea348c62040822d645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_556,w_1000,c_fill,g_xy_center,x_468,y_343/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88af142318b08125669e5f91aa4c0653.png
age
19900
edge-cache-tag
294989555324514078137274802951263174420,604395091304754346123309547117356143481,29ecf9b93bbf306179626feeda1fab70
cache-tag
294989555324514078137274802951263174420,604395091304754346123309547117356143481,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
241
expiration
expiry-date="Thu, 01 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/
content-length
48580
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000176-IAD, cache-iad-kcgs7200062-IAD, cache-sna10738-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230139-FRA
last-modified
Mon, 01 May 2023 09:43:25 GMT
server
nginx
x-timer
S1685598237.697544,VS0,VE1
etag
"f06799aae1def18f55c26605c6b5988f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
ce56b9d5a9f283688bb68420c564261e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce56b9d5a9f283688bb68420c564261e.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de8cb79361a6875847673adf11f3c2e714013d9cbc68ecd4d0f4c2ff24b0d4a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce56b9d5a9f283688bb68420c564261e.png
age
3323749
edge-cache-tag
630361108700058191392641690462288652419,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
630361108700058191392641690462288652419,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
179
expiration
expiry-date="Sun, 14 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://slate.com/
content-length
28430
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200160-IAD, cache-iad-kcgs7200143-IAD, cache-lax10665-LGB, cache-iad-kcgs7200057-IAD, cache-fra-eddf8230139-FRA
last-modified
Thu, 13 Apr 2023 11:14:54 GMT
server
nginx
x-timer
S1685598237.697786,VS0,VE1
etag
"171e701dae5102b2d19ef58fad303e85"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 31, 1
r1M11FBgZyq_0_75_1000_563_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/02/09/r1M11FBgZyq/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/02/09/r1M11FBgZyq/r1M11FBgZyq_0_75_1000_563_0_large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29e36e355552d3856086c9a3f692ae0541f1f5f6ce200a15e3d19e418cec6188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/02/09/r1M11FBgZyq/r1M11FBgZyq_0_75_1000_563_0_large.jpg
age
740306
edge-cache-tag
326072032718673023081731181104427084637,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
326072032718673023081731181104427084637,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
201
req-referer
https://www.vesty.co.il/
content-length
29102
x-request-id
fd1eeec0d7042cc4051e5147677cf8d9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000144-IAD, cache-iad-kcgs7200026-IAD, cache-chi-kigq8000052-CHI, cache-iad-kjyo7100176-IAD, cache-fra-eddf8230139-FRA
last-modified
Tue, 23 May 2023 16:01:31 GMT
server
nginx
x-timer
S1685598237.697715,VS0,VE1
etag
"f700643428c44ca881849ee2719ee4d0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 2, 1
1710c53191040e67d78b36ddbd45eaf5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1710c53191040e67d78b36ddbd45eaf5.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c1928501888f72c1c9d2cb3bdd18742623c6f6e806416db07aa8c538ef9a8ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1710c53191040e67d78b36ddbd45eaf5.jpg
age
3469680
edge-cache-tag
516498336821904268191509393598350807801,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
516498336821904268191509393598350807801,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Fri, 05 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tichyseinblick.de/
content-length
17618
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200145-IAD, cache-iad-kcgs7200138-IAD, cache-lax10635-LGB, cache-iad-kjyo7100148-IAD, cache-fra-eddf8230139-FRA
last-modified
Tue, 04 Apr 2023 19:23:21 GMT
server
nginx
x-timer
S1685598237.739249,VS0,VE1
etag
"33834364ebeeebc39cc4f7a73527a30f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0, 56, 1
4f2d2d737b6fdd21bf7a213a3f0551b9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f2d2d737b6fdd21bf7a213a3f0551b9.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7958eb599f0a17f3a0998b843eb8bde2d41a071cbd3aff534728837fa7b7e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4f2d2d737b6fdd21bf7a213a3f0551b9.jpg
age
1318453
edge-cache-tag
589899853593261969870142344910205970081,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
589899853593261969870142344910205970081,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
437
req-referer
https://radio.modernghana.com/
content-length
20052
x-request-id
e2f63e6abb79d28b4e6ef361ff18d9c2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000111-IAD, cache-iad-kcgs7200044-IAD, cache-lax10655-LGB, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230139-FRA
last-modified
Tue, 16 May 2023 14:21:29 GMT
server
nginx
x-timer
S1685598237.743765,VS0,VE0
etag
"87edb3e8d26e433b60234ccd545d3da2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 53, 2
3654ccbeb7b59d636481b4429d448d09.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3654ccbeb7b59d636481b4429d448d09.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b5b043c65bd7bdfbeff519f41e82f1d26ab172d76eb9b44e40e0761575d2092

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3654ccbeb7b59d636481b4429d448d09.jpg
age
514715
edge-cache-tag
611365178267815767618877822325208699150,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
611365178267815767618877822325208699150,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
252
expiration
expiry-date="Thu, 08 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://travel.walla.co.il/
content-length
24812
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100141-IAD, cache-iad-kiad7000148-IAD, cache-lga21930-LGA, cache-iad-kjyo7100155-IAD, cache-fra-eddf8230139-FRA
last-modified
Mon, 08 May 2023 00:21:08 GMT
server
nginx
x-timer
S1685598237.744186,VS0,VE1
etag
"d644942883cccfb5a9d57da8136aae78"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 1
rum
dsum-sec.casalemedia.com/ Frame 4E57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNW2EwdA06iR87Lc-hN_H1Ty57ZrPYtM2P6drG8tSifikaW9KRLxU_mlzTnDAUmvke4Rw9Mp8O2bo773TJt3xen5okEq-gEuzdwPD14io-eUHyGXq_0FiTfSHfkpjo4EXj-C-EY7VdbCr7a2wPyL3vPG12HG144vYIa_8smbpuDyh4spJFw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 05:43:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4E57
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZHgwHOC8ZDe1xa7EUWWabwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNW2EwdA06iR87Lc-hN_H1Ty57ZrPYtM2P6drG8tSifikaW9KRLxU_mlzTnDAUmvke4Rw9Mp8O2bo773TJt3xen5okEq-gEuzdwPD14io-eUHyGXq_0FiTfSHfkpjo4EXj-C-EY7VdbCr7a2wPyL3vPG12HG144vYIa_8smbpuDyh4spJFw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 05:43:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAiMRwGzz04QPGTnSUBrvQU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 4E57
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ1rQ0qewXKILPZ_pgvwuJA&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ1rQ0qewXKILPZ_pgvwuJA%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ1rQ0qewXKILPZ_pgvwuJA%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNW2EwdA06iR87Lc-hN_H1Ty57ZrPYtM2P6drG8tSifikaW9KRLxU_mlzTnDAUmvke4Rw9Mp8O2bo773TJt3xen5okEq-gEuzdwPD14io-eUHyGXq_0FiTfSHfkpjo4EXj-C-EY7VdbCr7a2wPyL3vPG12HG144vYIa_8smbpuDyh4spJFw
Protocol
HTTP/1.1
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 05:43:57 GMT
AN-X-Request-Uuid
67cfa824-9e18-4341-b913-b411bbac033b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.145; 185.213.155.145; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 05:43:57 GMT
AN-X-Request-Uuid
9df20f79-1ad9-4004-9911-3bfe7e33f38c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJ1rQ0qewXKILPZ_pgvwuJA%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.145; 185.213.155.145; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4E57
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyODEyMjc2NTkyMDU2MjIyMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyODEyMjc2NTkyMDU2MjIyMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_4sqYCELfrruECGLmExucBMAE&v=APEucNW2EwdA06iR87Lc-hN_H1Ty57ZrPYtM2P6drG8tSifikaW9KRLxU_mlzTnDAUmvke4Rw9Mp8O2bo773TJt3xen5okEq-gEuzdwPD14io-eUHyGXq_0FiTfSHfkpjo4EXj-C-EY7VdbCr7a2wPyL3vPG12HG144vYIa_8smbpuDyh4spJFw
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 01 Jun 2023 05:43:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.145; 185.213.155.145; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7fb2d7b3-9897-4db5-a599-2bc12ddebb6c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyODEyMjc2NTkyMDU2MjIyMA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7F8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWJiccCHj11qqlMEanulyLBdzc3Ij9nG9b8gLVT8QeeAy7neGAicx2Ln-_zL5WGPd3ApXfnhabdrkZHLkcMe48SivuDwRUQCDpx93CTNqc-PzyFKuxOrvPEIft6c-swineND03GdNaaCcCK1RhKmEjUwxoWuSfESPG5NwkLrmEjYiMsRFA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7F8D 		43 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWJiccCHj11qqlMEanulyLBdzc3Ij9nG9b8gLVT8QeeAy7neGAicx2Ln-_zL5WGPd3ApXfnhabdrkZHLkcMe48SivuDwRUQCDpx93CTNqc-PzyFKuxOrvPEIft6c-swineND03GdNaaCcCK1RhKmEjUwxoWuSfESPG5NwkLrmEjYiMsRFA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 7F8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWJiccCHj11qqlMEanulyLBdzc3Ij9nG9b8gLVT8QeeAy7neGAicx2Ln-_zL5WGPd3ApXfnhabdrkZHLkcMe48SivuDwRUQCDpx93CTNqc-PzyFKuxOrvPEIft6c-swineND03GdNaaCcCK1RhKmEjUwxoWuSfESPG5NwkLrmEjYiMsRFA
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 01 Jun 2023 05:43:57 GMT
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7F8D 		23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWJiccCHj11qqlMEanulyLBdzc3Ij9nG9b8gLVT8QeeAy7neGAicx2Ln-_zL5WGPd3ApXfnhabdrkZHLkcMe48SivuDwRUQCDpx93CTNqc-PzyFKuxOrvPEIft6c-swineND03GdNaaCcCK1RhKmEjUwxoWuSfESPG5NwkLrmEjYiMsRFA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 01 Jun 2023 05:43:56 GMT
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 19CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWTWqBAVKwqJV_XCrJ1NX7h4Pf7gpQVVC3S14zs4wDH3qqzGJDiWTYdWjgn_x0cZZWopFEEix8NVguSeZAT4OhVoR7rKqLTc75-GuzrEWJXf2g84ZxWLYwFvWy4S5I8GhpDDMdKf7p7yvMUIGNWW6-gOS3q_OKJCUHcMx1NQhVscnbN4EA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENQSo14Zq9gL6MoBLw6Wb_Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 19CC 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWTWqBAVKwqJV_XCrJ1NX7h4Pf7gpQVVC3S14zs4wDH3qqzGJDiWTYdWjgn_x0cZZWopFEEix8NVguSeZAT4OhVoR7rKqLTc75-GuzrEWJXf2g84ZxWLYwFvWy4S5I8GhpDDMdKf7p7yvMUIGNWW6-gOS3q_OKJCUHcMx1NQhVscnbN4EA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 19CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWTWqBAVKwqJV_XCrJ1NX7h4Pf7gpQVVC3S14zs4wDH3qqzGJDiWTYdWjgn_x0cZZWopFEEix8NVguSeZAT4OhVoR7rKqLTc75-GuzrEWJXf2g84ZxWLYwFvWy4S5I8GhpDDMdKf7p7yvMUIGNWW6-gOS3q_OKJCUHcMx1NQhVscnbN4EA
Protocol
H2
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 01 Jun 2023 05:43:57 GMT
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEFUMSAyyoHWPVjql2jrL1nU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 19CC 		23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiA9t3qATAB&v=APEucNWTWqBAVKwqJV_XCrJ1NX7h4Pf7gpQVVC3S14zs4wDH3qqzGJDiWTYdWjgn_x0cZZWopFEEix8NVguSeZAT4OhVoR7rKqLTc75-GuzrEWJXf2g84ZxWLYwFvWy4S5I8GhpDDMdKf7p7yvMUIGNWW6-gOS3q_OKJCUHcMx1NQhVscnbN4EA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

expires
Thu, 01 Jun 2023 05:43:56 GMT
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
ru.json
cdn.userway.org/widgetapp/2023-05-31/locales/ 		703 B
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-05-31/locales/ru.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
06eac4afa084c9a223ea6623e22f5e3a17eec06e6eac8701fc1cb49637fc90d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
2
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
66041
x-accel-date
1685532195
x-77-nzt
AcO1ryf05Kj/+QEBAA
x-accel-expires
@1711452195
last-modified
Wed, 31 May 2023 11:14:10 GMT
server
CDN77-Turbo
etag
W/"f235bd35331c3780488c31dfebf1f31f"
x-77-nzt-ray
25b02131117616e51c30786414f6492e
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
imluRgvN1YGe7Mw9SycPoaFGx-eaoj0IjA669EG9ArYE-LkbwkH9GA==
post
tag.escalated.io/ 		31 B
445 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.vesty.co.il&type=display&cust=7787&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.77.238.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-238-227.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2ab736bb53afe18a051092f0dbc40b0034f3788c286a97ca3ab88bcbc5ed46bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 01 Jun 2023 05:43:56 GMT
X-Content-Type-Options
nosniff
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
Access-Control-Allow-Headers
X-Forwarded-For, X-Requested-With, Content-Type
Content-Length
31
X-XSS-Protection
1; mode=block
px.gif
ad-delivery.net/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1164195
x-guploader-uploadid
ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQSB6DPifIJTQ5M8RclVenbWyhh5cDBPQ%2BcOlm206bztxfFjTg1sH5NGwJ3psfeD09cnnA55Djf04y1fplfRUv9M%2BIROS8iz%2FWFZFrIJP%2Beqll4J0SNlXP2qF8X19K14ueYUrS3HvcQki1PYuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d0524546f053808-FRA
expires
Thu, 18 May 2023 18:25:18 GMT
px.gif
ad-delivery.net/ 		43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9386139116375156
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1164195
x-guploader-uploadid
ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmV%2BXSzBPxYl0Zl1TLfckdGBnHBVlPQTn3IFApsbp8rgj28iV3ViWsq%2BWFwGFAHjlM9J%2BZKLL7Gk3e%2BdqJOkZYcuVsfOK04NGLvvvvWPO8hEo6MEPl3yHwMv6AIU8nl1DiqinHatOjIEDwjlCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7d0524546f073808-FRA
expires
Thu, 18 May 2023 18:25:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 606F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C66B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
fatyu7qrhtsidpfrflbp.mp4
cdn.taboola.com/libtrc/static/video/v1682516100/ 		263 KB
263 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1682516100/fatyu7qrhtsidpfrflbp.mp4
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c0958fbb955305dbe358d9f003009081cf3761cbd04ae141959f154023ab467

Request headers

Referer
https://www.vesty.co.il/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
uCFP8aDWLFh3GrtFLyL24gfIqhC0CAkc
date
Thu, 01 Jun 2023 05:43:56 GMT
via
1.1 varnish
x-amz-request-id
FGR5PPBVPBJK6N65
age
5
x-amz-server-side-encryption
AES256
x-cache
HIT
Content-Range
bytes 0-268959/268960
x-amz-replication-status
COMPLETED
Content-Length
268960
x-amz-id-2
ysqlgRWrYqCJ4Wcr3Cnr93wc8ARm123KAGWLSyXX8WvrZLSmhdf7PWkRoonbum99VXxjdwy10Qo=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 26 Apr 2023 13:35:06 GMT
server
AmazonS3
x-timer
S1685598237.856039,VS0,VE1
etag
"dc4fb4e0f9c3d68b50516f4cbd7d7fbb"
content-type
video/mp4;codecs=avc1
abp
3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C626 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9240759081877&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C626 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9240759081877&version=m202301230201&ct=76&x=1&cor=12343950399478706000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C626 		99 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drx6bLublmx5YG0o49RheYOkNC5iKmUQeI2cTRbD34bsJ1ZAnKm3CBL1SWQbG-6-juteTvIiYKhg4T5Z7kL6eNNNFHIpd9f4jW1hCi2-WrkIX0tHjImma9hbQm30PPTsuDwa93YGL_AE6ySK5DRNIcpQrR4UBPdJlk8oBEESlJq5So6qs&dbm_d=AKAmf-BOd5wI2iQIYdUxzaQDm8NpitaO6I-0ecPXAgf5xB1AlDx6--7aPQAr6X_3dLfTSEX109wsuyaaznBwZKUy4HA9z5fziQinWx1vjuCHo_jPZhpWDpjQpBioyNFmJEP_SKMRo3RG2bS29BgL2JpUtqm8cL22mYgMnLGpDNsbtyXpO645Aimdr8A_FOfg_hnBzB-SyVCJkuNx4NkGdHelKWLzDSbjdfFG6T2WVK7iadgtQXKFYWxgJNIQFlep1W2ixks9xbBN2FlKvWlbfamnAlASicEO8DT9AfrsU5oA36NFl7ZHABmcvyqdqVh6aRxG4vrwssV0P4-GimZVn30w7xHnyoRmWgovUmD5V9MmmvYSk2TvbDWGPC-lj4bj98f6eCSWdwHthWCsVYVKYdCqLqVMIF_1Tx8vilX_65pmx7Wtwod3GGSuhK5QVIexJSafhY4pJAXIUfARiOyXDQiZqzdleueieWgtUUXT7QF4T5OXoy-kQGM__WrKV4U9PyOXiGioIZRTrXihIA-yLyZ7jLumG2LzSS3bRL_g9J3lUn3ECOSToHvGdk9Re2h5xu21hbnk5pxJmSQPd_gipN93ej4T-oIc4kd6SFdJubLkcgsCYZk6-xCX70WhZl45onVA5fZfhHyPGEM4ilOu_gwC7vioYX20NQ6tt_ooXjUu8FIEo6W45SaFpQ6vMDUNGCn455KntqQ_JMs3OwhefYjFs377lLM9G_W23mesamnpSTjjpOCbL57Ea1TOerUl8vrklUSYksKxB-Av1gx-kreWMMJ_SRiU39GVdedrzmCkyvvoaSB6k4uLwVGDSkQhSadDTkrYHjhUs-5ZvnzeS-AsxtNdx229IY567cBykIgQKX-X0RTHnVVNRqiLkMopA37wjybGHFmCgcENccByzv4dKgES_uO8pEGl4P7pzRE8aYDJ-LjnPRe8F2MKAYSKUqOJR9GqPJ2ZKRb83RR_BHFXarq93A9ihbfP9CE7z-jipJGM_AdISeUDuTyfwg1Sf20Hm9gT_Vwgh5IR4nK_biS-knXHNm5OkrCdXZ2Wen2MNu0yBflY6l_3owphxF-xMdquOVZIUMUgXjqNKKr_AvM9DulFf8g0gsy89N5ycej_IxIXDksawocB2g-XHyPGgbgTJCphU8JJaXdBH4NPkKrZYrvuJM0ysErf_hbLb7HLoSh6sifonxz_CjrT3Ni2fUSEplM2vMISDEvuBam9dpU1CYYSiZfKVeRtPhhoOgtDhP5zg3NisV7_jT0fgfTHAUx_xcEjSRnI9A_rgsdM1hoOA9iith6JM3QD611CY7mwlqYZIPJxuy8s9OSa61MBW1AcyXPrupItqKdogIBzWtFyplqjSn6ADPKFZ92mhqWeWOnsM1ZrbCTif5qs4WB6kCfVfeN1CqmF2KDMEupEh2Bol3Zwq1V_5wocmMzvHFEx17RsPiq6ddkv701f7R7ZBcELPVEuZHLZXpW63AcXOKdQYhu2_yFHVeLOVvVpu-nMU0Px9gFEi-uulCcjX6O1drWOvuIuTm31eK0U2Ky_1Uq3n6OM-8WDQMm19w-hc_lp7jp_N4FA9KBXhzIDdB_av7VNzT_TVXQGlGGWEwKHOJiNGgqN0gCEmExZwqfEndlrU5xztmLQLtgSkmh1pz4gH1waIcPZdV2fBUV7RcquFi9c6nEYVwJAgyydHtRsZQcU7_gGkVLTsPF_RxKfm2xTQN0j_L_e9sed3Z9ENUUxnQPDT5t1RkDLMQxWELXgta4zj1Glu9FAvUlEisOKH8A9UbslbjG3n14yjQ6ye5tHTq0rcaFs-Qr7MjGoLQr-0V75IOsw45ObB5Qa4vlfORwRLvbIUomryJrUU5ltYwTOvfrsvaDOt8y2wOKS-xBiZDHXvPrkczxNoMT6X2NRXGsFG6TXPEf95EJabfIzZNcUhyqJZPOQTXvVcTc5EPUcRYR0QPugx3FGrHytTxyPCK8oBLQByHGsUqq3YbK6ckB3FIGXKP_BtqBHMhqguBhwOStipsAOU5WQt4m1Bdqdh4cmjol1hQF9WR7d8F6CjLtco-1aMzZsKNfUMm9g79dlFDXFUs-8Op6qNY_h2ZCuitb_Y-WG_nsnYUlz8mPXFodT7HIdaqA0hnSM6FobH6fzZpKdw0fln7vSN2n_EbIVJuA9QRanSv_oN7NubesuidS-TTIkGFViz9voCPiuQZHqJDPZYaiCU4kxS-V5qgRDfjDji4zT17Uuv8E78XusO6chSwEdLEHqhTb4jjUK9Sw87cpocyG9Oy2uiQ9sIBVQWSUuh0oFK26MpOHEWdVrAQQfQeAcZBBBdjMQrriNWtXkwRX1j3NmnthyAby47cPB4gDH8Ecyzz9pGox9UJeym1fEnq7fd7YcU5u5S13Zpq8pq8NfCMIsqO1DYUNoAMr9gzvqVm8pvverBncOo0Rfo_I_5CDZsgIJMK_3dNDqtfLdkYs5s8i7MbdqgwUVN5zDVLAFQImhhUYvh0IUjhtpod7jDf1j5fqkVXwvA4b9G0-E9KEcrWSk96z0iFI9PU25BuzKimmFZ0QLDTMNAv4X9Iv0Y3lFN-yaKXnIv9YNx7CweQKn6GwJMehtIdTxe1cmzQ1NS6uvT1TcScaGZhVl-MXLnolHhF5UAKruAJRQRs1ri0csyML_naiSZHHYnUPgNYzD_FAIQSX0CtaCniBqC-by0ZAcsjF_dQey3Vr5ex2o6zD1XcqKEqEonyno4rMqDEgHwN_u3QxDPgTHZ3gDqopI-q0L0PJIY4JX06ZbrYOUY4sr0elHZWekz8yrjZUpTGBpXJQyrC08YoTiyZCN1TUTN6f_FdhvuncZyyB8CiENJezRdaVsCqK2Cce6ZJutMWiS8Tv20i-lm2ezXhvtbF54pfbSlZqIpLLYcZMnGEiz0_MgbbE93rCrrAx0jjABDKjriO_T8SklLNjaHcuIPm4FKn72QafeKknMbjNBwbdsCffn5dO1Q1KrbCdj5ahPZAZzivJBqBE8ZrDJBiERbNMYG0XGIms9irOwfbBNIRqDfaaB-kEfJCyfmFRfBdvdoF3qxpPh49LIPsf9yFlzkRIjETpnAh3U-_ZdCsNEFmjFVn_4ZI-f9v_6iHIqhU4SnPDJA5GuhIHeVnCY1y5UREc28nPTsHzM9bLqWp9wQ1YXi-DcfXNFvcokdhnFLgPPjdLeTdZK-kwYBjH-99YPdKm4QkUDW9tdFgMlhbizdz0f_61-KJxROo4kYPSTYMM3jxSmCLMwkv2Z82VSmzStx92jnuXj7wCMiQKtpxreXd-4DOmEd5-Kdv6TDDR3SvNJSZ2d90NIrTerxQgM_8ps7VAQpsWTJEpWSSqiWU1qDnzweI5DLiJoujIrR7VP871XYo8YKIX3fRmUaLKUYQRvQHhxL8xiJ09llUEAJY6PMquDhHdnmyiAdL5Y8vwcBUAMa7YuVTIBmjmAzSnICl7vP0Rj-JmgL1yiDc3-EI6EKJgmPDUMmAgRQiPvXeB4ys6a0-VFCWu2AwzBIyL9yga-SSGuwFkWRWJpgYb0YQWVAOwysg4627Z7D3q9etgbhrsYVRepbL5ZwaPPiS-PzmHMFELMHNLK5w0ewSPVBuPAJk7w-uZR5N489at8aNOrM_cBlH9XsQjmD9T_EW4P&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=12343950399478706000&adk=1964084972&idt=190&cac=0&dtd=33
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2be640a3a70b025c4e35827972930d9a16b66175e8aa652b1f4874c45d50bd51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D664 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9406254499584&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D664 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9406254499584&version=m202301230201&ct=76&x=1&cor=6463894400237433000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D664 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDldd3arQXlAD6N64bTVIaszHEZLOimQZeGwWzseoXeUJb5bQw5vovM8IVyqrUM0gKJO312EjdmBa9f7oO5kME0ti98g&cry=1&dbm_d=AKAmf-A87T_Qx3BsISF9XpCp9Vi1i-lJYfC1Pr_H7LIEltrPd7-yK7VzHURNheTO4bmsSc2ydTB3-R1YcX9gQeoGN9Me-nHI9kYVNTprIMir3tkBpZwrkT3DquUI0xZKFFiztHyQLxjlDMQQgfTxd3522kpjvndVW-fmOjYlmCoaHZkO_4sTIfZCRma2SsCpAj42d29QuvWFYLiG3XhhSlWcMmx1Z-w4dIgfNR5Wcp9_GBjlf1kmgO5EGJiyryKWVCRN0hedtVawm09SCTBsoZOWGbyc1VPcnt8HlbXgRyeVCNIhM5DtwYkW1iULs2nRO6WKYA8QDpjNqRN0lmk5M_tyd1dBaW1NJG_dzeSIEmfupDCftX1zjGzJB2x-1GWpXKDcUyp_i-RPEf7oPM_lDoDRNBipFuWLzsh2wy7iqTik18iYhZaKoD36fl7a2RMQQ-myEh5v0JT8H7VwzagFJ4HkpqTINX8NdOnnETIkvucDrVrFQqCONqJNhSneKc3ldJExKRb9xYLO4ooaQQY4282DJXSyrkDMi5gcF-UlfXjfQK5Nmy3hmCorW8g52Tq9hLlgJFMxyM2oXAqW_ENWc7J1Zq0CUcqPsHZ3RRmY86_kWyVL4fJnhz9BK7fU0a9J-FHtfxJ1EQ8GSZ1wWQK_NcWve4yLlLMzWVKeuZJAt1XeNeqy4n8MdCld-30uqxXI1mJ9gr1OJI4xkSUQ6qyNEI6ZTst6Hu4ecyeiLjtk2D9A-GstpHL142c8JrtewMi9BjchGEecudt8hOp-iu488TLpuUIzWaLFwBYT5AM6eIUsmohVYPlvBdi6XliragbPscC617RGd1UMnZsbWfu-s_GD41TaaQZd-XMxf5TAc86E0LwLTc4uXS_qylIyLNNM0cZhuDhxmwHm1uKTa0qV9Tk-FsQqt_t4plegUr1DB9CBsHJShN3LKKOdnoqopKAhc9m5iSVFNQSFZbBXCHBTPhxMOicPt3ElJiXlwrc8QjAc3txruGj6w2Wfl1G4aCQ9C6EDbo7xFqKcVgxBUq301XgIPVEmriEc1PCA5eZH1V9Dll3gCKvWNcHW6y7lmBlp1FCs_q-2xI5yuno6lPms7AeVk3s8rAypsUq2ABRJGP2J0M5PKKg_WeHDX_JMXzVq6r8VpSdPRlMl4_d-eBhpvL6uENP9L69D9Bzl_1iyfOE_EDMxEjOaXTlmLAZreHuE75u4I8-tuM6VcJm4pjXwt1GryC5WNj3x8GRTT8mlIDKPmL0NR3qD1iO56Gf2nZAYUY8Of_UpiK-tFndexHl4nYe5ihl-c43bmOLP4I9VwMlg-OdDzA0zOd5UcpFEBI7k9YsXYYc_d9GmK_CbEUDDZ6oFvXb50RmxXREPTeCB3Z4JiqSfIs-CXZH139LsSRjwGG1DYySxhWbgVTo9so0U6NwD26rIx_f00KpXr_x3ytTVMOSFI421_FTh3zCmdB5c5WNatMHwZJB2F2w6A-D7F7S0-YGf3VDy73TUpfMcvR8DK8Sas7IZbpjBzUBXnnzrfCxX8EiiRgHYG0wGVscUD96H54rn5P7GYQRltqRnabDEJGgBH0J12TwLjN7DMov8cqNTB3OgKHvUswzykfifUKNi2cvuh4q73VrNPSsDWTZC1uhYi2HiWijVFF7-8r0oNpZ8DSOe3eUFD1WSXi5xumcR5zy8jloIwigmXE15KuQuwDyL4XkADvzpa1ZfZWWgJM19VlKTg826RVyOpI3-2s-ob4mdH1Nocx0f2b5_X_M8xnEhoNlhZq2xfwI2imSx2Jl6oFBYG2fiKiR-cZ8pxr-LasmYMMp_aYqTlpKjgLhguRgnm3bXvBJevhfKrtw-sEWrBA2mGigsHRc-HXE_H_3Eh_51uuyj5bLEgpJQbjvqBN3kxizpJjAIKAnLNMztmqFQ32OMydIhZe-DzEoM7RkBaiLYlh5LkFAvkzvquxEHYqNyzXGqI5RxhY_07d6S6L3gvZtcdF5JUUuk2iHpYeB6C6rZSoInarschj4X8mU38IhsryfrjI8KfxrQLkddaNKy-Idpsxf36rzvntq618QKYIpaoytJ_IQxmjuUi72hK0Anj2aW82BCj4DKY0R-d4nZWHlzy_6jecvZ1EWcsYFq41xUFfXw1TnQKNTX-epH39nfWoOOz_lNYYaWhhUZ2eKFrOSqIjLzJKxZlW6puSb8LRSir_2-sxDsXLqUB6h1hMj-ochDFToTsINAkXtyB_lZKSkQ48uvfll5QXYcZsR0e7c0-v0Wtc8NhmKVq7eqzYnxcirEzhvCPHNib9fmZv6wFmuFlkAWbONPdFEqY8TqJ3xMIftfQwsk3oOrTkpISlnVYy8xP6l2_LHG7Goa4fw_qeeZ65Ft5NEZFABJ5M0U3mELpi32JLx-0QA7a3xoEAVjxl454IWEBnKTrAe6kBKQ9c__lchEwbqBgGQahbVyZ8oGCTtkJZT97YNKD6Pjwk1Rb_R38UCrY8Aseu25IZnm0P97XabH2iFhtQrLD_E4D7cC6DYzh0yyTxJaajs6XQyxeHxJYVRBPoeYRxCs7qb1Gaphn3cUWNHj8XwCkBEtikoBM2WNBm9nQBD_F2dxeRY6JYl7txyDFHdWUwJa_92ZvG1pb-6_vxzetcNRUVJjAvoRBri67baqk60xWYRSZvm7oR0_N0p06my-zC4ITLub8eoJuFkClIgyq_gZmlKaFc3WKiPCxz8fhSpsh8vIgDTUD1XzZH3qcn7OuMCdl5bOLzhVHjDsufhrqdcY3J-Gmv59WXpniGp97O1Ot4GNSpdzEmaHOKHaeAOGMcFA5eyHJnUAb0YaMzTQva7z0eoj_PZPnd0rrk2iYB6V_m4fGdk2oPz_5nC_oSgWIyRhwsMA3e05oYA8W1h2d-Iat9SftlOgcG4TE89isrAToWXkhxtainXRdWMlJcfcyuyHRbp2GOhzZ4BjKA81EmG_LUspd3Xh7__Sc5BIc6Gzg5aNEDaV2K-N-VArqKeQQ9-DSFWIsjbiSBCyH0HzAEo91mnbho2aIUC8RQJ4UpINGY0WEZht3gC7t_VCh07SKq-X-BJEazp2nCv6fTujIv47rTNttpxm02VFKgCN0iFLOZKP3qDZuPAUifS7IlCOKhLVfEpAHyEqQ6EW6p9AqUM_TvKUZaivCtgx9Vyd6ybD_gy0DsRWVga4FFJE_U_SWPzqDMYvAuuNf57xtykmSFZk-YiTZlpyPFbL90QTJn1NnFV7z3DcETTAWuXSu4HA7XXpN1dgrjUQ8gcXhou0lsVvkWNAvXBw0fd_4jHMmayDF9fpx5sI-dRAxzidn4NkwvzetRsUM6j6sUFKCxyOekMfbkIEIFnTp0TEkuIK-7F1PPVNq-lpJF0IIpTB--XHL-X5k8Zpz_PC5k3hjrOQMijmDu6fFYUUQyg5Lqz5xlklH_JZHJsQExask63o9d8DJVhgiELXTur1ax-ba2chwjN4NouOzFvxBWj5xr4gP-A8LBfqJePOm98g0R8oy7unW77DoB5J6YrSEbLUtyu25j4Y87gvCf7IMDy5ChD8zDgVobWpF6ZzAmGSmIyLHTVgyBA6gXJJan_CqcyN4gJarzig5ZEf0nZ38jgt_skFCg7_XsHYAY96SLOXaNMLV87PgATSenkUNUGZ9MX1wRpnxiGBscpoS63WD2i2LnCJlKE3cGfjAEbupI2wY-kPYBPjWep_giLwKWUovkrXbcZNT58VxN0v3E1mA0cRfUjMvBt27qmO2sLhAsAbnKSm1pOS_FoQo7ICh3fgYEPE1LeRciURzyBsE-JsNM36FNHKJ1yeAkhvUm-J7VN1N4krewGRqCve1xkvttNUmUolSFepTT5ZOayEdbA8-2ingg&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=6463894400237433000&adk=943508955&idt=203&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11e422db2791d09a8567d4e569f72b6698f66168e1cefef1fba16cf83ec5c2ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36664
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBA 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=483889821536&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBA 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=483889821536&version=m202301230201&ct=76&x=1&cor=7786001719015665000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0BBA 		88 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Djr47vmu37ooGIsTltDB1REI-CFGSKQh8jwHOBAhd2INdpIN1QTdm4SijQ8hKgJGMTI_VZ_HTL5-HMVGrMbGsNGKhreQ&cry=1&dbm_d=AKAmf-DkzhZCmPj8N8BFHWuSSpDmbkJT3f58HSKyIi447B0dBZXQZC_3ER0tfwWBJjoAQSs7VL_KxTtrgww4lBaOII2U3-tvI-57ecEYAV8mMYl-dn-UGXmWK-zLL5xTeBLycC3XIbBK-JGvFelLl2NH1JJJpm0xrS-NT7yRD6yeew0vxiv5Ae4IHfmPT6LZSqoqHthScj7iUaA29gVy5VsEduAUKN8OdUoDwJtFo8tiSrVWGO1Z071KC4jbwAmBeDpUzCC4BaZMcoYxUSAMwpOi2LLYYUX8u5T_lAN_WPEdJyzaoW08To8KEWmNrvidtCro_Wc7SSPnL56jqOZ7pQQTs94jSs29KxyVJnybRM3D-iFrnyI_lSlWUOBR6LYw1OVWOHpS3Mn1pRsHnlk_f1dTQB8E8jisrEdfhn5wuINoUg2UGoeNQ-ECccGbZpWJCp19nOPV_rG81PEjFuc9C03IfW6IsVVWQM2a7WV0azwoRfU4BRrWSRuJrhCD5bYSvoxO_yz_u5T0quHxSAL_o2xisHSl5O3DMn5eMHkXzp5O3LBWvZ5mKkaU7iKgdMOct2CW9-Fhxik0aV0ZHM9fyrRwTfxpyYxkYbRnSuRYk_WzEyfTIW5FKUGDXsvuhDMf7r4auh_fYHm73G0f-jFe8nlbmJPUXLrjWzK-Olq8piWsMbV5nzQX2DRAKIsuFskCkYPIsxdRKnBr0JGDFL9ICxbXerHozH3hwIdIT6dtvDisijOWRjdFNd5E3rrsTJ2hakb1bU36QrFSBU9TJDcblNPMxCzOoBZw-baMhOQENg_xh961xgNxyP8TLD8Vb9Iw44gCXoFfW2w996X8_YaoRWQ1ZpFpt3y-kgVYR4AV5pbqgH-w8EiEPccCay_LTOnYPwnj-fUEN6_kHtQ_aKXgIOnUYAU12-QlVL_MXkWCrbbY_z0aeaam5NVnplU8N4TZ9tT6D1GWl7YMIifQZU5znF0pLMn2KBCDcEhE6yLXPXHacbOkJQq1bNiVNz2ufjDByR4pDxOlTmBD0DfKrxH3iE9_YDKasg3Bt_FYiQfHHrGtZm3qs1NoOiMlM9vKPsOJIXrYkVYAiBNJq2gSgK2q-InswjVcZHz8LZDd06h-kBVVxmtzwCc2dANLxR-33-8i5bOoc02EFlNLIn2W2TuttnObFlBWa657fvaKHmUKvNFjlZ2DcrXOu-O9cvsaif6fhIl49dE-6IlbpCx2p7cw-8fDEABirvlY4MIGWCfeh9PEwRUPHYfhbUTnmGhTTY9gxq7MtNKwaYgI6bKab6VLvGtQ5olpQJ0TDFLevexTKbACD3MV_uiGISAtF8j3T7I6BBKbYPlwMuypp-Cn-P5gwE7M5v5Ij06R-xrUuFXfLuxurt1Ek-D5Wew0MaxeatNNiHIFseKBLgQz00rOn-_ZOcPaFRvDYdmSKrFemaxoLlmHXCVSGQ0cbITu8WdMpXpBjbcrzC-4Ny0B9hZQgrTAZAo-XhCod27eT_jq1r0Jv3t1q23AtADLwPxbABnY_Ns_GgZ4Y9LcxNEuozGvVw986mbtWgdjiQPrCHoZWcfJ0QvY1r8NGaVBzgMC74ptZcKBb0LzDo2bVxrbGKysVqBBMDsEAF3ij0SlFLO7wULA3PzavWfz5-3v3BtB7aP2wGmp6L9voKDIFTSeDx2ppUTEpnhfcNXoCMc1D1WER3447J_xzt2L1kegGBXI57ZX9fdO4kGDtY08KhLaT9z0iOir_2atIe61QZtBYheYyPE6TXjxMWqzjP1h-Jp7zg_rgGjA8Y-XBMll1Klg2qWxnkr5wz0wxG2rEBakKan4l7_pjZe5RVuB9KqB62eT2-OvuR-Ytv19oBZisBpTlwrgFLEDkiLiJ-UfR2LWxd68mNZqmKEFnQNBsHhncYlHAGpB7wKXOaNs-i7xRpvOqyg5ekKQgaCx1nImpoojvPQ2ERQLtjOek95hFYRp7GmQcHDh01Rc4OWm06yCisAt8PhUDVVnCJbMEeTMVfEWfDaBzFI-OMQYBtseHbR97yZO9fpgBg-H0m6T0a1Lc4wUvtd6wkg6uWsoyeESCKAduI5R8UqHlBlcbY40w7laUYddStHcKOi8vbSyRgtzAUvQHiz0iqOzrKsfmO3SMUTom3sLARkwKAXRAqs7NeYXZ7iKYB0zrmmyzHHYAQ1RAx-uAKxHdT0I4v8ms83kC3ZJYbrVl9UvuKS1MjhNNV-ka85SM-UI62gzOeUKniVGTUQTOhyITn9EOhrSVIyz4Ck-aqdieCTBYNeHB2ICqej_bIEMN-GhYK5x0qWPqBKIC4LH47kRE7k1L1n7smvqiNVEGJ6nK2eLknIFshaCjh9E-h5orswDU_VP0TN9Dg6K72cH8x8dEuvh1BR7JdhL26xqTXQdx1TrHEGc3407HCONAkmo9CXuZWEJbkTExfzsem4lpUuzTueCk51dOosw6EiUM2Ji-OTKjpYqhPCyWfjemz5VPfwqFEjPuP3A30smHbi4f_M6mrxwjc4Ou7rS25ma3a31-58e78PuP0WWEECIIv29nr8RDse31PoWJL07cvRdbpBMnb8q2PE3t9Cw5VrLMACK7fSvtSnTJ5dLKHvQLMB6WIsFmUE5r_2DlLFH91mJSN8ZnS-fnKttZL3o50ZLPkFKYkxJLfUtLW4MnP8KbTuoENgmrcG4lJ6EG2oKjv29D7hiCD1lmFoV2XRlIU0oJr2WyUIQNcPBpmCSuyk-AbRvGDsWEyxMmtXW5SiEKVtQklLGucWYDeyLkuGHN3_D5si2YestF7OUpmeOUTVSwhoARyN0fNAoXs8sbUyMK-mG1Bz6KzVxJY_S30OMGlyoML-sysYk0r6_J2-NSBqpAjyYXA4Hof219gQJg7EIiFTQ2BQnMaSwwv3JmOl6v1ZZSafPqCjcgJVcjqd5oHttYeXr8_lwhTdD0eLcjTJYCUvCxvELxkvWgdffXMiiCLvfDVUVfgXl_r62oU9BcikNydSmYU3RS90QQOHARgsNRBXF3hfdZEKrRsPC28axtA2FCzYd9bJtg4qUrAhvvJNs7DXfym5qanD58UERas_f4px05BMALn3F5HUJI6ybP5NeQhhoSvllxz7johXzgSavvxLNDzwV2NjWcRI8iE6_ylvqd5sBd0Tb7-y4WlbKCKob7TC9J5ST7nqTvM9eo7Q3RIcJ9kEBnsjHa4gTKY2ftUzPtAOqQsvqYWCspwmFttmpAm9GSaJLEfELMAGS34EsOK9uXV7FhRSr-Vhlz7xAPOiYcwUl9Ms4HDjfhBnANAlCbalV_4BNBSyvYuhIGuVfyGhgBwdrJCZYuPBDgnapS7BMzCUyt60cA9xeQRnvVeHu6g_BIsSctlnE-LYEhGALpNGDIPt9FRoFLL3J0Hc1Q1PgpIWOnU5OYZmfiCHpVyVvXvc_2tX181mbVbnI7ITXvDTM1bJAnKtGV2LcaKMn8b92AAdWcLjlU5ByIRb6okaa_iVn-2s7-XpjZiMFSp9RNjiALstpNA4UGrkWtoRf6fic4EV6Hic9eGAbWY-Zr3W5lw2l1E92EVSFMo0HKW99PpbtK2qrkoXDfowBYAuI2ieiUHwyPXnY5u2XHFxysCtz-PnWS-45rgJpOzT30nadWjYjnFbG7PUa0TEI1kpQ91pj2J7XYc5wcy767U4TVw7Cc8wpLgvOhReM_5vty3SwoNSqZA72gEu_hZvBPXXK2RmLuXvvH2sVnefUDhn1Ch2QPA_vIWWOhO5_GK0WO2gpq5Q4U6DdI7fNfYzm-Di34qOOOOB9d-oygPvKpqgfPPGdym2DP-O0v9HisH1YEpz3djJEpgmNQ74u2BnilgV6X6suO0um8VsVdx58zLmjRGhPog&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=7786001719015665000&adk=3944675600&idt=208&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07d331d3b862e37ce8c62ae5dd6cc283ac39bda87d6ea5e60e18f75c247f3c39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36523
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B2AC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Redirect headers

date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5942597833509980956
tpc.googlesyndication.com/simgad/ Frame B2AC 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5942597833509980956
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602c46beb922196484bee4f9ba8e6c6c2fd4b019fc12141200bd8e277c45807c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 18:32:49 GMT
x-content-type-options
nosniff
age
126668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95773
x-xss-protection
0
last-modified
Thu, 11 May 2023 10:57:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 May 2024 18:32:49 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2AC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 18:10:22 GMT
x-content-type-options
nosniff
server
cafe
age
41615
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Thu, 01 Jun 2023 18:10:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B2AC 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012305221508000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 19:03:49 GMT
x-content-type-options
nosniff
server
cafe
age
38408
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 01 Jun 2023 19:03:49 GMT
middy-desktop-4.15.15.js
cdn.browsiprod.com/sd/apps/middy/ 		301 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c4f42bbb80ed0308dd79b93b4bf8d39caa0e2f374717130ccdb5e87b3077546

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 07:46:22 GMT
x-amz-version-id
jimWsu2I0qwlnCOJnvG_6bre40bMOKO0
content-encoding
br
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3016656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 24 Apr 2023 10:40:05 GMT
server
AmazonS3
etag
W/"2427ee29ab4d69fb7a807376c5cf1c8a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
zma3ISQql9BQL4md2WOGNYH0pUE32Y8Ke55WUEeNKXUS23itHIJhtg==
abtests
am-trc-events.taboola.com/ynet-vesty/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ynet-vesty/log/3/abtests?route=AM:AM:V&lti=deflated&ri=f00b2e7fd39ec3f9439cf6eefd52b35e&sd=v2_5c20d0e6cd9a41868fe9d86cf636cf3b_15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b_1685598235_1685598235_CNawjgYQyYtDGOXY76uHMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABooavF1rHfkux-cAA&ui=15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b&pi=/main/article/b1ybxzs8h&wi=5032864775780446144&pt=text&vi=1685598235749&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2229.859375%22%2C%22eventTime%22%3A1685598237105%7D&tim=05%3A43%3A57.105&id=7948&llvl=2&cv=20230530-4-RELEASE&
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
country
api.btloader.com/ 		16 B
142 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=exze3Hlm&w=5732901039636480&o=6244355308257280&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&sid=sSS6GJwJ&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Jun 2023 05:43:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
skeleton.js
fw.adsafeprotected.com/rjss/st/1431402/70901275/ Frame C626 		244 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1431402/70901275/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-9314111824787632&ias_chanId=1&ias_placementId=20014188934&bidurl=https://www.vesty.co.il/main/article/b1ybxzs8h&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hsbGlZBECf4qfuqjADeKIS
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.207.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-207-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef8962d478a7626ae3eca69fde1420da458d3eaa2e30a5f4cec434eb1293a431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C626 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Origin
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame C626 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drx6bLublmx5YG0o49RheYOkNC5iKmUQeI2cTRbD34bsJ1ZAnKm3CBL1SWQbG-6-juteTvIiYKhg4T5Z7kL6eNNNFHIpd9f4jW1hCi2-WrkIX0tHjImma9hbQm30PPTsuDwa93YGL_AE6ySK5DRNIcpQrR4UBPdJlk8oBEESlJq5So6qs&dbm_d=AKAmf-BOd5wI2iQIYdUxzaQDm8NpitaO6I-0ecPXAgf5xB1AlDx6--7aPQAr6X_3dLfTSEX109wsuyaaznBwZKUy4HA9z5fziQinWx1vjuCHo_jPZhpWDpjQpBioyNFmJEP_SKMRo3RG2bS29BgL2JpUtqm8cL22mYgMnLGpDNsbtyXpO645Aimdr8A_FOfg_hnBzB-SyVCJkuNx4NkGdHelKWLzDSbjdfFG6T2WVK7iadgtQXKFYWxgJNIQFlep1W2ixks9xbBN2FlKvWlbfamnAlASicEO8DT9AfrsU5oA36NFl7ZHABmcvyqdqVh6aRxG4vrwssV0P4-GimZVn30w7xHnyoRmWgovUmD5V9MmmvYSk2TvbDWGPC-lj4bj98f6eCSWdwHthWCsVYVKYdCqLqVMIF_1Tx8vilX_65pmx7Wtwod3GGSuhK5QVIexJSafhY4pJAXIUfARiOyXDQiZqzdleueieWgtUUXT7QF4T5OXoy-kQGM__WrKV4U9PyOXiGioIZRTrXihIA-yLyZ7jLumG2LzSS3bRL_g9J3lUn3ECOSToHvGdk9Re2h5xu21hbnk5pxJmSQPd_gipN93ej4T-oIc4kd6SFdJubLkcgsCYZk6-xCX70WhZl45onVA5fZfhHyPGEM4ilOu_gwC7vioYX20NQ6tt_ooXjUu8FIEo6W45SaFpQ6vMDUNGCn455KntqQ_JMs3OwhefYjFs377lLM9G_W23mesamnpSTjjpOCbL57Ea1TOerUl8vrklUSYksKxB-Av1gx-kreWMMJ_SRiU39GVdedrzmCkyvvoaSB6k4uLwVGDSkQhSadDTkrYHjhUs-5ZvnzeS-AsxtNdx229IY567cBykIgQKX-X0RTHnVVNRqiLkMopA37wjybGHFmCgcENccByzv4dKgES_uO8pEGl4P7pzRE8aYDJ-LjnPRe8F2MKAYSKUqOJR9GqPJ2ZKRb83RR_BHFXarq93A9ihbfP9CE7z-jipJGM_AdISeUDuTyfwg1Sf20Hm9gT_Vwgh5IR4nK_biS-knXHNm5OkrCdXZ2Wen2MNu0yBflY6l_3owphxF-xMdquOVZIUMUgXjqNKKr_AvM9DulFf8g0gsy89N5ycej_IxIXDksawocB2g-XHyPGgbgTJCphU8JJaXdBH4NPkKrZYrvuJM0ysErf_hbLb7HLoSh6sifonxz_CjrT3Ni2fUSEplM2vMISDEvuBam9dpU1CYYSiZfKVeRtPhhoOgtDhP5zg3NisV7_jT0fgfTHAUx_xcEjSRnI9A_rgsdM1hoOA9iith6JM3QD611CY7mwlqYZIPJxuy8s9OSa61MBW1AcyXPrupItqKdogIBzWtFyplqjSn6ADPKFZ92mhqWeWOnsM1ZrbCTif5qs4WB6kCfVfeN1CqmF2KDMEupEh2Bol3Zwq1V_5wocmMzvHFEx17RsPiq6ddkv701f7R7ZBcELPVEuZHLZXpW63AcXOKdQYhu2_yFHVeLOVvVpu-nMU0Px9gFEi-uulCcjX6O1drWOvuIuTm31eK0U2Ky_1Uq3n6OM-8WDQMm19w-hc_lp7jp_N4FA9KBXhzIDdB_av7VNzT_TVXQGlGGWEwKHOJiNGgqN0gCEmExZwqfEndlrU5xztmLQLtgSkmh1pz4gH1waIcPZdV2fBUV7RcquFi9c6nEYVwJAgyydHtRsZQcU7_gGkVLTsPF_RxKfm2xTQN0j_L_e9sed3Z9ENUUxnQPDT5t1RkDLMQxWELXgta4zj1Glu9FAvUlEisOKH8A9UbslbjG3n14yjQ6ye5tHTq0rcaFs-Qr7MjGoLQr-0V75IOsw45ObB5Qa4vlfORwRLvbIUomryJrUU5ltYwTOvfrsvaDOt8y2wOKS-xBiZDHXvPrkczxNoMT6X2NRXGsFG6TXPEf95EJabfIzZNcUhyqJZPOQTXvVcTc5EPUcRYR0QPugx3FGrHytTxyPCK8oBLQByHGsUqq3YbK6ckB3FIGXKP_BtqBHMhqguBhwOStipsAOU5WQt4m1Bdqdh4cmjol1hQF9WR7d8F6CjLtco-1aMzZsKNfUMm9g79dlFDXFUs-8Op6qNY_h2ZCuitb_Y-WG_nsnYUlz8mPXFodT7HIdaqA0hnSM6FobH6fzZpKdw0fln7vSN2n_EbIVJuA9QRanSv_oN7NubesuidS-TTIkGFViz9voCPiuQZHqJDPZYaiCU4kxS-V5qgRDfjDji4zT17Uuv8E78XusO6chSwEdLEHqhTb4jjUK9Sw87cpocyG9Oy2uiQ9sIBVQWSUuh0oFK26MpOHEWdVrAQQfQeAcZBBBdjMQrriNWtXkwRX1j3NmnthyAby47cPB4gDH8Ecyzz9pGox9UJeym1fEnq7fd7YcU5u5S13Zpq8pq8NfCMIsqO1DYUNoAMr9gzvqVm8pvverBncOo0Rfo_I_5CDZsgIJMK_3dNDqtfLdkYs5s8i7MbdqgwUVN5zDVLAFQImhhUYvh0IUjhtpod7jDf1j5fqkVXwvA4b9G0-E9KEcrWSk96z0iFI9PU25BuzKimmFZ0QLDTMNAv4X9Iv0Y3lFN-yaKXnIv9YNx7CweQKn6GwJMehtIdTxe1cmzQ1NS6uvT1TcScaGZhVl-MXLnolHhF5UAKruAJRQRs1ri0csyML_naiSZHHYnUPgNYzD_FAIQSX0CtaCniBqC-by0ZAcsjF_dQey3Vr5ex2o6zD1XcqKEqEonyno4rMqDEgHwN_u3QxDPgTHZ3gDqopI-q0L0PJIY4JX06ZbrYOUY4sr0elHZWekz8yrjZUpTGBpXJQyrC08YoTiyZCN1TUTN6f_FdhvuncZyyB8CiENJezRdaVsCqK2Cce6ZJutMWiS8Tv20i-lm2ezXhvtbF54pfbSlZqIpLLYcZMnGEiz0_MgbbE93rCrrAx0jjABDKjriO_T8SklLNjaHcuIPm4FKn72QafeKknMbjNBwbdsCffn5dO1Q1KrbCdj5ahPZAZzivJBqBE8ZrDJBiERbNMYG0XGIms9irOwfbBNIRqDfaaB-kEfJCyfmFRfBdvdoF3qxpPh49LIPsf9yFlzkRIjETpnAh3U-_ZdCsNEFmjFVn_4ZI-f9v_6iHIqhU4SnPDJA5GuhIHeVnCY1y5UREc28nPTsHzM9bLqWp9wQ1YXi-DcfXNFvcokdhnFLgPPjdLeTdZK-kwYBjH-99YPdKm4QkUDW9tdFgMlhbizdz0f_61-KJxROo4kYPSTYMM3jxSmCLMwkv2Z82VSmzStx92jnuXj7wCMiQKtpxreXd-4DOmEd5-Kdv6TDDR3SvNJSZ2d90NIrTerxQgM_8ps7VAQpsWTJEpWSSqiWU1qDnzweI5DLiJoujIrR7VP871XYo8YKIX3fRmUaLKUYQRvQHhxL8xiJ09llUEAJY6PMquDhHdnmyiAdL5Y8vwcBUAMa7YuVTIBmjmAzSnICl7vP0Rj-JmgL1yiDc3-EI6EKJgmPDUMmAgRQiPvXeB4ys6a0-VFCWu2AwzBIyL9yga-SSGuwFkWRWJpgYb0YQWVAOwysg4627Z7D3q9etgbhrsYVRepbL5ZwaPPiS-PzmHMFELMHNLK5w0ewSPVBuPAJk7w-uZR5N489at8aNOrM_cBlH9XsQjmD9T_EW4P&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=12343950399478706000&adk=1964084972&idt=190&cac=0&dtd=33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
56825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 13:56:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame C626 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Drx6bLublmx5YG0o49RheYOkNC5iKmUQeI2cTRbD34bsJ1ZAnKm3CBL1SWQbG-6-juteTvIiYKhg4T5Z7kL6eNNNFHIpd9f4jW1hCi2-WrkIX0tHjImma9hbQm30PPTsuDwa93YGL_AE6ySK5DRNIcpQrR4UBPdJlk8oBEESlJq5So6qs&dbm_d=AKAmf-BOd5wI2iQIYdUxzaQDm8NpitaO6I-0ecPXAgf5xB1AlDx6--7aPQAr6X_3dLfTSEX109wsuyaaznBwZKUy4HA9z5fziQinWx1vjuCHo_jPZhpWDpjQpBioyNFmJEP_SKMRo3RG2bS29BgL2JpUtqm8cL22mYgMnLGpDNsbtyXpO645Aimdr8A_FOfg_hnBzB-SyVCJkuNx4NkGdHelKWLzDSbjdfFG6T2WVK7iadgtQXKFYWxgJNIQFlep1W2ixks9xbBN2FlKvWlbfamnAlASicEO8DT9AfrsU5oA36NFl7ZHABmcvyqdqVh6aRxG4vrwssV0P4-GimZVn30w7xHnyoRmWgovUmD5V9MmmvYSk2TvbDWGPC-lj4bj98f6eCSWdwHthWCsVYVKYdCqLqVMIF_1Tx8vilX_65pmx7Wtwod3GGSuhK5QVIexJSafhY4pJAXIUfARiOyXDQiZqzdleueieWgtUUXT7QF4T5OXoy-kQGM__WrKV4U9PyOXiGioIZRTrXihIA-yLyZ7jLumG2LzSS3bRL_g9J3lUn3ECOSToHvGdk9Re2h5xu21hbnk5pxJmSQPd_gipN93ej4T-oIc4kd6SFdJubLkcgsCYZk6-xCX70WhZl45onVA5fZfhHyPGEM4ilOu_gwC7vioYX20NQ6tt_ooXjUu8FIEo6W45SaFpQ6vMDUNGCn455KntqQ_JMs3OwhefYjFs377lLM9G_W23mesamnpSTjjpOCbL57Ea1TOerUl8vrklUSYksKxB-Av1gx-kreWMMJ_SRiU39GVdedrzmCkyvvoaSB6k4uLwVGDSkQhSadDTkrYHjhUs-5ZvnzeS-AsxtNdx229IY567cBykIgQKX-X0RTHnVVNRqiLkMopA37wjybGHFmCgcENccByzv4dKgES_uO8pEGl4P7pzRE8aYDJ-LjnPRe8F2MKAYSKUqOJR9GqPJ2ZKRb83RR_BHFXarq93A9ihbfP9CE7z-jipJGM_AdISeUDuTyfwg1Sf20Hm9gT_Vwgh5IR4nK_biS-knXHNm5OkrCdXZ2Wen2MNu0yBflY6l_3owphxF-xMdquOVZIUMUgXjqNKKr_AvM9DulFf8g0gsy89N5ycej_IxIXDksawocB2g-XHyPGgbgTJCphU8JJaXdBH4NPkKrZYrvuJM0ysErf_hbLb7HLoSh6sifonxz_CjrT3Ni2fUSEplM2vMISDEvuBam9dpU1CYYSiZfKVeRtPhhoOgtDhP5zg3NisV7_jT0fgfTHAUx_xcEjSRnI9A_rgsdM1hoOA9iith6JM3QD611CY7mwlqYZIPJxuy8s9OSa61MBW1AcyXPrupItqKdogIBzWtFyplqjSn6ADPKFZ92mhqWeWOnsM1ZrbCTif5qs4WB6kCfVfeN1CqmF2KDMEupEh2Bol3Zwq1V_5wocmMzvHFEx17RsPiq6ddkv701f7R7ZBcELPVEuZHLZXpW63AcXOKdQYhu2_yFHVeLOVvVpu-nMU0Px9gFEi-uulCcjX6O1drWOvuIuTm31eK0U2Ky_1Uq3n6OM-8WDQMm19w-hc_lp7jp_N4FA9KBXhzIDdB_av7VNzT_TVXQGlGGWEwKHOJiNGgqN0gCEmExZwqfEndlrU5xztmLQLtgSkmh1pz4gH1waIcPZdV2fBUV7RcquFi9c6nEYVwJAgyydHtRsZQcU7_gGkVLTsPF_RxKfm2xTQN0j_L_e9sed3Z9ENUUxnQPDT5t1RkDLMQxWELXgta4zj1Glu9FAvUlEisOKH8A9UbslbjG3n14yjQ6ye5tHTq0rcaFs-Qr7MjGoLQr-0V75IOsw45ObB5Qa4vlfORwRLvbIUomryJrUU5ltYwTOvfrsvaDOt8y2wOKS-xBiZDHXvPrkczxNoMT6X2NRXGsFG6TXPEf95EJabfIzZNcUhyqJZPOQTXvVcTc5EPUcRYR0QPugx3FGrHytTxyPCK8oBLQByHGsUqq3YbK6ckB3FIGXKP_BtqBHMhqguBhwOStipsAOU5WQt4m1Bdqdh4cmjol1hQF9WR7d8F6CjLtco-1aMzZsKNfUMm9g79dlFDXFUs-8Op6qNY_h2ZCuitb_Y-WG_nsnYUlz8mPXFodT7HIdaqA0hnSM6FobH6fzZpKdw0fln7vSN2n_EbIVJuA9QRanSv_oN7NubesuidS-TTIkGFViz9voCPiuQZHqJDPZYaiCU4kxS-V5qgRDfjDji4zT17Uuv8E78XusO6chSwEdLEHqhTb4jjUK9Sw87cpocyG9Oy2uiQ9sIBVQWSUuh0oFK26MpOHEWdVrAQQfQeAcZBBBdjMQrriNWtXkwRX1j3NmnthyAby47cPB4gDH8Ecyzz9pGox9UJeym1fEnq7fd7YcU5u5S13Zpq8pq8NfCMIsqO1DYUNoAMr9gzvqVm8pvverBncOo0Rfo_I_5CDZsgIJMK_3dNDqtfLdkYs5s8i7MbdqgwUVN5zDVLAFQImhhUYvh0IUjhtpod7jDf1j5fqkVXwvA4b9G0-E9KEcrWSk96z0iFI9PU25BuzKimmFZ0QLDTMNAv4X9Iv0Y3lFN-yaKXnIv9YNx7CweQKn6GwJMehtIdTxe1cmzQ1NS6uvT1TcScaGZhVl-MXLnolHhF5UAKruAJRQRs1ri0csyML_naiSZHHYnUPgNYzD_FAIQSX0CtaCniBqC-by0ZAcsjF_dQey3Vr5ex2o6zD1XcqKEqEonyno4rMqDEgHwN_u3QxDPgTHZ3gDqopI-q0L0PJIY4JX06ZbrYOUY4sr0elHZWekz8yrjZUpTGBpXJQyrC08YoTiyZCN1TUTN6f_FdhvuncZyyB8CiENJezRdaVsCqK2Cce6ZJutMWiS8Tv20i-lm2ezXhvtbF54pfbSlZqIpLLYcZMnGEiz0_MgbbE93rCrrAx0jjABDKjriO_T8SklLNjaHcuIPm4FKn72QafeKknMbjNBwbdsCffn5dO1Q1KrbCdj5ahPZAZzivJBqBE8ZrDJBiERbNMYG0XGIms9irOwfbBNIRqDfaaB-kEfJCyfmFRfBdvdoF3qxpPh49LIPsf9yFlzkRIjETpnAh3U-_ZdCsNEFmjFVn_4ZI-f9v_6iHIqhU4SnPDJA5GuhIHeVnCY1y5UREc28nPTsHzM9bLqWp9wQ1YXi-DcfXNFvcokdhnFLgPPjdLeTdZK-kwYBjH-99YPdKm4QkUDW9tdFgMlhbizdz0f_61-KJxROo4kYPSTYMM3jxSmCLMwkv2Z82VSmzStx92jnuXj7wCMiQKtpxreXd-4DOmEd5-Kdv6TDDR3SvNJSZ2d90NIrTerxQgM_8ps7VAQpsWTJEpWSSqiWU1qDnzweI5DLiJoujIrR7VP871XYo8YKIX3fRmUaLKUYQRvQHhxL8xiJ09llUEAJY6PMquDhHdnmyiAdL5Y8vwcBUAMa7YuVTIBmjmAzSnICl7vP0Rj-JmgL1yiDc3-EI6EKJgmPDUMmAgRQiPvXeB4ys6a0-VFCWu2AwzBIyL9yga-SSGuwFkWRWJpgYb0YQWVAOwysg4627Z7D3q9etgbhrsYVRepbL5ZwaPPiS-PzmHMFELMHNLK5w0ewSPVBuPAJk7w-uZR5N489at8aNOrM_cBlH9XsQjmD9T_EW4P&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=12343950399478706000&adk=1964084972&idt=190&cac=0&dtd=33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
56822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 13:56:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C626 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
st
imprammp.taboola.com/ Frame 5B9B 		439 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1685598237209&uv=3286&tms=1685598237209&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=407dcd4c-22ca-4162-a7a0-60f148ff582c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
79d2be51b14dede17833bcad28a6750726349c84cbaecc656be71dcfa33f76d6

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Jun 2023 05:43:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230139-FRA
x-timer
S1685598237.213332,VS0,VE10
sync
am-match.taboola.com/ Frame F10C 		422 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e185be24a5c863f4cff1b0fd544c3f21446025ccb83d36eed06e36ab98d3a165

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 01 Jun 2023 05:43:57 GMT
machineid
3406
server
nginx
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&cmcv=&pix=31589837&cb=1685598237208&uv=3286&tms=1685598237208&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1685598232926!ts:1685598237208&mntl=1
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:57 GMT
content-length
0
server
nginx
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0BBA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Origin
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame 0BBA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Djr47vmu37ooGIsTltDB1REI-CFGSKQh8jwHOBAhd2INdpIN1QTdm4SijQ8hKgJGMTI_VZ_HTL5-HMVGrMbGsNGKhreQ&cry=1&dbm_d=AKAmf-DkzhZCmPj8N8BFHWuSSpDmbkJT3f58HSKyIi447B0dBZXQZC_3ER0tfwWBJjoAQSs7VL_KxTtrgww4lBaOII2U3-tvI-57ecEYAV8mMYl-dn-UGXmWK-zLL5xTeBLycC3XIbBK-JGvFelLl2NH1JJJpm0xrS-NT7yRD6yeew0vxiv5Ae4IHfmPT6LZSqoqHthScj7iUaA29gVy5VsEduAUKN8OdUoDwJtFo8tiSrVWGO1Z071KC4jbwAmBeDpUzCC4BaZMcoYxUSAMwpOi2LLYYUX8u5T_lAN_WPEdJyzaoW08To8KEWmNrvidtCro_Wc7SSPnL56jqOZ7pQQTs94jSs29KxyVJnybRM3D-iFrnyI_lSlWUOBR6LYw1OVWOHpS3Mn1pRsHnlk_f1dTQB8E8jisrEdfhn5wuINoUg2UGoeNQ-ECccGbZpWJCp19nOPV_rG81PEjFuc9C03IfW6IsVVWQM2a7WV0azwoRfU4BRrWSRuJrhCD5bYSvoxO_yz_u5T0quHxSAL_o2xisHSl5O3DMn5eMHkXzp5O3LBWvZ5mKkaU7iKgdMOct2CW9-Fhxik0aV0ZHM9fyrRwTfxpyYxkYbRnSuRYk_WzEyfTIW5FKUGDXsvuhDMf7r4auh_fYHm73G0f-jFe8nlbmJPUXLrjWzK-Olq8piWsMbV5nzQX2DRAKIsuFskCkYPIsxdRKnBr0JGDFL9ICxbXerHozH3hwIdIT6dtvDisijOWRjdFNd5E3rrsTJ2hakb1bU36QrFSBU9TJDcblNPMxCzOoBZw-baMhOQENg_xh961xgNxyP8TLD8Vb9Iw44gCXoFfW2w996X8_YaoRWQ1ZpFpt3y-kgVYR4AV5pbqgH-w8EiEPccCay_LTOnYPwnj-fUEN6_kHtQ_aKXgIOnUYAU12-QlVL_MXkWCrbbY_z0aeaam5NVnplU8N4TZ9tT6D1GWl7YMIifQZU5znF0pLMn2KBCDcEhE6yLXPXHacbOkJQq1bNiVNz2ufjDByR4pDxOlTmBD0DfKrxH3iE9_YDKasg3Bt_FYiQfHHrGtZm3qs1NoOiMlM9vKPsOJIXrYkVYAiBNJq2gSgK2q-InswjVcZHz8LZDd06h-kBVVxmtzwCc2dANLxR-33-8i5bOoc02EFlNLIn2W2TuttnObFlBWa657fvaKHmUKvNFjlZ2DcrXOu-O9cvsaif6fhIl49dE-6IlbpCx2p7cw-8fDEABirvlY4MIGWCfeh9PEwRUPHYfhbUTnmGhTTY9gxq7MtNKwaYgI6bKab6VLvGtQ5olpQJ0TDFLevexTKbACD3MV_uiGISAtF8j3T7I6BBKbYPlwMuypp-Cn-P5gwE7M5v5Ij06R-xrUuFXfLuxurt1Ek-D5Wew0MaxeatNNiHIFseKBLgQz00rOn-_ZOcPaFRvDYdmSKrFemaxoLlmHXCVSGQ0cbITu8WdMpXpBjbcrzC-4Ny0B9hZQgrTAZAo-XhCod27eT_jq1r0Jv3t1q23AtADLwPxbABnY_Ns_GgZ4Y9LcxNEuozGvVw986mbtWgdjiQPrCHoZWcfJ0QvY1r8NGaVBzgMC74ptZcKBb0LzDo2bVxrbGKysVqBBMDsEAF3ij0SlFLO7wULA3PzavWfz5-3v3BtB7aP2wGmp6L9voKDIFTSeDx2ppUTEpnhfcNXoCMc1D1WER3447J_xzt2L1kegGBXI57ZX9fdO4kGDtY08KhLaT9z0iOir_2atIe61QZtBYheYyPE6TXjxMWqzjP1h-Jp7zg_rgGjA8Y-XBMll1Klg2qWxnkr5wz0wxG2rEBakKan4l7_pjZe5RVuB9KqB62eT2-OvuR-Ytv19oBZisBpTlwrgFLEDkiLiJ-UfR2LWxd68mNZqmKEFnQNBsHhncYlHAGpB7wKXOaNs-i7xRpvOqyg5ekKQgaCx1nImpoojvPQ2ERQLtjOek95hFYRp7GmQcHDh01Rc4OWm06yCisAt8PhUDVVnCJbMEeTMVfEWfDaBzFI-OMQYBtseHbR97yZO9fpgBg-H0m6T0a1Lc4wUvtd6wkg6uWsoyeESCKAduI5R8UqHlBlcbY40w7laUYddStHcKOi8vbSyRgtzAUvQHiz0iqOzrKsfmO3SMUTom3sLARkwKAXRAqs7NeYXZ7iKYB0zrmmyzHHYAQ1RAx-uAKxHdT0I4v8ms83kC3ZJYbrVl9UvuKS1MjhNNV-ka85SM-UI62gzOeUKniVGTUQTOhyITn9EOhrSVIyz4Ck-aqdieCTBYNeHB2ICqej_bIEMN-GhYK5x0qWPqBKIC4LH47kRE7k1L1n7smvqiNVEGJ6nK2eLknIFshaCjh9E-h5orswDU_VP0TN9Dg6K72cH8x8dEuvh1BR7JdhL26xqTXQdx1TrHEGc3407HCONAkmo9CXuZWEJbkTExfzsem4lpUuzTueCk51dOosw6EiUM2Ji-OTKjpYqhPCyWfjemz5VPfwqFEjPuP3A30smHbi4f_M6mrxwjc4Ou7rS25ma3a31-58e78PuP0WWEECIIv29nr8RDse31PoWJL07cvRdbpBMnb8q2PE3t9Cw5VrLMACK7fSvtSnTJ5dLKHvQLMB6WIsFmUE5r_2DlLFH91mJSN8ZnS-fnKttZL3o50ZLPkFKYkxJLfUtLW4MnP8KbTuoENgmrcG4lJ6EG2oKjv29D7hiCD1lmFoV2XRlIU0oJr2WyUIQNcPBpmCSuyk-AbRvGDsWEyxMmtXW5SiEKVtQklLGucWYDeyLkuGHN3_D5si2YestF7OUpmeOUTVSwhoARyN0fNAoXs8sbUyMK-mG1Bz6KzVxJY_S30OMGlyoML-sysYk0r6_J2-NSBqpAjyYXA4Hof219gQJg7EIiFTQ2BQnMaSwwv3JmOl6v1ZZSafPqCjcgJVcjqd5oHttYeXr8_lwhTdD0eLcjTJYCUvCxvELxkvWgdffXMiiCLvfDVUVfgXl_r62oU9BcikNydSmYU3RS90QQOHARgsNRBXF3hfdZEKrRsPC28axtA2FCzYd9bJtg4qUrAhvvJNs7DXfym5qanD58UERas_f4px05BMALn3F5HUJI6ybP5NeQhhoSvllxz7johXzgSavvxLNDzwV2NjWcRI8iE6_ylvqd5sBd0Tb7-y4WlbKCKob7TC9J5ST7nqTvM9eo7Q3RIcJ9kEBnsjHa4gTKY2ftUzPtAOqQsvqYWCspwmFttmpAm9GSaJLEfELMAGS34EsOK9uXV7FhRSr-Vhlz7xAPOiYcwUl9Ms4HDjfhBnANAlCbalV_4BNBSyvYuhIGuVfyGhgBwdrJCZYuPBDgnapS7BMzCUyt60cA9xeQRnvVeHu6g_BIsSctlnE-LYEhGALpNGDIPt9FRoFLL3J0Hc1Q1PgpIWOnU5OYZmfiCHpVyVvXvc_2tX181mbVbnI7ITXvDTM1bJAnKtGV2LcaKMn8b92AAdWcLjlU5ByIRb6okaa_iVn-2s7-XpjZiMFSp9RNjiALstpNA4UGrkWtoRf6fic4EV6Hic9eGAbWY-Zr3W5lw2l1E92EVSFMo0HKW99PpbtK2qrkoXDfowBYAuI2ieiUHwyPXnY5u2XHFxysCtz-PnWS-45rgJpOzT30nadWjYjnFbG7PUa0TEI1kpQ91pj2J7XYc5wcy767U4TVw7Cc8wpLgvOhReM_5vty3SwoNSqZA72gEu_hZvBPXXK2RmLuXvvH2sVnefUDhn1Ch2QPA_vIWWOhO5_GK0WO2gpq5Q4U6DdI7fNfYzm-Di34qOOOOB9d-oygPvKpqgfPPGdym2DP-O0v9HisH1YEpz3djJEpgmNQ74u2BnilgV6X6suO0um8VsVdx58zLmjRGhPog&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=7786001719015665000&adk=3944675600&idt=208&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
56825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 13:56:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame 0BBA 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Djr47vmu37ooGIsTltDB1REI-CFGSKQh8jwHOBAhd2INdpIN1QTdm4SijQ8hKgJGMTI_VZ_HTL5-HMVGrMbGsNGKhreQ&cry=1&dbm_d=AKAmf-DkzhZCmPj8N8BFHWuSSpDmbkJT3f58HSKyIi447B0dBZXQZC_3ER0tfwWBJjoAQSs7VL_KxTtrgww4lBaOII2U3-tvI-57ecEYAV8mMYl-dn-UGXmWK-zLL5xTeBLycC3XIbBK-JGvFelLl2NH1JJJpm0xrS-NT7yRD6yeew0vxiv5Ae4IHfmPT6LZSqoqHthScj7iUaA29gVy5VsEduAUKN8OdUoDwJtFo8tiSrVWGO1Z071KC4jbwAmBeDpUzCC4BaZMcoYxUSAMwpOi2LLYYUX8u5T_lAN_WPEdJyzaoW08To8KEWmNrvidtCro_Wc7SSPnL56jqOZ7pQQTs94jSs29KxyVJnybRM3D-iFrnyI_lSlWUOBR6LYw1OVWOHpS3Mn1pRsHnlk_f1dTQB8E8jisrEdfhn5wuINoUg2UGoeNQ-ECccGbZpWJCp19nOPV_rG81PEjFuc9C03IfW6IsVVWQM2a7WV0azwoRfU4BRrWSRuJrhCD5bYSvoxO_yz_u5T0quHxSAL_o2xisHSl5O3DMn5eMHkXzp5O3LBWvZ5mKkaU7iKgdMOct2CW9-Fhxik0aV0ZHM9fyrRwTfxpyYxkYbRnSuRYk_WzEyfTIW5FKUGDXsvuhDMf7r4auh_fYHm73G0f-jFe8nlbmJPUXLrjWzK-Olq8piWsMbV5nzQX2DRAKIsuFskCkYPIsxdRKnBr0JGDFL9ICxbXerHozH3hwIdIT6dtvDisijOWRjdFNd5E3rrsTJ2hakb1bU36QrFSBU9TJDcblNPMxCzOoBZw-baMhOQENg_xh961xgNxyP8TLD8Vb9Iw44gCXoFfW2w996X8_YaoRWQ1ZpFpt3y-kgVYR4AV5pbqgH-w8EiEPccCay_LTOnYPwnj-fUEN6_kHtQ_aKXgIOnUYAU12-QlVL_MXkWCrbbY_z0aeaam5NVnplU8N4TZ9tT6D1GWl7YMIifQZU5znF0pLMn2KBCDcEhE6yLXPXHacbOkJQq1bNiVNz2ufjDByR4pDxOlTmBD0DfKrxH3iE9_YDKasg3Bt_FYiQfHHrGtZm3qs1NoOiMlM9vKPsOJIXrYkVYAiBNJq2gSgK2q-InswjVcZHz8LZDd06h-kBVVxmtzwCc2dANLxR-33-8i5bOoc02EFlNLIn2W2TuttnObFlBWa657fvaKHmUKvNFjlZ2DcrXOu-O9cvsaif6fhIl49dE-6IlbpCx2p7cw-8fDEABirvlY4MIGWCfeh9PEwRUPHYfhbUTnmGhTTY9gxq7MtNKwaYgI6bKab6VLvGtQ5olpQJ0TDFLevexTKbACD3MV_uiGISAtF8j3T7I6BBKbYPlwMuypp-Cn-P5gwE7M5v5Ij06R-xrUuFXfLuxurt1Ek-D5Wew0MaxeatNNiHIFseKBLgQz00rOn-_ZOcPaFRvDYdmSKrFemaxoLlmHXCVSGQ0cbITu8WdMpXpBjbcrzC-4Ny0B9hZQgrTAZAo-XhCod27eT_jq1r0Jv3t1q23AtADLwPxbABnY_Ns_GgZ4Y9LcxNEuozGvVw986mbtWgdjiQPrCHoZWcfJ0QvY1r8NGaVBzgMC74ptZcKBb0LzDo2bVxrbGKysVqBBMDsEAF3ij0SlFLO7wULA3PzavWfz5-3v3BtB7aP2wGmp6L9voKDIFTSeDx2ppUTEpnhfcNXoCMc1D1WER3447J_xzt2L1kegGBXI57ZX9fdO4kGDtY08KhLaT9z0iOir_2atIe61QZtBYheYyPE6TXjxMWqzjP1h-Jp7zg_rgGjA8Y-XBMll1Klg2qWxnkr5wz0wxG2rEBakKan4l7_pjZe5RVuB9KqB62eT2-OvuR-Ytv19oBZisBpTlwrgFLEDkiLiJ-UfR2LWxd68mNZqmKEFnQNBsHhncYlHAGpB7wKXOaNs-i7xRpvOqyg5ekKQgaCx1nImpoojvPQ2ERQLtjOek95hFYRp7GmQcHDh01Rc4OWm06yCisAt8PhUDVVnCJbMEeTMVfEWfDaBzFI-OMQYBtseHbR97yZO9fpgBg-H0m6T0a1Lc4wUvtd6wkg6uWsoyeESCKAduI5R8UqHlBlcbY40w7laUYddStHcKOi8vbSyRgtzAUvQHiz0iqOzrKsfmO3SMUTom3sLARkwKAXRAqs7NeYXZ7iKYB0zrmmyzHHYAQ1RAx-uAKxHdT0I4v8ms83kC3ZJYbrVl9UvuKS1MjhNNV-ka85SM-UI62gzOeUKniVGTUQTOhyITn9EOhrSVIyz4Ck-aqdieCTBYNeHB2ICqej_bIEMN-GhYK5x0qWPqBKIC4LH47kRE7k1L1n7smvqiNVEGJ6nK2eLknIFshaCjh9E-h5orswDU_VP0TN9Dg6K72cH8x8dEuvh1BR7JdhL26xqTXQdx1TrHEGc3407HCONAkmo9CXuZWEJbkTExfzsem4lpUuzTueCk51dOosw6EiUM2Ji-OTKjpYqhPCyWfjemz5VPfwqFEjPuP3A30smHbi4f_M6mrxwjc4Ou7rS25ma3a31-58e78PuP0WWEECIIv29nr8RDse31PoWJL07cvRdbpBMnb8q2PE3t9Cw5VrLMACK7fSvtSnTJ5dLKHvQLMB6WIsFmUE5r_2DlLFH91mJSN8ZnS-fnKttZL3o50ZLPkFKYkxJLfUtLW4MnP8KbTuoENgmrcG4lJ6EG2oKjv29D7hiCD1lmFoV2XRlIU0oJr2WyUIQNcPBpmCSuyk-AbRvGDsWEyxMmtXW5SiEKVtQklLGucWYDeyLkuGHN3_D5si2YestF7OUpmeOUTVSwhoARyN0fNAoXs8sbUyMK-mG1Bz6KzVxJY_S30OMGlyoML-sysYk0r6_J2-NSBqpAjyYXA4Hof219gQJg7EIiFTQ2BQnMaSwwv3JmOl6v1ZZSafPqCjcgJVcjqd5oHttYeXr8_lwhTdD0eLcjTJYCUvCxvELxkvWgdffXMiiCLvfDVUVfgXl_r62oU9BcikNydSmYU3RS90QQOHARgsNRBXF3hfdZEKrRsPC28axtA2FCzYd9bJtg4qUrAhvvJNs7DXfym5qanD58UERas_f4px05BMALn3F5HUJI6ybP5NeQhhoSvllxz7johXzgSavvxLNDzwV2NjWcRI8iE6_ylvqd5sBd0Tb7-y4WlbKCKob7TC9J5ST7nqTvM9eo7Q3RIcJ9kEBnsjHa4gTKY2ftUzPtAOqQsvqYWCspwmFttmpAm9GSaJLEfELMAGS34EsOK9uXV7FhRSr-Vhlz7xAPOiYcwUl9Ms4HDjfhBnANAlCbalV_4BNBSyvYuhIGuVfyGhgBwdrJCZYuPBDgnapS7BMzCUyt60cA9xeQRnvVeHu6g_BIsSctlnE-LYEhGALpNGDIPt9FRoFLL3J0Hc1Q1PgpIWOnU5OYZmfiCHpVyVvXvc_2tX181mbVbnI7ITXvDTM1bJAnKtGV2LcaKMn8b92AAdWcLjlU5ByIRb6okaa_iVn-2s7-XpjZiMFSp9RNjiALstpNA4UGrkWtoRf6fic4EV6Hic9eGAbWY-Zr3W5lw2l1E92EVSFMo0HKW99PpbtK2qrkoXDfowBYAuI2ieiUHwyPXnY5u2XHFxysCtz-PnWS-45rgJpOzT30nadWjYjnFbG7PUa0TEI1kpQ91pj2J7XYc5wcy767U4TVw7Cc8wpLgvOhReM_5vty3SwoNSqZA72gEu_hZvBPXXK2RmLuXvvH2sVnefUDhn1Ch2QPA_vIWWOhO5_GK0WO2gpq5Q4U6DdI7fNfYzm-Di34qOOOOB9d-oygPvKpqgfPPGdym2DP-O0v9HisH1YEpz3djJEpgmNQ74u2BnilgV6X6suO0um8VsVdx58zLmjRGhPog&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=7786001719015665000&adk=3944675600&idt=208&cac=0&dtd=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
56822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 13:56:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0BBA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
truncated
/ Frame C626 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76b6fd084e8f50832f9814d79c9206b060500c454442d7f5796ad3c476563a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D664 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Origin
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/ Frame D664 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDldd3arQXlAD6N64bTVIaszHEZLOimQZeGwWzseoXeUJb5bQw5vovM8IVyqrUM0gKJO312EjdmBa9f7oO5kME0ti98g&cry=1&dbm_d=AKAmf-A87T_Qx3BsISF9XpCp9Vi1i-lJYfC1Pr_H7LIEltrPd7-yK7VzHURNheTO4bmsSc2ydTB3-R1YcX9gQeoGN9Me-nHI9kYVNTprIMir3tkBpZwrkT3DquUI0xZKFFiztHyQLxjlDMQQgfTxd3522kpjvndVW-fmOjYlmCoaHZkO_4sTIfZCRma2SsCpAj42d29QuvWFYLiG3XhhSlWcMmx1Z-w4dIgfNR5Wcp9_GBjlf1kmgO5EGJiyryKWVCRN0hedtVawm09SCTBsoZOWGbyc1VPcnt8HlbXgRyeVCNIhM5DtwYkW1iULs2nRO6WKYA8QDpjNqRN0lmk5M_tyd1dBaW1NJG_dzeSIEmfupDCftX1zjGzJB2x-1GWpXKDcUyp_i-RPEf7oPM_lDoDRNBipFuWLzsh2wy7iqTik18iYhZaKoD36fl7a2RMQQ-myEh5v0JT8H7VwzagFJ4HkpqTINX8NdOnnETIkvucDrVrFQqCONqJNhSneKc3ldJExKRb9xYLO4ooaQQY4282DJXSyrkDMi5gcF-UlfXjfQK5Nmy3hmCorW8g52Tq9hLlgJFMxyM2oXAqW_ENWc7J1Zq0CUcqPsHZ3RRmY86_kWyVL4fJnhz9BK7fU0a9J-FHtfxJ1EQ8GSZ1wWQK_NcWve4yLlLMzWVKeuZJAt1XeNeqy4n8MdCld-30uqxXI1mJ9gr1OJI4xkSUQ6qyNEI6ZTst6Hu4ecyeiLjtk2D9A-GstpHL142c8JrtewMi9BjchGEecudt8hOp-iu488TLpuUIzWaLFwBYT5AM6eIUsmohVYPlvBdi6XliragbPscC617RGd1UMnZsbWfu-s_GD41TaaQZd-XMxf5TAc86E0LwLTc4uXS_qylIyLNNM0cZhuDhxmwHm1uKTa0qV9Tk-FsQqt_t4plegUr1DB9CBsHJShN3LKKOdnoqopKAhc9m5iSVFNQSFZbBXCHBTPhxMOicPt3ElJiXlwrc8QjAc3txruGj6w2Wfl1G4aCQ9C6EDbo7xFqKcVgxBUq301XgIPVEmriEc1PCA5eZH1V9Dll3gCKvWNcHW6y7lmBlp1FCs_q-2xI5yuno6lPms7AeVk3s8rAypsUq2ABRJGP2J0M5PKKg_WeHDX_JMXzVq6r8VpSdPRlMl4_d-eBhpvL6uENP9L69D9Bzl_1iyfOE_EDMxEjOaXTlmLAZreHuE75u4I8-tuM6VcJm4pjXwt1GryC5WNj3x8GRTT8mlIDKPmL0NR3qD1iO56Gf2nZAYUY8Of_UpiK-tFndexHl4nYe5ihl-c43bmOLP4I9VwMlg-OdDzA0zOd5UcpFEBI7k9YsXYYc_d9GmK_CbEUDDZ6oFvXb50RmxXREPTeCB3Z4JiqSfIs-CXZH139LsSRjwGG1DYySxhWbgVTo9so0U6NwD26rIx_f00KpXr_x3ytTVMOSFI421_FTh3zCmdB5c5WNatMHwZJB2F2w6A-D7F7S0-YGf3VDy73TUpfMcvR8DK8Sas7IZbpjBzUBXnnzrfCxX8EiiRgHYG0wGVscUD96H54rn5P7GYQRltqRnabDEJGgBH0J12TwLjN7DMov8cqNTB3OgKHvUswzykfifUKNi2cvuh4q73VrNPSsDWTZC1uhYi2HiWijVFF7-8r0oNpZ8DSOe3eUFD1WSXi5xumcR5zy8jloIwigmXE15KuQuwDyL4XkADvzpa1ZfZWWgJM19VlKTg826RVyOpI3-2s-ob4mdH1Nocx0f2b5_X_M8xnEhoNlhZq2xfwI2imSx2Jl6oFBYG2fiKiR-cZ8pxr-LasmYMMp_aYqTlpKjgLhguRgnm3bXvBJevhfKrtw-sEWrBA2mGigsHRc-HXE_H_3Eh_51uuyj5bLEgpJQbjvqBN3kxizpJjAIKAnLNMztmqFQ32OMydIhZe-DzEoM7RkBaiLYlh5LkFAvkzvquxEHYqNyzXGqI5RxhY_07d6S6L3gvZtcdF5JUUuk2iHpYeB6C6rZSoInarschj4X8mU38IhsryfrjI8KfxrQLkddaNKy-Idpsxf36rzvntq618QKYIpaoytJ_IQxmjuUi72hK0Anj2aW82BCj4DKY0R-d4nZWHlzy_6jecvZ1EWcsYFq41xUFfXw1TnQKNTX-epH39nfWoOOz_lNYYaWhhUZ2eKFrOSqIjLzJKxZlW6puSb8LRSir_2-sxDsXLqUB6h1hMj-ochDFToTsINAkXtyB_lZKSkQ48uvfll5QXYcZsR0e7c0-v0Wtc8NhmKVq7eqzYnxcirEzhvCPHNib9fmZv6wFmuFlkAWbONPdFEqY8TqJ3xMIftfQwsk3oOrTkpISlnVYy8xP6l2_LHG7Goa4fw_qeeZ65Ft5NEZFABJ5M0U3mELpi32JLx-0QA7a3xoEAVjxl454IWEBnKTrAe6kBKQ9c__lchEwbqBgGQahbVyZ8oGCTtkJZT97YNKD6Pjwk1Rb_R38UCrY8Aseu25IZnm0P97XabH2iFhtQrLD_E4D7cC6DYzh0yyTxJaajs6XQyxeHxJYVRBPoeYRxCs7qb1Gaphn3cUWNHj8XwCkBEtikoBM2WNBm9nQBD_F2dxeRY6JYl7txyDFHdWUwJa_92ZvG1pb-6_vxzetcNRUVJjAvoRBri67baqk60xWYRSZvm7oR0_N0p06my-zC4ITLub8eoJuFkClIgyq_gZmlKaFc3WKiPCxz8fhSpsh8vIgDTUD1XzZH3qcn7OuMCdl5bOLzhVHjDsufhrqdcY3J-Gmv59WXpniGp97O1Ot4GNSpdzEmaHOKHaeAOGMcFA5eyHJnUAb0YaMzTQva7z0eoj_PZPnd0rrk2iYB6V_m4fGdk2oPz_5nC_oSgWIyRhwsMA3e05oYA8W1h2d-Iat9SftlOgcG4TE89isrAToWXkhxtainXRdWMlJcfcyuyHRbp2GOhzZ4BjKA81EmG_LUspd3Xh7__Sc5BIc6Gzg5aNEDaV2K-N-VArqKeQQ9-DSFWIsjbiSBCyH0HzAEo91mnbho2aIUC8RQJ4UpINGY0WEZht3gC7t_VCh07SKq-X-BJEazp2nCv6fTujIv47rTNttpxm02VFKgCN0iFLOZKP3qDZuPAUifS7IlCOKhLVfEpAHyEqQ6EW6p9AqUM_TvKUZaivCtgx9Vyd6ybD_gy0DsRWVga4FFJE_U_SWPzqDMYvAuuNf57xtykmSFZk-YiTZlpyPFbL90QTJn1NnFV7z3DcETTAWuXSu4HA7XXpN1dgrjUQ8gcXhou0lsVvkWNAvXBw0fd_4jHMmayDF9fpx5sI-dRAxzidn4NkwvzetRsUM6j6sUFKCxyOekMfbkIEIFnTp0TEkuIK-7F1PPVNq-lpJF0IIpTB--XHL-X5k8Zpz_PC5k3hjrOQMijmDu6fFYUUQyg5Lqz5xlklH_JZHJsQExask63o9d8DJVhgiELXTur1ax-ba2chwjN4NouOzFvxBWj5xr4gP-A8LBfqJePOm98g0R8oy7unW77DoB5J6YrSEbLUtyu25j4Y87gvCf7IMDy5ChD8zDgVobWpF6ZzAmGSmIyLHTVgyBA6gXJJan_CqcyN4gJarzig5ZEf0nZ38jgt_skFCg7_XsHYAY96SLOXaNMLV87PgATSenkUNUGZ9MX1wRpnxiGBscpoS63WD2i2LnCJlKE3cGfjAEbupI2wY-kPYBPjWep_giLwKWUovkrXbcZNT58VxN0v3E1mA0cRfUjMvBt27qmO2sLhAsAbnKSm1pOS_FoQo7ICh3fgYEPE1LeRciURzyBsE-JsNM36FNHKJ1yeAkhvUm-J7VN1N4krewGRqCve1xkvttNUmUolSFepTT5ZOayEdbA8-2ingg&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=6463894400237433000&adk=943508955&idt=203&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:56:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
56825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
6053914914909336730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 13:56:52 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/ Frame D664 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230530/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BDldd3arQXlAD6N64bTVIaszHEZLOimQZeGwWzseoXeUJb5bQw5vovM8IVyqrUM0gKJO312EjdmBa9f7oO5kME0ti98g&cry=1&dbm_d=AKAmf-A87T_Qx3BsISF9XpCp9Vi1i-lJYfC1Pr_H7LIEltrPd7-yK7VzHURNheTO4bmsSc2ydTB3-R1YcX9gQeoGN9Me-nHI9kYVNTprIMir3tkBpZwrkT3DquUI0xZKFFiztHyQLxjlDMQQgfTxd3522kpjvndVW-fmOjYlmCoaHZkO_4sTIfZCRma2SsCpAj42d29QuvWFYLiG3XhhSlWcMmx1Z-w4dIgfNR5Wcp9_GBjlf1kmgO5EGJiyryKWVCRN0hedtVawm09SCTBsoZOWGbyc1VPcnt8HlbXgRyeVCNIhM5DtwYkW1iULs2nRO6WKYA8QDpjNqRN0lmk5M_tyd1dBaW1NJG_dzeSIEmfupDCftX1zjGzJB2x-1GWpXKDcUyp_i-RPEf7oPM_lDoDRNBipFuWLzsh2wy7iqTik18iYhZaKoD36fl7a2RMQQ-myEh5v0JT8H7VwzagFJ4HkpqTINX8NdOnnETIkvucDrVrFQqCONqJNhSneKc3ldJExKRb9xYLO4ooaQQY4282DJXSyrkDMi5gcF-UlfXjfQK5Nmy3hmCorW8g52Tq9hLlgJFMxyM2oXAqW_ENWc7J1Zq0CUcqPsHZ3RRmY86_kWyVL4fJnhz9BK7fU0a9J-FHtfxJ1EQ8GSZ1wWQK_NcWve4yLlLMzWVKeuZJAt1XeNeqy4n8MdCld-30uqxXI1mJ9gr1OJI4xkSUQ6qyNEI6ZTst6Hu4ecyeiLjtk2D9A-GstpHL142c8JrtewMi9BjchGEecudt8hOp-iu488TLpuUIzWaLFwBYT5AM6eIUsmohVYPlvBdi6XliragbPscC617RGd1UMnZsbWfu-s_GD41TaaQZd-XMxf5TAc86E0LwLTc4uXS_qylIyLNNM0cZhuDhxmwHm1uKTa0qV9Tk-FsQqt_t4plegUr1DB9CBsHJShN3LKKOdnoqopKAhc9m5iSVFNQSFZbBXCHBTPhxMOicPt3ElJiXlwrc8QjAc3txruGj6w2Wfl1G4aCQ9C6EDbo7xFqKcVgxBUq301XgIPVEmriEc1PCA5eZH1V9Dll3gCKvWNcHW6y7lmBlp1FCs_q-2xI5yuno6lPms7AeVk3s8rAypsUq2ABRJGP2J0M5PKKg_WeHDX_JMXzVq6r8VpSdPRlMl4_d-eBhpvL6uENP9L69D9Bzl_1iyfOE_EDMxEjOaXTlmLAZreHuE75u4I8-tuM6VcJm4pjXwt1GryC5WNj3x8GRTT8mlIDKPmL0NR3qD1iO56Gf2nZAYUY8Of_UpiK-tFndexHl4nYe5ihl-c43bmOLP4I9VwMlg-OdDzA0zOd5UcpFEBI7k9YsXYYc_d9GmK_CbEUDDZ6oFvXb50RmxXREPTeCB3Z4JiqSfIs-CXZH139LsSRjwGG1DYySxhWbgVTo9so0U6NwD26rIx_f00KpXr_x3ytTVMOSFI421_FTh3zCmdB5c5WNatMHwZJB2F2w6A-D7F7S0-YGf3VDy73TUpfMcvR8DK8Sas7IZbpjBzUBXnnzrfCxX8EiiRgHYG0wGVscUD96H54rn5P7GYQRltqRnabDEJGgBH0J12TwLjN7DMov8cqNTB3OgKHvUswzykfifUKNi2cvuh4q73VrNPSsDWTZC1uhYi2HiWijVFF7-8r0oNpZ8DSOe3eUFD1WSXi5xumcR5zy8jloIwigmXE15KuQuwDyL4XkADvzpa1ZfZWWgJM19VlKTg826RVyOpI3-2s-ob4mdH1Nocx0f2b5_X_M8xnEhoNlhZq2xfwI2imSx2Jl6oFBYG2fiKiR-cZ8pxr-LasmYMMp_aYqTlpKjgLhguRgnm3bXvBJevhfKrtw-sEWrBA2mGigsHRc-HXE_H_3Eh_51uuyj5bLEgpJQbjvqBN3kxizpJjAIKAnLNMztmqFQ32OMydIhZe-DzEoM7RkBaiLYlh5LkFAvkzvquxEHYqNyzXGqI5RxhY_07d6S6L3gvZtcdF5JUUuk2iHpYeB6C6rZSoInarschj4X8mU38IhsryfrjI8KfxrQLkddaNKy-Idpsxf36rzvntq618QKYIpaoytJ_IQxmjuUi72hK0Anj2aW82BCj4DKY0R-d4nZWHlzy_6jecvZ1EWcsYFq41xUFfXw1TnQKNTX-epH39nfWoOOz_lNYYaWhhUZ2eKFrOSqIjLzJKxZlW6puSb8LRSir_2-sxDsXLqUB6h1hMj-ochDFToTsINAkXtyB_lZKSkQ48uvfll5QXYcZsR0e7c0-v0Wtc8NhmKVq7eqzYnxcirEzhvCPHNib9fmZv6wFmuFlkAWbONPdFEqY8TqJ3xMIftfQwsk3oOrTkpISlnVYy8xP6l2_LHG7Goa4fw_qeeZ65Ft5NEZFABJ5M0U3mELpi32JLx-0QA7a3xoEAVjxl454IWEBnKTrAe6kBKQ9c__lchEwbqBgGQahbVyZ8oGCTtkJZT97YNKD6Pjwk1Rb_R38UCrY8Aseu25IZnm0P97XabH2iFhtQrLD_E4D7cC6DYzh0yyTxJaajs6XQyxeHxJYVRBPoeYRxCs7qb1Gaphn3cUWNHj8XwCkBEtikoBM2WNBm9nQBD_F2dxeRY6JYl7txyDFHdWUwJa_92ZvG1pb-6_vxzetcNRUVJjAvoRBri67baqk60xWYRSZvm7oR0_N0p06my-zC4ITLub8eoJuFkClIgyq_gZmlKaFc3WKiPCxz8fhSpsh8vIgDTUD1XzZH3qcn7OuMCdl5bOLzhVHjDsufhrqdcY3J-Gmv59WXpniGp97O1Ot4GNSpdzEmaHOKHaeAOGMcFA5eyHJnUAb0YaMzTQva7z0eoj_PZPnd0rrk2iYB6V_m4fGdk2oPz_5nC_oSgWIyRhwsMA3e05oYA8W1h2d-Iat9SftlOgcG4TE89isrAToWXkhxtainXRdWMlJcfcyuyHRbp2GOhzZ4BjKA81EmG_LUspd3Xh7__Sc5BIc6Gzg5aNEDaV2K-N-VArqKeQQ9-DSFWIsjbiSBCyH0HzAEo91mnbho2aIUC8RQJ4UpINGY0WEZht3gC7t_VCh07SKq-X-BJEazp2nCv6fTujIv47rTNttpxm02VFKgCN0iFLOZKP3qDZuPAUifS7IlCOKhLVfEpAHyEqQ6EW6p9AqUM_TvKUZaivCtgx9Vyd6ybD_gy0DsRWVga4FFJE_U_SWPzqDMYvAuuNf57xtykmSFZk-YiTZlpyPFbL90QTJn1NnFV7z3DcETTAWuXSu4HA7XXpN1dgrjUQ8gcXhou0lsVvkWNAvXBw0fd_4jHMmayDF9fpx5sI-dRAxzidn4NkwvzetRsUM6j6sUFKCxyOekMfbkIEIFnTp0TEkuIK-7F1PPVNq-lpJF0IIpTB--XHL-X5k8Zpz_PC5k3hjrOQMijmDu6fFYUUQyg5Lqz5xlklH_JZHJsQExask63o9d8DJVhgiELXTur1ax-ba2chwjN4NouOzFvxBWj5xr4gP-A8LBfqJePOm98g0R8oy7unW77DoB5J6YrSEbLUtyu25j4Y87gvCf7IMDy5ChD8zDgVobWpF6ZzAmGSmIyLHTVgyBA6gXJJan_CqcyN4gJarzig5ZEf0nZ38jgt_skFCg7_XsHYAY96SLOXaNMLV87PgATSenkUNUGZ9MX1wRpnxiGBscpoS63WD2i2LnCJlKE3cGfjAEbupI2wY-kPYBPjWep_giLwKWUovkrXbcZNT58VxN0v3E1mA0cRfUjMvBt27qmO2sLhAsAbnKSm1pOS_FoQo7ICh3fgYEPE1LeRciURzyBsE-JsNM36FNHKJ1yeAkhvUm-J7VN1N4krewGRqCve1xkvttNUmUolSFepTT5ZOayEdbA8-2ingg&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=6463894400237433000&adk=943508955&idt=203&cac=0&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 13:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
56822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11027
x-xss-protection
0
server
cafe
etag
5492578185836041520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jun 2023 13:56:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D664 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 May 2024 07:39:33 GMT
generic
match.adsrvr.org/track/cmf/ Frame 5B9B 		70 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1685598237209&uv=3286&tms=1685598237209&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=407dcd4c-22ca-4162-a7a0-60f148ff582c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5B9B 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1685598237209&uv=3286&tms=1685598237209&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=407dcd4c-22ca-4162-a7a0-60f148ff582c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a02a:b4dd:86d8:2318 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 5B9B 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&cmcv=&pix=undefined&cb=1685598237209&uv=3286&tms=1685598237209&abt=inout2_vB!nonrv_vA!nrlc_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=407dcd4c-22ca-4162-a7a0-60f148ff582c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
remediation_1685571097325.js
cdn.userway.org/widgetapp/2023-05-31/remediation/ 		157 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-05-31/remediation/remediation_1685571097325.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
dec9b665d7cb35ff071c8946c4d195e5efa8a6410ad41bd331a483dd265e23ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
73
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
26726
x-accel-date
1685571511
x-77-nzt
AcO1ryfRP1X/ZmgAAA
x-accel-expires
@1711491511
last-modified
Wed, 31 May 2023 22:15:04 GMT
server
CDN77-Turbo
etag
W/"cd5967b54021af5bbe2ae2096378c282"
x-77-nzt-ray
25b021312677e8c71d3078641949c415
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
3N9uyMCqX0OgHbEUFkiImiJXKZIETQIvUw9kPgHYmV_Ii_H1iTkQgg==
4GrPdJwLwQeVa2Qa.json
cdn.userway.org/remediations/consolidated/2572728/ 		951 KB
142 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/2572728/4GrPdJwLwQeVa2Qa.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b8c26e1e6918b4f0846c853128748dbc6f0b8a4db4ce690060740aeaa5b606f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
22
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
224362
x-accel-date
1685373875
x-77-nzt
AcO1ryfz4an/amwDAA
x-accel-expires
@1716909875
last-modified
Mon, 29 May 2023 15:24:12 GMT
server
CDN77-Turbo
etag
W/"5abbb73c7f2c79fc244e9a043d1db7fd"
x-77-nzt-ray
25b02131117616e51d30786444f60916
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
content-type
application/json
x-amz-cf-id
AdtEuZe4H5iWAOV7VghkBSvH_pF36ZpbgpQpOl2muh5XmVnlWRi0-A==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
261167
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
822279
x-accel-date
1684775958
x-77-nzt
AcO1ryeZyp7/B4wMAA
x-accel-expires
@1710695958
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
25b021312677e8c71d3078641aed9318
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
bBpSK8zRykkC3_2HaAWpkh63gaiR3XHV4kMcVzaUoO9wyvC1W4MoZA==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
272286
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
822280
x-accel-date
1684775957
x-77-nzt
AcO1ryd0Fh7/CIwMAA
x-accel-expires
@1710695957
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
25b021312677e8c71d307864879aa018
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
skP-kKCi5NOaprQfAVsjCRnqQ41DDfQp_qmG_ikY3Ii3tXvBY2hYcA==
truncated
/ Frame 0BBA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f37d581833ef12fd202af5ea1883c3bd8e01fc91a0a129864e2ae2106d1dc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
supply
events.browsiprod.com/events/v2/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=0cf6981b-a1c8-4c5c-ab86-5ffe7a86bdad
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.53.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-53-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:57 GMT
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
date
Thu, 01 Jun 2023 01:23:14 GMT
x-amz-cf-pop
FRA56-P2
age
56402
x-cache
Hit from cloudfront
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
server
AmazonS3
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
aLbI--_-covnfBMVStDXfK1pjoPqqx6R6L33w0dFcJ8wuymTft673A==
supply
events.browsiprod.com/events/v2/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=0cf6981b-a1c8-4c5c-ab86-5ffe7a86bdad
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.53.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-53-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:43:57 GMT
access-control-allow-credentials
true
generic
match.adsrvr.org/track/cmf/ Frame F10C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b
pr-bh.ybp.yahoo.com/sync/taboola/ Frame F10C 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a02a:b4dd:86d8:2318 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame F10C 		43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LjACLAaEr_e3dJBpTxAIX-9v6SDTnigAAABgYID-AAkNdiOPybRxSyYbh1u0mE3WCt_CsJYNZo7RcGZzDScbIyChwW7kMZk2bslk43CLFrPJWuFbGNaywcwxGs5sruFkYwUnxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQdc0uQxyEhu4oOl0-Fz3et3vd5e9PKfnXeO3K81-tcNp9yssp6fH7PJLHMuL8fo5Du0AAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GACgOGPI3HV12i-vyM-gtBpHLchA9XBeX5R8AAAAAQAAAAACQACDgyi8BcGEVdeL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GOKM9He9pPFESKRgsggjAAAAALnVm5FHJukEFYsq_____VYArgAABCDW7bWnZtEdlHgLAwAAMDBmgR4Wv9_ssGv8bpf5_________zfzf-YfjVARV0qaIBGKPTW_gAAAa34BAQDYqBsAgDcCcIIOQSsGg9VJiMFgtdmNNpPZAQAAALjz____rwekNpbByLCybUzOhWkxnA1nLufIONvYbJvZxuaZeA9n4NhCpETJRJ8UYZn9voOCcnp6zC6DqOh6W-wOp9lz0DVNLoOcRBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFqMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLGaGWcbj22tnC02btFgNFlLfLPlWjQczUY2i8u3sezWotfHdPEtJq7lxIsEA1b2InlapBOZYTCxrHwzk2e58nhmztFmubHZVi6byTWZeFYri1iiOVmkE9ll39pYBiPDyrYxORemxXA2nLmcI-NsY7NtZhubZ-JvrGbG2cZjWytni41bNBhN1hLfbLkWDUezkc3i8m0su7Xo9TFdfIuJaznxN2bD1Wo5nGxW-8ZsuFoth5PNat-hM3xXn7PRfJZOPD6x2ZutjmxOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-H6H7caYHGle1_GtcTAoYongIp0o7y7TW_bynJ4XsURpukgnerXDafcrLKenx-zySxzLi_H6OQ4tYongdJFORC_j6aL-o4cYruaSxWauWK3mitFqlQAAAAAAAAAALME0000AAAAAnAxkuFqOVut0EKvJcjRZLRcARHGyLgAAAAAAAACAXUXYU9kq-C_AxRp7TCHvLtNb9vKcnlcGACAwyWyzzwhirVbLGgAAgAA2AACAAG668SYgzIr7____HwcAAEBGDj0AAAD6fUBQUKPXCj1x_AhyNVrsH4AKsVar1e3GWq0W!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.115.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-115-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
truncated
/ Frame D664 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c615cc03cc18b8a0a6fac0428664c455c523bab35d662145074f494a6b10ca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/6227350466491785267/CbV_MY24_C40_DE_Banner_970x250/ Frame 6F48 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame C626 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP4Gkn94yKAtV9Gn9THFtB_7IU2rl1aG781N04BytaXdwReFoPuMXRXcUO9FcI3dR5v2cD5VOnfwsMbKOkG5vmeA3NRjFuMJS_sO-tzmEbck5Duehza8BO_8Har6d-OtClti4Dqf2NG_W2rgmMOv5gvmtgGgZneBortdfw1OGWXDsYMFkZrjhxDpUrodUUbajnhWmtnDCcGkxU4ALzn8sbWSRU2S_E9HkQB_VpwoHulNNn9X7TxSKfTTyaSlI8DIqOjb6g1zdBIST0S3FRT_hBjn8XqDoqLlAv_yBNPdhlOes0BWtLwLnt_eyRyT2k1DU6XraLYjSkqP6cjWCpLnSz-y8-jNiMR-7-yQDmkbh2o2euLg3YtgRApZ_XJA6hI-HB6DVd8h8CHIw0jBmdO3r6iIyNhHCJW-5gtMKFI2UbzvskEM_iMO11-G_sT512Alx52jEVoQM3zuf1V1ZV94jGTUffnUgDdlq7IK55fhwNclRcqugb6ELyJsw0FE1XNPnfI9I4A9vyScujdZuYQyeLfzRC7XlHE9vDGJ7kPr4p7j8rRWC0tlm-yLz8IoQ0nHmBBWkVq_hBb7N6kxp4SlJ9kf4VJF-HZcnxuBPZD5UowX2_znrbdOUhZhhpAhcdZAWnwDP2afIAhc2iz6a3oxHu-59tUgta_GXUSyMqzkn_lJjn6BRGT0p6JBBe82f372EVASitXTDbF47omPcDE26-2YHC4Js2A5RuOscOZsT54o9LfA7eBixBi7y1lOUgYyPoNQlz02-q-CC9UTkiM5Y0GNeDPE8u-zr3JCpAUkyjo71GeT0dhgH0YtLEutaXpn69B93p2vvR89X3dW4FEPG7Umf6dF_Yq-nfL1rPCxUYdqg_G6Z3_1VRny43voWyOZLu_pMwgapok19Vx5lSNAyMIOR3R55GVklEwKO2LADGE5ko-guPXHlEUHO1TdCjkC7kbDACCVDTF9py4EU_1OCbOTZRCyz_mSlXt8Zj-4SmATDbtmVzxvvZ6ZafikCnhOd82A0fituioYaJq0WWKC6Q8OSYVlAX3vK-VCP7c_gYou761Xg9PHkeab_oHrUjm2tf00785vJNCz0JhXe4oZx3JKVGXLwk6ObVWVt6aXGikEEAqSVYnHnzc_htEmb6uuxzdqBndvpsWPg7ZPtfKmAgFyfIsoD5dvjMjtaswF_4sqs94BrKRjPINqbZqfle3M65HUzMOLDBflxyQ8mtrnWqK0tF1WjmX7Yxf3JwpaCcmSA807QFQR2KPg3WwEATgdCVB--lFIE&sai=AMfl-YQ8MaFWyqfaqrSGB5jW0Trri0jI009S7kuDATGmt5PMon20XO4KBwMg4Mf-awVpV-hZ-LDpKUUBtmBAQmcl1jsM_atTGZqLAYjlUsZJNYxidMgnaXJRiiXG5C_8Dz0QDYLfTD4LBm8cauGWWzPCYACNh3mTjJQg8AH2905ucYvPhRSiVxxDh78t9d5Pey4gKQ7XrZtMnb5ChsPC21iQjNfQAQEdbBS6rry0weOxHINkHQd_4lbBkwXen9zp-rCN7R_bHCDnGIofOdUuPw1Kb4nO6nCb5-NTOYws&sig=Cg0ArKJSzJsdnSnjnk0MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=396&cbvp=1&cstd=393&cisv=r20230530.28291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:57 GMT
index.html
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/ Frame FFCC 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c6ce816bfa2750b2c01b3595b359d4e5d77e2af89e506f891149be5b0b817e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
38406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1937
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 31 May 2023 19:03:51 GMT
expires
Thu, 30 May 2024 19:03:51 GMT
last-modified
Fri, 19 May 2023 14:50:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0BBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubc6aiAkWwxjaPxYc6htdlEZXPS7AGaM1WQrOXRwCJexeuxpT-_8aeaauJnqeyChEh6kK1p4DLY5nFwcAcVgUZJLOPjAnTtiafCmmtQGcx54WiFlEJVUGLfVc-kYfzFQiKFa9HZMYHRs62f6Es72EhUNk-t8ueibeySR6PDoaZYIgl3V8ezoOt17FW7AzlmoofjjvckzpuTKZX_KYSBOb9Gc7zcSST9eB_I76h1qq7hmnvdTg9ywsyfkLO-GLz-24D9wdisiBJiUT0x0ZRQyj3f8zMFlCom5-ILM5LFdjI_GDOMotn2gJHTi6oEFMGW8FSO6a-1aTn0NWiiXwwGyPtD23QiBW7WAHpO7YGasrtPLlN1ZgISJ7sn3QO21Azzb8DFaKWaSYsLFtrIeCWLMFxamiOY1VAJnDSFT5auxLqMbKBcd_mtAUTFdEsrSxpYELHnKpsCvhHjcfsuVTfMlwES9fCqEeSf7w_5KyfFbRGKb06z3HsKcDEzabKwPXjei0cOe-woFEhwljgpaPUQhL78KBZeOoYknaHh8oHIBZ9O2NTrZ9O1ygF6hYO4IfINQnd6vsGXDxutRpUvyKAXq96foWFuOGJ7lP0HPD1lgFGXY-X7qj9Cfsy-KtszDFsauoPfWAL1l1NpQPxSfwX55RTa86S3u9Yi6Lr-2ytQonz8Ms7k08g7ESnnW61Jx8-nLeWbuWiyIwrcaeZm58MS5fTTDR-kwiAYRNqbSLl9XNNifP62k_sJQP2XxhtTfTL1ssY0PcCptm78wgTaOic5PNJi0cWrZWoO93LctAdyow9q_uRZTz1SIqVcj9KLCZKrNq5E6Fakmypj5GqB0Jf1VDgEPA0eKqJSGyCbVvq005l96ZWa0pJwJeMbDkKZKpcohT-ZWdgxG5uAk__iD0t8K9Hw368C7sL0EYJcZvikpjoemhCzcfgBwNxcExldfJsBtSRvHng6FMgkL7ppLyS6KwPJi0lX-deJ22EMidw0ptjZe0HfwSquEXEny5VdGrp8DKKmi7meeEyKs4uWlNs4W54TK2sheyE0H-hOtYkUZs1Xh8bfnji5Bhi_zbuDcicVPK7mQYJBTFPqTQB3Xw9BsF6v5xcGG-EGoeZprvgMbrBOiQwXmrarRJ0D9cgkrCtDgrt6OVY-RLM7HkooB-AtrxitQm2inVYcqMQ7sU1v6Cfnr0oGjCDBb0jvA9N0-2p9WaprqPzGt5V9S_gwRFlAghhBaLZz_c3XSS3lgkm5xvJRwnDXHAg7q-nZ4vRh9zafBPhxsPNUPF5F1ltYQ&sai=AMfl-YQB0UAXWOEWnsbLLPa18ufntoLsyPOnzviL8pSaBcAt2ldhxDCvZw2ysyeTJjVLOn8IuOmMe0nd0MtT51Ny2lphRdSKvvrxIUWMIktHdxHccJ-hKuJXext-FvBxZpI6Lvbo7qxk7gHuJ4rRNyq7cs5N2nYwN0wb0ofT6R-6CJnT93sbePAbBlgsGWvPt0DaqNsPp8rIsN0blRS_Dmut8_pcuKM_vsykveyDIsz36wS_WSv6GOKLBf90OFX9iLWq2L9EPHJzkffChMWXH4bKHQI5FA8UDlQw7Uoh&sig=Cg0ArKJSzIzZoqx2OD5rEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&cbvp=1&cstd=314&cisv=r20230530.03817&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:57 GMT
index.html
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/ Frame 9DB7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c6ce816bfa2750b2c01b3595b359d4e5d77e2af89e506f891149be5b0b817e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
38406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1937
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 31 May 2023 19:03:51 GMT
expires
Thu, 30 May 2024 19:03:51 GMT
last-modified
Fri, 19 May 2023 14:50:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D664 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1RQuY23nCMREU8C9uHyh7Wimx2vptrhJBgLfHW8bpZftGaRVxfIk1S5PgvrcGu12HXNJhcPAfcBuD6FRsxkWlxrGdN4-B2KzUjIAcHI08QOPdHT8j1oD1Kl342ITjjt7JePdPhVP7qfSag4Qey_MtxypoY0aPWkRdcyRK3oKCcPnCAywK7tFw0-FKyKePncyhDBxJsPdnaikhkQTgyjBCPtaTF2y4FxZw9MF-vFfzVNv56stNYH_tp1tYYa7XfKELf970zrhJbz15EUMpjnGxU_XKfVm5zgVIwpjGOcWMKJimQ9pD5ctoyF-RNTMo9gWSzVVo4JxBYfVRDSYU6Zky7VwLg9VC_lI7zdHHn1IW86BPEl57HMrMlQ39EMfmB1dIeE5bmmQevgeqpe8XP1mC7K-DIKadUYjJReO8reGCubxRrY_uuVj_9IyGf3RVrivhXqHwtFk0hjceFnNdM_x1pEFJQ36HT39Zv4hxK-w1A3SsLDrPGF_5Ih68Xy7JQDew4rwbKPBx2MHVzthz_90MtgVq8SygAoyOfOyLXmGtcsHP0RGNL93x_WGhM2B3NwXk1bxKz_OcUH5Jb5qiUB3MrC454u9uJswD_9FiVDQjjc-sJIPs4HDcDBRlBxY5BsIuINZ8bqd4tOpljsZXSnU_Ldgpt0SuGPJE76dyCWihjxgQOUX-e4f4XVoqtcth40pR3L930w-zrd1embVDr9dCzRY1Sgu_pL7-SgawMQNkTWc9SD1m5RPjFL30pEvmSFbVn9HzC9BvoJ7I3u7OUARqGeXI_SL2Sx_vpQzuVnIQjvvS2r43uUmA7dfkhf-HmCznPWiH6UL-ngP-uwab4srIrFvgSThgfTTJn7hsKC_LheIAnZz4fg7ak4lb78JBrMYg4LLt_WMu4MFO4_tDpz_8KzddJh7gBxrdSx9_P4SVy1mHOiEv6X8UIlvLAeRu8Y1FUsaas7wLIBKvojTemWYQVG_gAx2r0xS_mQdSi1unWGMm4Nb7jwTYRzQBPfr49kZmjuW7eO9QmoUvZQC_d6D9QZLOsGJZEojHe9rHPzfMQZ1Zz2a45cRfjHewjxNLy2ix5JTuB1dab7RXCjclwI2I7IUslCc2zEz0gSxkySBB8VNzD_D99R1YAWIAVk7SDTSHZZtL1VwOxZHJDvfADrSIVst2jrbLZ0abVQc91Ovd2MymK_MTjUh1qW4ndP3eQZgg-hB0EJRyBfJ65KlHzwRS4Y4xZ0SzI0OY7hZy8fiox2Eilp54yliMGh1ouQX8cIvfzINRT342XOBLBQ&sai=AMfl-YQ_7q_7_P-1DehLM-Vo3LxRTRV-WrqC7aeD30l1Xkd1IsnNs6tvNSTLzbMJnuCQQOTC9MgbZOPBtGBT-Lrx02jMNUcX5xVzkrqHXezWRcOThO1yHHLaC9QuyhNdwDudw_M_Dn89Mjy-QzhefahK494t625pXGy61thcKB8iViGPjQCQCMP8G_KRHz0qD3sJijWK0ecTJbYv9QRC5NHyrNTKNAHB5zLC-DQeMwzhjmqDCbB5x4877PPagIHQyJ4gSoJUIB0Hi_sB69beVtu6bXv_k1qqAdVzz1z5&sig=Cg0ArKJSzMh1-S5I4CO8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=272&cbvp=1&cstd=270&cisv=r20230530.01995&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:43:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1DAA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
115605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 21:37:12 GMT
expires
Wed, 29 May 2024 21:37:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7476 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
115605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 21:37:12 GMT
expires
Wed, 29 May 2024 21:37:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 18C8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
115605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 May 2023 21:37:12 GMT
expires
Wed, 29 May 2024 21:37:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4a.js
static.adsafeprotected.com/ Frame C626
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1431402/70901275/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1011798148&ias_pubId=pub-9314111824787632&ias_chanId=1&ias_placementId=20014188934&bidurl=ht...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
qnzbnp4fvro4sgCahXArI3KIkfjYftYd
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
date
Mon, 29 May 2023 15:51:10 GMT
x-amz-cf-pop
FRA56-P5
age
222768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 22 May 2023 15:51:08 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
PMfycq5KLcjW-rctJ0IK9pug2KzhQfAuJ2dDveFZpHRY-EGxWcfJig==

Redirect headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame D0EF 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
21823661
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
fGsX3MHDnliFlKCieHdjZ0uPMhUgxtcCev2FhqR3g9zFDEfP2iOvVQ==
dt
dt.adsafeprotected.com/ Frame C626 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=4a86de1a-869e-003e-849e-19186a068e57&tv=%7Bc:egjXrn,pingTime:-3,time:124,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:50%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:124,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B118~0%5D,as:%5B118~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFUaqoN+11%7C12%7C13%7C14%7C15*.1431402-70901275%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f,idMap:15*,rmeas:1,rend:0,renddet:DIV,siq:54%7D&br=c
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:39e7:d3d6:74ed:31eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame C626 		43 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=4a86de1a-869e-003e-849e-19186a068e57&tv=%7Bc:egjXro,pingTime:-6,time:125,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:125,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B119~0%5D,as:%5B119~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFUaqoN+11%7C12%7C13%7C14%7C15*.1431402-70901275%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f,idMap:15*,rmeas:1,rend:0,renddet:DIV,siq:54%7D&tpiLookup=ao:www.vesty.co.il*&br=c
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:39e7:d3d6:74ed:31eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bulk
trc.taboola.com/ynet-vesty/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230139-FRA
server
nginx
x-timer
S1685598238.755781,VS0,VE11
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.vesty.co.il
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/ynet-vesty/log/3/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 01 Jun 2023 05:43:57 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230139-FRA
server
nginx
x-timer
S1685598238.763275,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.vesty.co.il
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
dt
dt.adsafeprotected.com/ Frame C626 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=4a86de1a-869e-003e-849e-19186a068e57&tv=%7Bc:egjXrC,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1363,beZ:1364,mfA:1366,cmA:1367,inA:1367,inZ:1371,prA:1371,prZ:1408,si:1416,poA:1417,poZ:1439,cmZ:1439,mfZ:1439,loA:1488,loZ:1490,ltA:1502,ltZ:1502%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:50%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:50,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B133~0%5D,as:%5B133~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tFUaqoN+11%7C12%7C13%7C14%7C15*.1431402-70901275%7C151%7C152%7C153%7C16%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c%7C1d%7C1e%7C1f,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:54,sinceFw:84,readyFired:true%7D&br=c
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:39e7:d3d6:74ed:31eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
pagead2.googlesyndication.com/bg/ Frame 1DAA 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
82252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:53:05 GMT
PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
pagead2.googlesyndication.com/bg/ Frame 7476 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
82252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:53:05 GMT
PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
pagead2.googlesyndication.com/bg/ Frame 18C8 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
82252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:53:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C626 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc2s84JLiDZ-4zzOFmZBSJpUagMvHLXL9Jdef-P0LlyRH1BUB7kbF4b7RKOQaDrLYiYFuKaqKZY6ctihib5wtJu28VylJ7p66Omp0lFMCZ3lVx-jqAB_9GHU95MGbXgNDcsTatkF092VkgQ4U2WbvZwSAmh_bl3ykRpA&sai=AMfl-YTe-geS8gq47VeHxH5ZvwcpAyNGHAKF8f_oQiR4icWPYfus4uwiLEIxojiDEiATNNYTBL298YkwbWZmZKGsLJTvzCpyLbOyKF4zeK0Cq3U-lBKkzDs8vrItqiJtwDU&sig=Cg0ArKJSzMv2_B3tRCEmEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
passback_970x250.js
static.adsafeprotected.com/ Frame 96DC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_970x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
.AUJIbFgg5lm.Sl5dxN6YT6RZNYioRMX
content-encoding
gzip
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
date
Sun, 28 May 2023 01:06:36 GMT
x-amz-cf-pop
FRA56-P5
age
439512
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:56 GMT
server
AmazonS3
etag
W/"094948b2d1170876fb8e76e432d87da6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
qA0YAgQSR74E5AnPfiKa6UryXrBSbGFRdbeA-WRdH2WDv3mB-rjd9Q==
IAS_PassbackAds_970x250.png
static.adsafeprotected.com/ Frame 96DC 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_970x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
pdWOnfKbVAXycyDHbhFI_OqkWBFerFwW
date
Wed, 31 May 2023 01:10:34 GMT
via
1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
102804
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28949
last-modified
Fri, 18 Feb 2022 23:29:18 GMT
server
AmazonS3
etag
"9d3f43da9d0d0679ec0dfea58b2f1d45"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
rvXg0IsMA-6vxvp3MZ8YW8Vy6VjTFCqMP_-_sOLlZdlwu1FpVdYZZQ==
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame FFCC 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 05:43:58 GMT
script.js
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/js/ Frame FFCC 		4 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
501f415b2cb66824ddd524f3f22240efb6995a8ebd12e282ed048564e28e0738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 06:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 06:06:26 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9DB7 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 05:43:58 GMT
script.js
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/js/ Frame 9DB7 		4 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/js/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
501f415b2cb66824ddd524f3f22240efb6995a8ebd12e282ed048564e28e0738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 06:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 06:06:26 GMT
dt
dt.adsafeprotected.com/ Frame C626 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1431402&asId=4a86de1a-869e-003e-849e-19186a068e57&tv=%7Bc:egjXxu,pingTime:-10,time:503,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1685598238127%7C%7C0bc8dd5e94abfd26fd747461e5fc98bc%7C%7Ce2cb1dcbe7da8721e3ae9a3fd2b4449b%7C%7Cbefc6fcd85f66e8b53f2c33e2f401ca0%7C%7C4a4be0e3b19bd9a068736576056f0d52%7C%7C935a03f6814513c2f6f9686395042fbe%7C%7C4a12c27d163d7b273ec3f98f8ff73611%7C%7C66eb0e5a1b4f3d737586534802868126%7C%7C1663701684%7D
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:39e7:d3d6:74ed:31eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 01 Jun 2023 05:43:58 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
26254
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1685598238.162248,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3840
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DAA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVBAMHDB4ZM3iOpDjgAfxvI2QAQAAAAA4AeAEAg&bg=!WlmlWQ3NAAZu7ficTu07ADkAdvg8WsQldBH8tY2V5W0xZVODNYfBgXG1PXWQ7YXKrfry7RSrJN2WpA6hIejcvKbmCjk-9mLHj5ECAAABC1IAAAAGaAEHmQMdWU19554iy7v2Y1V0sGyn6uyIsKi6yKzLv2pDH29rshss14NR8axB2g6hNDCMAR4JQaZz8ru8XD9VcYJxfL3FQ6rlFLMLiZ8OHdRHVcPXeCRWniWjiWLHt7MmTqtntuVYoOKk4e8SZ_ksm-E5yUr1tacBbMlFwP9exdf7d6rJOaNL6hZTygRDtEdODc7EckyutIxiA4dxdPr8Ddsy69YGnBVmiMxmCg5QbXIQ07n9r5TNkqwzCC1n_lEzd-HiYvgqku_ygapKp39Luxh2stUyZyngwOqY9balkww3hKsmTCGuhoWOQVXHtJv_Z64zhBCfolwLTV3XcB_85Qy_OF_YWfaBUcTSo1lRuG2icH6_wl1KdIGPkDdGxJKjOATszO_EcpgcAe3Y3WeakLIATtSEtt7RQJgwCOnff_KpdJQosGb8JcAjWn5211iK0oxMnjMr7dBR1Nve1Sf08GTtgymqg9enR9iWF1qFKClR5osQJqVIx9C7DvS42geqHj7qOUIn2HzQbp9IbNE-Cgj7lzWIjNeDIkWRS2WL-igpQEJyzzNThg4_RnM4HnnDRycoKkFgO0MgQsA2cxenyt7h8aUPM0SH90DdKM2kGjY0qaUlcR_hoF8Ya8j1c6kGRFvD8wZ9rvsbC6UXjmTDnxTVS6e7dq15Sz5EPol4oyOZJsp2HCy71sEixecYUhihfvwQf5ujNm9Q_BAJtzUngwYUTDQykJ7m98hcMztnNYyAU_bPT9N2cQNnPB2v3Y6LWl87_TNgN67I-ubTBlB30lTM5Hh1tqDVM5NcGqNQEWXUFmbhq5AB_ZHsH_HepX-k7awTFzJ5Oa6kF0ywFNBBOHJBTfGIc8iGyqXLlqavfb51t4x1jijo8rilsK8nFFOqiAd1P5VqEKJg17VtgP9xxpywWf87xMEjWv5BMojTCl7AM5z6LemuYgbBuWKCTsh-pTn8X1crtJ77Yem-q1sWTjcPzMjvHlhmBr6vSOLTrTDwil6xO_sjlu56lWE521X28olYlga2M8UeAYaAtlNloslpKwE754CQwGAlill-_EnZquo
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0BBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubc6aiAkWwxjaPxYc6htdlEZXPS7AGaM1WQrOXRwCJexeuxpT-_8aeaauJnqeyChEh6kK1p4DLY5nFwcAcVgUZJLOPjAnTtiafCmmtQGcx54WiFlEJVUGLfVc-kYfzFQiKFa9HZMYHRs62f6Es72EhUNk-t8ueibeySR6PDoaZYIgl3V8ezoOt17FW7AzlmoofjjvckzpuTKZX_KYSBOb9Gc7zcSST9eB_I76h1qq7hmnvdTg9ywsyfkLO-GLz-24D9wdisiBJiUT0x0ZRQyj3f8zMFlCom5-ILM5LFdjI_GDOMotn2gJHTi6oEFMGW8FSO6a-1aTn0NWiiXwwGyPtD23QiBW7WAHpO7YGasrtPLlN1ZgISJ7sn3QO21Azzb8DFaKWaSYsLFtrIeCWLMFxamiOY1VAJnDSFT5auxLqMbKBcd_mtAUTFdEsrSxpYELHnKpsCvhHjcfsuVTfMlwES9fCqEeSf7w_5KyfFbRGKb06z3HsKcDEzabKwPXjei0cOe-woFEhwljgpaPUQhL78KBZeOoYknaHh8oHIBZ9O2NTrZ9O1ygF6hYO4IfINQnd6vsGXDxutRpUvyKAXq96foWFuOGJ7lP0HPD1lgFGXY-X7qj9Cfsy-KtszDFsauoPfWAL1l1NpQPxSfwX55RTa86S3u9Yi6Lr-2ytQonz8Ms7k08g7ESnnW61Jx8-nLeWbuWiyIwrcaeZm58MS5fTTDR-kwiAYRNqbSLl9XNNifP62k_sJQP2XxhtTfTL1ssY0PcCptm78wgTaOic5PNJi0cWrZWoO93LctAdyow9q_uRZTz1SIqVcj9KLCZKrNq5E6Fakmypj5GqB0Jf1VDgEPA0eKqJSGyCbVvq005l96ZWa0pJwJeMbDkKZKpcohT-ZWdgxG5uAk__iD0t8K9Hw368C7sL0EYJcZvikpjoemhCzcfgBwNxcExldfJsBtSRvHng6FMgkL7ppLyS6KwPJi0lX-deJ22EMidw0ptjZe0HfwSquEXEny5VdGrp8DKKmi7meeEyKs4uWlNs4W54TK2sheyE0H-hOtYkUZs1Xh8bfnji5Bhi_zbuDcicVPK7mQYJBTFPqTQB3Xw9BsF6v5xcGG-EGoeZprvgMbrBOiQwXmrarRJ0D9cgkrCtDgrt6OVY-RLM7HkooB-AtrxitQm2inVYcqMQ7sU1v6Cfnr0oGjCDBb0jvA9N0-2p9WaprqPzGt5V9S_gwRFlAghhBaLZz_c3XSS3lgkm5xvJRwnDXHAg7q-nZ4vRh9zafBPhxsPNUPF5F1ltYQ&sai=AMfl-YQB0UAXWOEWnsbLLPa18ufntoLsyPOnzviL8pSaBcAt2ldhxDCvZw2ysyeTJjVLOn8IuOmMe0nd0MtT51Ny2lphRdSKvvrxIUWMIktHdxHccJ-hKuJXext-FvBxZpI6Lvbo7qxk7gHuJ4rRNyq7cs5N2nYwN0wb0ofT6R-6CJnT93sbePAbBlgsGWvPt0DaqNsPp8rIsN0blRS_Dmut8_pcuKM_vsykveyDIsz36wS_WSv6GOKLBf90OFX9iLWq2L9EPHJzkffChMWXH4bKHQI5FA8UDlQw7Uoh&sig=Cg0ArKJSzIzZoqx2OD5rEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=914&vt=11&dtpt=599&dett=3&cstd=314&cisv=r20230530.03817&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:58 GMT
txt1.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt1.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e8cc86bb5670eae767a2add71d2acdbbc7adb4374e3416f02f9a368cd75e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
logo.svg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/logo.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1053
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
bg1.jpg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/bg1.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4f2a295d1c26949a94e4472818f3fd9734bb73118f3aa01f5a20ed3cf50d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86831
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
bg1_2.jpg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/bg1_2.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfe30957bf850e28b1bdf1123eebece20ba4af542a0fe63a93f7e16aaa9d2233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16228
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
bg2.jpg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/bg2.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5a640f7031ce17f8b5ffbbdba879028c6983aa841e66d82699868f4c9fe17fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7048
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7476 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMa5aHTB4ZL_qAoepgAfvmpZwAAAAADgB4AQC&bg=!ICOlI3fNAAZu7ficTu07ADkAdvg8WgFR6MMQ_J63wbkZrzUGlT0Rf1s9d_-DFkazQzO_-nYejYiF9cOTTpoRB4sTBotigYK6388CAAABPVIAAAAEaAEHCgA6u-H-GusF8hFsLtFy3XSfLCuhifug2X7VEXrFon52MbVORw4aeo-Fynj3x3lEsVe1e67-0VJz0newoZkDIhe-aMyAbXeDKiAe9U3-pQIR9_EArvIgNRWEhkc9KvZiIG6yLZJaP3qXlQmv1QbsecGpi204OLrXrlRHtFuxhz-KtLScD1rd-JTkU7BVgPJx-1gGEWdzbWmcLNrKPEPykX9paKQDAL606w6ozMGN_wU_E1WkC9kh5vf2GWmzzv1WcWpILiWyrM8qw5Bw47oxbG4qsxr5VNjCa7vDNXO2ik9s8WJ_TZAZ6D1iqZJ2jEIAMmihc5qpm_6eYHjsHu3zsM7d-k_QpBQedS449cyVT_ArJ1yOaSb16LfQYkblnnWhsVcPorOcBjDuJQqcnbGIiUqAbEWcWeFfq94e2vvYFb5_w-KCdN5vB4nowEDW-c9h0aB0aBhCLstqjRAhN9BW-q2X6NUL8SNum6gg4rg1msPkYqt6dRPD81B3A9YeRZ_rC9ljfKDxbgUTpHJSKtrFpflSK_pC-ebLdbpThpEp8kuUPXoaAeiYz-DSaSJkY07b-P7soNRM_-IhDs9EfsbMXyn2ILWDDuerlN-m0Q7IQ7flmhQet-W48jp12n7Clu0MjDwHxzFV3muaD9MzHC9cObLIeTtxXMqL99PjygD-AyebQaZshGeiSS4U5pYmTxIL-3RC5RIQCAj5_fPP_12df9C1BxzxgBSZImWqP3L-ouomE-BoHrCKOMHkseDN5P8fpNIMZrVj6b0th-MCmkCtmxHIua8Cs9yaAwlbUY24j8pBqT77xT1kw1YaDQ_rpz3G-_Q1iDZkoR7mvdcNYNcgNCD1co1IE-ZLANK7RbyoIxoQSaHDncX-KclQnhCQZOUqdoQjlWQ3G8gsMHHateGZDDhTpw-rWWcgF7Un338ZdIxevJ56g8RL0q-RxisQXu3kVk0hU1AtuN8IGo1-AAzl4zJk40lqynZCy05kctu8-LvPS1K8yI6RU5ZPpFGEkd8wauFw2U1R1WvZGIHFG1EYomPJ9powkNlmWqO6QNxhRsRObUNLTIRguSiVWf_cgp8x2a16LUoR-fcwIxrkwmKAZ5vbCQN7uA58TcMj3RksSnJBE_yYVMTG6xmmuo6cUD7pvxw
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 18C8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bh_sDHTB4ZNbUApbmx_AP7KmSQAAAAAA4AeAEAg&bg=!cXKlcibNAAZu7ficTu07ADkAdvg8WiYWnRxTv5onwg8v2Xmy9h0csSVd3wPwbwy7zvCqUiiN0ZHzqx65iF3VKJmMudj1qvjs9BMCAAABMlIAAAAEaAEHmQMuvlsYg_Ba1WJDiS3WiLkGSVXaCwJ1gc8bOVmEVzuo-KAOMWTHV8gEoqk72CKtPboz1mmv5T57rI98FmJ23gNJZe4B4r-HP69nmxcdvTcoDgIIVmlEIm1pwb0FrWqDxgDYflubN_QTka5cYp9LydUjOdGKgJxqnmuboDCZSzwsp4R-82MlSu76rMMHpr4eJneJGSA3CwIqibC7nqUY9RVlFHr7BB-CSggzhKDpu_1659VNX7CJxRxQs2KWjHosZVudUFsEKPJDkcPmZ1sXF1Zg-wRdY9akrK61TLnhP2NiTYDaiD96XZfKXOdZIS6HXAauEC2_tAGCi1coySMkr1pUvRv_vHTIEy88dkc-oACWbXxJoycQglqMncCl7okx6wnjtCIBAzAoviwkQqlYYVmbO0Ul2m8uKeLPL_z2sQbujFVwSFfpgQO2gKPMbaUtC7SOwd_I1rY-B6Gv9TrvvfuCZfuaGaRWEOOHDXFyFc9SxV13SgnebmkxBRoCa2GlrRpvGlIw4af3kCW29XEdNQGQm3U3aCUylXNfybAmDDpg8TX_RvtJDj5fsFQSIaJbOrpyH6cTEs9vy7rNxpyDzqIIZvvrcWKjszuXLZGZMXbo3JIihaCYacFgiVIp88C_baNrEPdHMKjXWoaReNpTdQwrqzDJAgYD-LKe2jLWThyRCWGYXCPE3q1_BOIAsgPptX2VRj2HsHbkVsSCt9uBn3j2LYMQBfN4M9NEWXCIYaNAdMptaHkdSt0azpsnKbvRoskqU1veHlXNkzc76_-jyx-c8jVM9qb4DUQLK1jSkEb-SXrTI3POr9WgyTk2-gRNMK51DIKsV2_NCf-52ARxM6o_ZxjNO-JNZOJ1_4Jn1Buooiv71YlxCYO_8LVFK7Nw0gI07uR52eHZDkYS3k5BEEqZqYAac8vqfz74N4ZTZpl_HAGxxuo33pV-neAuLUi8UmMBHZ2sAkvQpDE9skjzd76Vq-ji7sl3roarFihzrzxPk15ilJeat2vhWwXFiOV_yTZa1iZTt1gMxQQ43oSpuI176VT2ee5WbDItF9ZgoY8CK4VYtk26x-aKjl574ZqRaQ
Requested by
Host: cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
URL: https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D664 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1RQuY23nCMREU8C9uHyh7Wimx2vptrhJBgLfHW8bpZftGaRVxfIk1S5PgvrcGu12HXNJhcPAfcBuD6FRsxkWlxrGdN4-B2KzUjIAcHI08QOPdHT8j1oD1Kl342ITjjt7JePdPhVP7qfSag4Qey_MtxypoY0aPWkRdcyRK3oKCcPnCAywK7tFw0-FKyKePncyhDBxJsPdnaikhkQTgyjBCPtaTF2y4FxZw9MF-vFfzVNv56stNYH_tp1tYYa7XfKELf970zrhJbz15EUMpjnGxU_XKfVm5zgVIwpjGOcWMKJimQ9pD5ctoyF-RNTMo9gWSzVVo4JxBYfVRDSYU6Zky7VwLg9VC_lI7zdHHn1IW86BPEl57HMrMlQ39EMfmB1dIeE5bmmQevgeqpe8XP1mC7K-DIKadUYjJReO8reGCubxRrY_uuVj_9IyGf3RVrivhXqHwtFk0hjceFnNdM_x1pEFJQ36HT39Zv4hxK-w1A3SsLDrPGF_5Ih68Xy7JQDew4rwbKPBx2MHVzthz_90MtgVq8SygAoyOfOyLXmGtcsHP0RGNL93x_WGhM2B3NwXk1bxKz_OcUH5Jb5qiUB3MrC454u9uJswD_9FiVDQjjc-sJIPs4HDcDBRlBxY5BsIuINZ8bqd4tOpljsZXSnU_Ldgpt0SuGPJE76dyCWihjxgQOUX-e4f4XVoqtcth40pR3L930w-zrd1embVDr9dCzRY1Sgu_pL7-SgawMQNkTWc9SD1m5RPjFL30pEvmSFbVn9HzC9BvoJ7I3u7OUARqGeXI_SL2Sx_vpQzuVnIQjvvS2r43uUmA7dfkhf-HmCznPWiH6UL-ngP-uwab4srIrFvgSThgfTTJn7hsKC_LheIAnZz4fg7ak4lb78JBrMYg4LLt_WMu4MFO4_tDpz_8KzddJh7gBxrdSx9_P4SVy1mHOiEv6X8UIlvLAeRu8Y1FUsaas7wLIBKvojTemWYQVG_gAx2r0xS_mQdSi1unWGMm4Nb7jwTYRzQBPfr49kZmjuW7eO9QmoUvZQC_d6D9QZLOsGJZEojHe9rHPzfMQZ1Zz2a45cRfjHewjxNLy2ix5JTuB1dab7RXCjclwI2I7IUslCc2zEz0gSxkySBB8VNzD_D99R1YAWIAVk7SDTSHZZtL1VwOxZHJDvfADrSIVst2jrbLZ0abVQc91Ovd2MymK_MTjUh1qW4ndP3eQZgg-hB0EJRyBfJ65KlHzwRS4Y4xZ0SzI0OY7hZy8fiox2Eilp54yliMGh1ouQX8cIvfzINRT342XOBLBQ&sai=AMfl-YQ_7q_7_P-1DehLM-Vo3LxRTRV-WrqC7aeD30l1Xkd1IsnNs6tvNSTLzbMJnuCQQOTC9MgbZOPBtGBT-Lrx02jMNUcX5xVzkrqHXezWRcOThO1yHHLaC9QuyhNdwDudw_M_Dn89Mjy-QzhefahK494t625pXGy61thcKB8iViGPjQCQCMP8G_KRHz0qD3sJijWK0ecTJbYv9QRC5NHyrNTKNAHB5zLC-DQeMwzhjmqDCbB5x4877PPagIHQyJ4gSoJUIB0Hi_sB69beVtu6bXv_k1qqAdVzz1z5&sig=Cg0ArKJSzMh1-S5I4CO8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=890&vt=11&dtpt=618&dett=3&cstd=270&cisv=r20230530.01995&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:58 GMT
txt1.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt1.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e8cc86bb5670eae767a2add71d2acdbbc7adb4374e3416f02f9a368cd75e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
logo.svg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/logo.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1053
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
bg1.jpg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/bg1.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4f2a295d1c26949a94e4472818f3fd9734bb73118f3aa01f5a20ed3cf50d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86831
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
bg1_2.jpg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/bg1_2.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfe30957bf850e28b1bdf1123eebece20ba4af542a0fe63a93f7e16aaa9d2233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16228
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
bg2.jpg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/bg2.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5a640f7031ce17f8b5ffbbdba879028c6983aa841e66d82699868f4c9fe17fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:36 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7048
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:36 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 606F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRUrap8CMBPkfHNBCOb2IkpGa97UthPfoBpZYoawV3c8UFUJ63-sTJf3VZM62vxL20awZFo6WkylKgH82uJxVLUjizpr0cSvcj1g0DfZJCuOj5AKTgp1OrNYqHGdXyXT8BQc5ztg&sai=AMfl-YRmA7vzc0amteKlpMrbYDPmyje9nKUlyPIoWhwItrHcDvEhb5285YlwvxNozcqnX876qW8uEnoccE0ZAIQAlH6f7BR4eI8QKdnD5RVnzP0hbQKEyfD8tEIoGdLAE5cdRZwuX7LgnS3PwzRAVw&sig=Cg0ArKJSzCJeGILuVUBfEAE&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&id=ampim&o=1120,473&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=976&tls=1983&g=100&h=100&tt=1983&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C626 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOyIMsvxOgJzrJJKCl3YT8hq6aFAU9o0tNGzWlIYar-PdzHZ12HP72jLhCI9ueWHAlmlGYWy88MKZUMRdMr9_EK1MBBjaZUxsYntTmdZVXjhBj8fa7mUmMzFgzw_kjE3D2mMPIzA&sai=AMfl-YSd1y3dHoyZOaWCwuLB4I3b3UObYOecjuY6CdIHRqvRhq1bQCs8PjFvyyTQJNKOGmdVXoMcbiRMzYD2vSIGiwn3hj1otikucUcPpBeD_eXHiFEHcJMwijYQE38RM0wi3xOGiRW2bch7MnnAlw&sig=Cg0ArKJSzL8viJrR1qeOEAE&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&id=lidar2&mcvt=1001&p=5,315,255,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4012105087&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685598236262&rpt=1052&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C626 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuP4Gkn94yKAtV9Gn9THFtB_7IU2rl1aG781N04BytaXdwReFoPuMXRXcUO9FcI3dR5v2cD5VOnfwsMbKOkG5vmeA3NRjFuMJS_sO-tzmEbck5Duehza8BO_8Har6d-OtClti4Dqf2NG_W2rgmMOv5gvmtgGgZneBortdfw1OGWXDsYMFkZrjhxDpUrodUUbajnhWmtnDCcGkxU4ALzn8sbWSRU2S_E9HkQB_VpwoHulNNn9X7TxSKfTTyaSlI8DIqOjb6g1zdBIST0S3FRT_hBjn8XqDoqLlAv_yBNPdhlOes0BWtLwLnt_eyRyT2k1DU6XraLYjSkqP6cjWCpLnSz-y8-jNiMR-7-yQDmkbh2o2euLg3YtgRApZ_XJA6hI-HB6DVd8h8CHIw0jBmdO3r6iIyNhHCJW-5gtMKFI2UbzvskEM_iMO11-G_sT512Alx52jEVoQM3zuf1V1ZV94jGTUffnUgDdlq7IK55fhwNclRcqugb6ELyJsw0FE1XNPnfI9I4A9vyScujdZuYQyeLfzRC7XlHE9vDGJ7kPr4p7j8rRWC0tlm-yLz8IoQ0nHmBBWkVq_hBb7N6kxp4SlJ9kf4VJF-HZcnxuBPZD5UowX2_znrbdOUhZhhpAhcdZAWnwDP2afIAhc2iz6a3oxHu-59tUgta_GXUSyMqzkn_lJjn6BRGT0p6JBBe82f372EVASitXTDbF47omPcDE26-2YHC4Js2A5RuOscOZsT54o9LfA7eBixBi7y1lOUgYyPoNQlz02-q-CC9UTkiM5Y0GNeDPE8u-zr3JCpAUkyjo71GeT0dhgH0YtLEutaXpn69B93p2vvR89X3dW4FEPG7Umf6dF_Yq-nfL1rPCxUYdqg_G6Z3_1VRny43voWyOZLu_pMwgapok19Vx5lSNAyMIOR3R55GVklEwKO2LADGE5ko-guPXHlEUHO1TdCjkC7kbDACCVDTF9py4EU_1OCbOTZRCyz_mSlXt8Zj-4SmATDbtmVzxvvZ6ZafikCnhOd82A0fituioYaJq0WWKC6Q8OSYVlAX3vK-VCP7c_gYou761Xg9PHkeab_oHrUjm2tf00785vJNCz0JhXe4oZx3JKVGXLwk6ObVWVt6aXGikEEAqSVYnHnzc_htEmb6uuxzdqBndvpsWPg7ZPtfKmAgFyfIsoD5dvjMjtaswF_4sqs94BrKRjPINqbZqfle3M65HUzMOLDBflxyQ8mtrnWqK0tF1WjmX7Yxf3JwpaCcmSA807QFQR2KPg3WwEATgdCVB--lFIE&sai=AMfl-YQ8MaFWyqfaqrSGB5jW0Trri0jI009S7kuDATGmt5PMon20XO4KBwMg4Mf-awVpV-hZ-LDpKUUBtmBAQmcl1jsM_atTGZqLAYjlUsZJNYxidMgnaXJRiiXG5C_8Dz0QDYLfTD4LBm8cauGWWzPCYACNh3mTjJQg8AH2905ucYvPhRSiVxxDh78t9d5Pey4gKQ7XrZtMnb5ChsPC21iQjNfQAQEdbBS6rry0weOxHINkHQd_4lbBkwXen9zp-rCN7R_bHCDnGIofOdUuPw1Kb4nO6nCb5-NTOYws&sig=Cg0ArKJSzJsdnSnjnk0MEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1192&vt=11&dtpt=796&dett=4&cstd=393&cisv=r20230530.28291&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:58 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230530-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 01 Jun 2023 05:43:58 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
216
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1685598239.547769,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
3
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1138
links
api.userway.org/api/br-links/v0/ 		100 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.164.82.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-82-183.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ce68025aaa5088ef5c7ebd8184ae4b707a2b7d74484e5034453e3fdd6d5ad208

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jun 2023 05:43:58 GMT
etag
W/"64-KXbnTG3Z+LkUcbxt6RfgBMeErNE"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
100
x-service-version
apps-70fa83c1
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BBA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5WICRlHhwAaQsAVFOGjM5aCUV6A78p-9KVZKCBHt5meAYn7d9ndQ28wRywoc7aR0v7ZFFfybbq7KEWDG0W5ny3_HDipnvUWSHlK3S79YN4RrszJIZ-ylVBQ10PuFYailVqoFvSA&sai=AMfl-YRA4MpxaUof-ejgGP2tA_nmjvU1UeAsOYIF4QC2Kyg29nrysnqgq1X4EJNHygNzD8KRKM84D5ICkpmX_uvuTMSNYq9rigFI5Fvcd86abWVbFAxRptLpH8MGsizrgpCFyoZtowBgD7H1cgBXXQ&sig=Cg0ArKJSzNW-JarMQu8dEAE&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&id=lidar2&mcvt=1034&p=0,119,40,160&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2446443006&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685598236342&rpt=1093&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D664 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8tED9RAfnNTm912LJ1S--cS0j8jOnZHJTYO1e-yQuNtjR3wqob2eqwS2agd8nQV8qzRZn_4gEsWnzrWvVdCY3nh632eCJbSG8pdiSfzi16llqKnNZo5Up-MYMTmrkztR78XGV-g&sai=AMfl-YT5DwNoBNs6TrDT11nqrXio_ukmE8mS4IK-aiJzroEpTn8tRWOjsTLytl6sGezVijLHAV8--jOjkPhaXvbM9-ftLuN3616ITrzFVQKB-3AEJOnO4xL0vILwHht9ntPoADgvGD4mZj-vBfy_JA&sig=Cg0ArKJSzOd_jP3JgEWfEAE&cid=CAQSTABygQiDgAFWvYQK2tJz66A9SOiKCuZHqA_sjxMCu8sLzSD7LgHDjjmApwSTEmDCXmk8d_iPA8zXLGUdwxdWpZ2VoStFQnuzerYghKMYAQ&id=lidar2&mcvt=1036&p=0,1559,40,1600&mtos=1036,1036,1036,1036,1036&tos=1036,0,0,0,0&v=20230531&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=824806406&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685598236354&rpt=1171&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
links
api.userway.org/api/br-links/v0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.164.82.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-82-183.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
no-cache, no-store, must-revalidate
date
Thu, 01 Jun 2023 05:43:58 GMT
x-service-version
apps-70fa83c1
/
pips.taboola.com/ 		64 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230102-FRA
date
Thu, 01 Jun 2023 05:43:58 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=15f86cc6-961c-4042-b769-4846dfbe7c27-tuctb71b59b&uad=3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Jun 2023 05:44:00 GMT
cache-control
no-store
server
nginx
style.css
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/ Frame FFCC 		2 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f37b35441158c74a27389fda31807f6806785c8b0c4ca9b6c93b1ecd88e6c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BBA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=483889821536&version=m202301230201&ct=76&x=1&cor=7786001719015665000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/ Frame 9DB7 		2 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f37b35441158c74a27389fda31807f6806785c8b0c4ca9b6c93b1ecd88e6c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D664 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9406254499584&version=m202301230201&ct=76&x=1&cor=6463894400237433000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
txt2.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41dbaa51ee1b6a81f1fd3a9ac4adc41068e669e39ae336600c10d247ea8efb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 13:13:35 GMT
x-content-type-options
nosniff
age
145824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5779
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 13:13:35 GMT
txt3.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991cdeed3a031d0bacfaf1927b884b93e2e36eb71ab18ac2c201c17f7c21569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:37 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8401
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:37 GMT
txt4.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64c847dc6ef05e07043bfc50cbdb5c1e8de280877e7a40e9d03e7df0c56abd99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:34 GMT
x-content-type-options
nosniff
age
165865
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8547
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 07:39:34 GMT
txt5.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e452b9406fd885ae8136ef3beb319e451ce7a43627e528bf734f6f7aa905ed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 03:39:04 GMT
x-content-type-options
nosniff
age
180295
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10052
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 03:39:04 GMT
disclaimer.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/disclaimer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b140186ec8368d335681fb0a6e871323c01ee0d72d0b66a68f0f2f4f2002daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 21:34:10 GMT
x-content-type-options
nosniff
age
115789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11303
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 21:34:10 GMT
stoerer.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cee1f330570c0aa32c71f8b95f63770540140a52fbc885cc3796c0a1eccb946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 05:26:01 GMT
x-content-type-options
nosniff
age
87478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4508
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 05:26:01 GMT
cta.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf37ed902f7b08d2b1187f9aacc5c4140d146747073a3164c25de37141d53ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 18:02:00 GMT
x-content-type-options
nosniff
age
42119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5362
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 18:02:00 GMT
logo2.svg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1053
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 01:08:28 GMT
legals.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame FFCC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/legals.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e104a973da1c30632261c23c442b794dba8508925ae0942d2ab8b74359d265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 05:26:01 GMT
x-content-type-options
nosniff
age
87478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50338
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 05:26:01 GMT
txt2.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41dbaa51ee1b6a81f1fd3a9ac4adc41068e669e39ae336600c10d247ea8efb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 13:13:35 GMT
x-content-type-options
nosniff
age
145824
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5779
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 13:13:35 GMT
txt3.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8991cdeed3a031d0bacfaf1927b884b93e2e36eb71ab18ac2c201c17f7c21569
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 29 May 2023 07:19:37 GMT
x-content-type-options
nosniff
age
253462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8401
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 May 2024 07:19:37 GMT
txt4.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64c847dc6ef05e07043bfc50cbdb5c1e8de280877e7a40e9d03e7df0c56abd99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 07:39:34 GMT
x-content-type-options
nosniff
age
165865
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8547
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 07:39:34 GMT
txt5.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/txt5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e452b9406fd885ae8136ef3beb319e451ce7a43627e528bf734f6f7aa905ed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 03:39:04 GMT
x-content-type-options
nosniff
age
180295
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10052
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 03:39:04 GMT
disclaimer.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/disclaimer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b140186ec8368d335681fb0a6e871323c01ee0d72d0b66a68f0f2f4f2002daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 30 May 2023 21:34:10 GMT
x-content-type-options
nosniff
age
115789
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11303
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 May 2024 21:34:10 GMT
stoerer.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cee1f330570c0aa32c71f8b95f63770540140a52fbc885cc3796c0a1eccb946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 05:26:01 GMT
x-content-type-options
nosniff
age
87478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4508
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 05:26:01 GMT
cta.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf37ed902f7b08d2b1187f9aacc5c4140d146747073a3164c25de37141d53ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 18:02:00 GMT
x-content-type-options
nosniff
age
42119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5362
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 18:02:00 GMT
logo2.svg
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/logo2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 01:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1053
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 01:08:28 GMT
legals.png
s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/ Frame 9DB7 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/img/legals.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e104a973da1c30632261c23c442b794dba8508925ae0942d2ab8b74359d265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14343367996637162272/23-IWE-EV_Range_23-Skyscraper-160x600-Range_IONIQ5/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 05:26:01 GMT
x-content-type-options
nosniff
age
87478
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50338
x-xss-protection
0
last-modified
Fri, 19 May 2023 14:50:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 May 2024 05:26:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C626 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9240759081877&version=m202301230201&ct=76&x=1&cor=12343950399478706000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:43:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.php
stg.truvidplayer.com/ Frame C8A2 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=743&wid=3316&cb=7258.480622042655&pid=2384&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3316.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-89.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
3c89d3dbb4e1b421bb7d4b236c8d70f6568d700141dc425d4fb389c41c10679f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
gzip
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
x-amz-cf-id
9CdgKXBFtMUeeK_rdGbyj7Gas3bShwA1KsbC7I9aHtY2TI7VbfAVPw==
view
securepubads.g.doubleclick.net/pcs/ Frame C8A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBh8NKt9LgRpK3vnlqLltkGjCcjB4h0jFxaKVgOZ9nhLbkix0Mhk74GAxxTMKXc3ITXJJv83qt2t9wQHOq8AHeRsP6atTek46cv7ou7ZWvYR88nzqsB4quq6zsPs7ehv9QkD8AVfsAjW7fND-pxT1tbuO07xyX-Ibg15c9Ew0TWPUUazfWqLGUqDR5evtapVqt547F8EQmVN_GDRR4moYUBhsYraAjA1VupAGx7q03uufLXnVVTkr4d47glR7YlWQxmoWZrw5884IDZTfcpr3xvMi1PRlteJfMe_y_pa_O4v7Xfgzyo89D9Mx4Dw4B2-zCwDv8rvU74uA5RJWmxLJLmuOS2-Z_wORFATO1kWd_hQZdmQ&sai=AMfl-YS_a3iUmgGEMT4bvzittymPA9nGUITQbguZjpzF16Kf_xwYlrTFRvHCT63N9TgMT6zzWE28SZz1UOx3CrLkNdncpjgu1daCdQXH5m0f8lEIK65yqiDzOweFQlnMOXjhO1tVgw7jJ_aLmDRDfV0r&sig=Cg0ArKJSzKvvqA5lIII9EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:43:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51759e982746e820cc0a88d3b55f6208f88a459fb456a949fcc3161be7967b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11105
x-xss-protection
0
feedback.php
www.facebook.com/plugins/ Frame 5E65
Redirect Chain
  • https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dw...
  • https://www.facebook.com/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.ve...
  • https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.ve...
331 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=4775e7da62ac7bf030f15568e658d29c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
59c0989ad42ae03e74b50cfd3c23b25eb973a2a1dab7e9593893bdf1edeedc2f
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Thu, 01 Jun 2023 05:43:59 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
8Pq31K8H90ejWQ7kMZO7GZBcgkxH6WwvDSDgi2vo+8XlZGGDaUEoa5zAr/aJ7dcs4GGOQfcWuVvnRNpmf64cXg==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 01 Jun 2023 05:43:59 GMT
location
https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
origin-agent-cluster
?0
priority
u=0,i
strict-transport-security
max-age=15552000; preload
x-fb-debug
dg9ZI/0PoaQ7Obs1EEVra+jc7D36MJXY00PA7qDU3mUzcxb2A2galhBXdsfIzyUYfTHlFNPm15spv47HHbcRUQ==
nav_menu_helper1685571097325.js
cdn.userway.org/widgetapp/2023-05-31/remediation/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-05-31/remediation/nav_menu_helper1685571097325.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 01 Jun 2023 05:43:59 GMT
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
73
x-amz-server-side-encryption
AES256
x-cache
HIT
x-77-cache
HIT
x-age
26726
x-accel-date
1685571513
x-77-nzt
AcO1rye8PBP/ZmgAAA
x-accel-expires
@1711491513
last-modified
Wed, 31 May 2023 22:15:04 GMT
server
CDN77-Turbo
etag
W/"8ad50e8de84df6abb8cb9fc3765b5ba6"
x-77-nzt-ray
25b021312677e8c71f307864af14672c
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
VmsDxK2N9D_sVfO5qC2u5JbztU6zmZi7rG3uJrfPsgDM4_VQPJgDog==
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
86400
cf-ray
7d052466aafb1d96-FRA
content-encoding
gzip
content-type
text/plain
date
Thu, 01 Jun 2023 05:43:59 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type
application/json

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.vesty.co.il
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7d052466bb161d96-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1777225161&t=timing&_s=2&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&dp=%2Fmain%2Farticle%2Fb1ybxzs8h&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%20%D0%BD%D0%B0%20%D1%81%D0%B2%D0%B5%D1%80%D1%85%D0%BF%D1%80%D0%B8%D0%B1%D1%8B%D0%BB%D0%B8%20%D0%B8%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C%D1%81%D0%BA%D0%B8%D1%85%20%D0%B1%D0%B0%D0%BD%D0%BA%D0%BE%D0%B2%3A%20%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D1%82%20%D0%BB%D0%B8%20%D0%BE%D0%BD%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%D1%87%D0%B8%D0%BA%D0%B0%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6790&pdt=20&dns=0&rrt=0&srt=628&tcp=45&dit=2370&clt=2500&_gst=2753&_gbt=2963&_u=aCDAgEABQAAAAEAAI~&jid=&gjid=&cid=1907318486.1685598236&uid=0&tid=UA-5536870-20&_gid=829797926.1685598236&gtm=45He35v0n71NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2023%2F06%2F02%2006%3A43%3A56&cd12=Article&cd14=50.Vesti-13160.VEconomy-13236.Vmoney&cd15=%D0%94%D0%B0%D0%BD%20%D0%A0%D0%B0%D0%B1%D0%B0%D0%BD&cd16=2023-05-31%2020%3A44%3A03&cd17=2023-05-31%2020%3A44%3A03&cd18=&cd19=b1ybxzs8h&cd21=356&cd23=Eli%20K&z=1698001409
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 May 2023 09:02:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74507
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305250101/pubads_impl.js?cb=31074978
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Jun 2023 05:43:59 GMT
ins.js
s.trvdp.com/scripts/v5.802/ 		476 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.802/ins.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/3316.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-86.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fdbb7173df58151a3b9cee1ad593e7ad40b39584dc4599357d62d565fa90e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 01 Apr 2023 04:20:11 GMT
content-encoding
gzip
via
1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
last-modified
Mon, 13 Feb 2023 13:09:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5275429
etag
W/"af85b8e97ffce21514cfccbb7a8c96a4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
QHVBdTiwo0Ld1OLZ4LcIyFlvwE4_HXRRm-_XRPR9IsUcsyWouvGRjw==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D81 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9319
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 03:08:40 GMT
expires
Fri, 31 May 2024 03:08:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D843 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
40d04ace125700e72bd35044cd03b212e06be6c36b0c96b13318cf6afb92f3db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b9pjpFfF_6tfZga8CRbuuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-b9pjpFfF_6tfZga8CRbuuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 05:43:59 GMT
expires
Thu, 01 Jun 2023 05:43:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
pagead2.googlesyndication.com/bg/ Frame 6D81 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PgBC2f7uHk75qvgedgDQJ2LGmE-oWuLtehAbI8jUKVY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 31 May 2023 06:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
82254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14781
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 May 2024 06:53:05 GMT
Mk94vMMnE0_.css
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/ Frame 5E65 		721 B
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/Mk94vMMnE0_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8PXgZwd+47LIQZAIO7K6FA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
393
x-fb-rlafr
0
x-fb-debug
t/p/49KvIIF+Nc4nmAjR7Wlmh9x4uy+NlE4O3Qqi9v7K9pEfwuO6yzWK6DVM5JAyNfuETBBOX/jL+dC9MUxH0g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Thu, 23 May 2024 22:58:00 GMT
_qHCM0GC8i1.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/ Frame 5E65 		122 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c75b0d6862aafea13a1ad7f4779ea4f47a058be8aed60c15cf32dacea3e3acd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tm6JBE8h8l6bBfgsWgb4iA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19947
x-fb-rlafr
0
x-fb-debug
KLYY1cbbrFF+0DDkHICPbX+wWsKazsKm4ySN5Pv7J8ps1BDoqUSGOhlSwlSOgy70XhtbrpjxLdfImT3ibleR+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=0
expires
Fri, 24 May 2024 01:45:23 GMT
ieFmvuml2gZ.js
static.xx.fbcdn.net/rsrc.php/v3/y7/r/ Frame 5E65 		307 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y7/r/ieFmvuml2gZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0ee77e6f6023a7d56c375a41920b9be9fcb5e66827eee6c645c19364726373d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Yng1/TxPPBHuP+qVdHg8AA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
81976
x-fb-rlafr
0
x-fb-debug
BsE+86ckpDwEAqdWmzQ865DP6rh8u7yAIlVTBNhkTM5HWSATXHXcV0G0aw4A+c0Sj2/nhWdpr/iuzsPwp6ngjg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Fri, 31 May 2024 00:15:09 GMT
tC7o6i9hW_P.js
static.xx.fbcdn.net/rsrc.php/v3i6l24/yj/l/ru_RU/ Frame 5E65 		152 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i6l24/yj/l/ru_RU/tC7o6i9hW_P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3f193224eeeb5f48f83a59e39969eb2499143b9e3eb349ce05a4bdf0ea6be2ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JalJYE1K8zw7+mQmwpnATg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
44235
x-fb-rlafr
0
x-fb-debug
nEfW8gqI+EDRk63RUZUTzauil4QrFp+nI+4u4lsNj10mRCJRFW42xxB/aa8bqv+wzbAiowv/imiqFtc0DQP+6w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Wed, 29 May 2024 20:13:28 GMT
eF0GlvterHk.js
static.xx.fbcdn.net/rsrc.php/v3i4vJ4/y_/l/ru_RU/ Frame 5E65 		1 MB
278 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i4vJ4/y_/l/ru_RU/eF0GlvterHk.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42000dec13a6aae21e66fafa14ea2e0bbcce998c9add7b3b1c79cac7fa9fb469
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
O80UKKuXBPc3B4gzo3FeWw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
284369
x-fb-rlafr
0
x-fb-debug
TDBfNOW5OYe3rTGIfNuDMp58JkwlzaLi2U6qG+x0WzuOS7zoH38GzSC2UPE1LDKPHaCy9GRsuU0e7O3khWBEyg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 30 May 2024 21:20:23 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 5E65 		507 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
x-fb-rlafr
0
x-fb-debug
J374RapVad6m0YC/w4JhHWRdfoJP0DSj/wcpL1hWaXfmd1xqwhMOs7rrZcddU/fcgDcw7Q05N9rJzxxGOFln/w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 23 May 2024 00:18:53 GMT
zCrhGdiyUV6.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 5E65 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/zCrhGdiyUV6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04a6c8bef417b9a27f9319e3740ab8947e774de7dc8acce089e28071954636b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fNcaSNrYTrVbfiASojXPDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14184
x-fb-rlafr
0
x-fb-debug
KC8H9sd9USf7nKUGTQAJnSH2yDVWp+ufYyCG0LRlRDCTCcaY1F3KC//UQ+kRjW30Tz5KGSHrjlfDENIt5krYOw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Wed, 29 May 2024 04:01:01 GMT
lRow5ikYhwr.js
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 5E65 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/lRow5ikYhwr.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6C415KRq9MkmtWnj/x6u5w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16036
x-fb-rlafr
0
x-fb-debug
Q6fV6sC5yigzKfHBAB7rzvcu5gHanbfR8PfwA0nBlqYUa+QBle63+Y4LoBiFJJWn0Mwhr3yII6B5SmcVDQOZyg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 23 May 2024 22:19:40 GMT
pCKDMGW8ZTz.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 5E65 		283 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/pCKDMGW8ZTz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
655a9b6d56c1e4ec552e1dabb26b40499f72e081ae07a2455aa4b6fc3a6832c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jTW5v35m8FGie6Na0Lwr5g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
175
x-fb-rlafr
0
x-fb-debug
Hc7i9rGRH3HMchaSLYHwmUIn3HHzJU7kBjzc+F8roXVN8VnszEkIKvqpqj04nLYcbpnn2+Z6QvEZLbn2ZFFgWg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 30 May 2024 12:08:06 GMT
R9MQJLanQrW.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 5E65 		1 KB
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/R9MQJLanQrW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e38a0b83d916f6202f122793ab33382b5f66d6d771619831e42e8324f89e73a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
n0dNZpuYijw/B78jZhPW+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
518
x-fb-rlafr
0
x-fb-debug
T+xQ8iDw2hDe9FWBHeQH9MCZbnH3SRXvssOM6gARKC7EDoYgKShu1AkfXQUzCUA/0rIX6ETyzf4FdeKPkGfDgQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Thu, 30 May 2024 12:08:06 GMT
2l9FUzlQsL2.js
static.xx.fbcdn.net/rsrc.php/v3i8C14/yW/l/ru_RU/ Frame 5E65 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i8C14/yW/l/ru_RU/2l9FUzlQsL2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
510e43765cd2cff920a21e25df0292564c6c06682fc5d4f4f17ec62266d58e50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0oH3WsH+bLppeDPCj/SF6w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13106
x-fb-rlafr
0
x-fb-debug
FWbhaBT5hvZRvlX9R7+HqPpSe2eKfNWsY6pc4Lg2QCBLKAo7t14hcbDU1o/iKAAqXHH4UTCY/LAljJaGl/e/fA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1
expires
Wed, 22 May 2024 20:48:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D843 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305250101&jk=3894130574439625&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
3316.css
src.trvdp.com/css/743/ 		680 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://src.trvdp.com/css/743/3316.css
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
903a1b70c8c6476cddaed2b1f98ec5589d069e06660dcc14a6a225842216ccaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 07:56:41 GMT
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified
Thu, 19 Jan 2023 12:22:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
5435240
etag
"c4b6ffd029863e333b56e87895cfda55"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
680
x-amz-cf-id
FGJbEdLfnMAi3jiDDGhd6pihv8-X6nzfVWQ4e6Pv-u68yZ39ZL6koQ==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123025
x-xss-protection
0
expires
Thu, 01 Jun 2023 05:44:00 GMT
pixel.gif
p.trvdp.com/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=vH9hCEqna9lXfr03hmb9TzuJ2+UBd4Z7wi58mbbOtoYJcwBwcZ3zYCmXm4rLTettsItiOiU/KGJlwCkQALQr27ZWWif0Rw4TXXnQEhDXfAZRaO13NGBT6H1jI8JXvwPdIYaHTKf9mzP5JMSR4Ng+tjlMSMQutkINtaKoFZFckZJpTKPLlIyExiQmMA/eGcrhFEluhugaRXIPF4pzvErve9u97dHpltIgCHb+6ZJhKq2WemEAK8cKAtL+W7D84AuF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.81.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-81-121.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
server
nginx/1.6.2
4d5f7872fdff82393dd07d7b4becc3a3756d094e_2.jpg
src.trvdp.com/images/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://src.trvdp.com/images/4d5f7872fdff82393dd07d7b4becc3a3756d094e_2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5a40988d01fa1b8bfa5399d25fbe99975275d43b066f7573aa6395812e13180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 28 May 2023 09:28:53 GMT
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified
Sat, 27 May 2023 07:59:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
332108
etag
"c7a26e374a94d23e927f4adfd0cf78b5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
49023
x-amz-cf-id
laT41S2rr1sxT6g2qXO4jift3Vxe1f6wHFtbiwm29hEed3xoFHLKrw==
truncated
/ Frame C8A2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dcceb7c31d2b797f56a67dc5e0f3e891fd48cbc07cf4ea601910da39ca47713

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
4d5f7872fdff82393dd07d7b4becc3a3756d094e_2.jpg
src.trvdp.com/images/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://src.trvdp.com/images/4d5f7872fdff82393dd07d7b4becc3a3756d094e_2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5a40988d01fa1b8bfa5399d25fbe99975275d43b066f7573aa6395812e13180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 28 May 2023 09:28:53 GMT
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified
Sat, 27 May 2023 07:59:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
332108
etag
"c7a26e374a94d23e927f4adfd0cf78b5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
49023
x-amz-cf-id
-mSmzNIpxsHjLSucEdLjauS2JahLGxrVspvks9tq8pIWLvCP1M62Rw==
supply
events.browsiprod.com/events/v2/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=0cf6981b-a1c8-4c5c-ab86-5ffe7a86bdad
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.53.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-53-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:44:00 GMT
access-control-allow-credentials
true
usync.html
eus.rubiconproject.com/ Frame 99F8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
281 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-211-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Thu, 01 Jun 2023 05:44:01 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 01 Jun 2023 05:44:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server
AkamaiGHost
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
bridge3.575.0_en.html
imasdk.googleapis.com/js/core/ Frame E820 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
258645
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231096
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 29 May 2023 05:53:15 GMT
expires
Tue, 28 May 2024 05:53:15 GMT
last-modified
Mon, 22 May 2023 19:34:41 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Jun 2023 05:44:00 GMT
v.php
stg.truvidplayer.com/v5.802/ 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.802/v.php?st=jC-RRQKEUn3rsieGncvqHA&e=1685684639&ver=5.802&adid=dc4ad&videoUrl=//vid743.trvdp.com/media/4d5f7872fdff82393dd07d7b4becc3a3756d094e/hls/4d5f7872fdff82393dd07d7b4becc3a3756d094e.m3u8&height=464&width=824&pageHref=https%253A%252F%252Fwww.vesty.co.il%252Fmain%252Farticle%252Fb1ybxzs8h&videoId=4d5f7872fdff82393dd07d7b4becc3a3756d094e&d=vesty.co.il&wid=3316&suid=743&env_browser=Chrome%20114.0.5735
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-89.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
72b37ec23ed359a8b2da02ada434ff798cab5fd01f1952a8afc914e638d636b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
content-encoding
gzip
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
x-amz-cf-id
NWzmggZXuo1PqQeymXod48wATtS97eVOufIihWpBvaLxmJ5yPoJNKQ==
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=85YOAbUIBqbNaJDlc7jE4TuJ2+UBd4Z7wi58mbbOtoYJcwBwcZ3zYCmXm4rLTettsItiOiU/KGJlwCkQALQr27ZWWif0Rw4TXXnQEhDXfAads+4XTSjenia+JyXkHX45pjZcoyXosVO2Dij6RwAuM6ECLSExf4OyoH3VTtQRordajkyMP8HP4DA4tYj46iaut24unz1TpodOVDUJ/wg3fT80hvN4O+R6q3QrxA4tRbCgTYffFZrctFjNUQcux98BIVJSow0eVak5ggJKpynLcw==&cb=40486516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.81.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-81-121.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
server
nginx/1.6.2
RrTv1CW2D5U.png
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 5E65 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/RrTv1CW2D5U.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a558097700b7d43ab370181ad21f135afd5318e000a2844c5d2bdca97d6ae8ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/0,cross/_qHCM0GC8i1.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
x-content-type-options
nosniff
content-md5
/VHakIX1zd7YWIXa1Ya6RQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
59596
x-fb-rlafr
0
x-fb-debug
InJaYGcnm33fRLB8unmC+RvEh+Tpbu3VtOt5mfuZ1hGVHCLk3B7KVV/k0FSdroCYnw0kh3sO4z+25RXL/DtdGw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 23 May 2024 23:51:29 GMT
odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 5E65 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
x-content-type-options
nosniff
content-md5
8E8V7SJfv5OQxsrCIaL7hQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1131
x-fb-rlafr
0
x-fb-debug
85tM2QlmOj4gH6yAkhX8HXCr7o2nDTRAW01Jy1ucPmby1TGmMIwd30ICnvfYEIaF2csqpKfTwS/fRE8d7/6CTQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 May 2024 02:57:58 GMT
248191800_600141064441407_6068646631046862369_n.jpg
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-1/ Frame 5E65 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-1/248191800_600141064441407_6068646631046862369_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=110&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=b8XsZTHiiSYAX-dJw2V&_nc_ht=scontent-lhr8-1.xx&edm=AJqh0Q8EAAAA&oh=00_AfBRdkB_5RVECAJ_BO9XFseM8MoIQV65VUdsrwFCJuYR0A&oe=647DEA85
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37c3d112103bb%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ff9448cd880bf44%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4017512b0037bc61e80b775adbecc701e7e61f01dc4914f2f7b4062ffdb30a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-haystack-needlechecksum
3556106016
date
Thu, 01 Jun 2023 05:44:00 GMT
x-fb-trip-id
1679558926
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Tue, 26 Oct 2021 05:33:19 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2963386255
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
780200337
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1408
generate_204
tpc.googlesyndication.com/ Frame 6D81 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-AGoNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=zAka42CzI1VnO00vt/1Wf89C27aGlOzOPg2vchKw07zy1Wyb5NIuH5kqJv8maA9emSFkMJQeXdTnA50c8u43UVlCpxDwEoQOJaRPn2nY6VSfpjrBwEUqkKnd03DcC5GbthJxT+gJblKnQXRL710nNmfpL8LTdq+dQiRY06jvDjCPfk2ZfWSczTZPd8EKyvt4pv0S7ijpsu31fk4KZ8kEUs/hgFeJXOAPZrZFDeqV7++QoABGiBvU1y/e4UOglIWNjElrtGsUX5V2A7qimddqlRdx2TrLQ3zb9R0KM0GHl8XeSIqpNPWTSR4CFNMSO3sdWgxSZEIttmClCQeqDnV5Cf3O/9Fb/9criedVzUyA614=&cb=16718544
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.81.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-81-121.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
server
nginx/1.6.2
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=9pKYuW1jcevR7rE+DNcpU89C27aGlOzOPg2vchKw07zy1Wyb5NIuH5kqJv8maA9emSFkMJQeXdTnA50c8u43UVlCpxDwEoQOJaRPn2nY6VSfpjrBwEUqkKnd03DcC5GbthJxT+gJblKnQXRL710nNmfpL8LTdq+dQiRY06jvDjCPfk2ZfWSczTZPd8EKyvt4pv0S7ijpsu31fk4KZ8kEUs/hgFeJXOAPZrZFDeqV7++QoABGiBvU1y/e4UOglIWNHR0ibTWNzD/82S2UXaQMR9sKyxMcBAwV/1VP+m9mVD7eSIqpNPWTSR4CFNMSO3sdWgxSZEIttmClCQeqDnV5Cf3O/9Fb/9criedVzUyA614=&cb=04375240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.81.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-81-121.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
server
nginx/1.6.2
ads
pubads.g.doubleclick.net/gampad/ Frame E820 		1 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F6870%2Fvesty%2Fdesktop%2Ftruvid_ads&description_url=https%3A%2F%2Fwww.vesty.co.il%2Fmain&tfcd=0&npa=1&sz=640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3894592549050529&vpa=auto&sdkv=h.3.575.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1081767755&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.575.0&sid=4557A319-B012-40B2-8213-FAB8D069D3CE&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&dlt=1685598233854&idt=6740&dt=1685598240740&cookie=ID%3Dc8f55f599d9b6a92%3AT%3D1685598235%3ART%3D1685598235%3AS%3DALNI_MYkjiZqn1ySYxU1rLC-A_TOhZ_6zQ&gpic=UID%3D00000c2aaaf9d694%3AT%3D1685598235%3ART%3D1685598235%3AS%3DALNI_MaBqDx-xSpK0I9qh93CxEsxScExDA&scor=3805721027177209&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ff01df04f197d9059376051c0b1bc8c667dac83b361064b2066c0486b25df7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
772
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E820 		93 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F6870%2Fvesty%2Fdesktop%2Ftruvid_ads&sz=640x360%7C640x480&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fwww.vesty.co.il%2Fmain&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.90%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=217&min_ad_duration=0&max_ad_duration=600000&ppos=1&lip=true&sid=4557A319-B012-40B2-8213-FAB8D069D3CE&adk=1081767755&correlator=3894592549050529&ctv=0&dlt=1685598233854&dt=1685598240925&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=6740&is_amp=0&npa=1&omid_p=Google1%2Fh.3.575.0&osd=2&ptt=20&scor=3805721027177209&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&vis=1&u_so=l&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.575.0&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70%2C728x90&kfa=0&tfcd=0&crcaps=1&crcapp=1&top=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&loc=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h&cookie=ID%3Dc8f55f599d9b6a92%3AT%3D1685598235%3ART%3D1685598235%3AS%3DALNI_MYkjiZqn1ySYxU1rLC-A_TOhZ_6zQ&gpic=UID%3D00000c2aaaf9d694%3AT%3D1685598235%3ART%3D1685598235%3AS%3DALNI_MaBqDx-xSpK0I9qh93CxEsxScExDA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f010fdfa614f65771a8385b794fc7b6a8dcc6894197a6fab59a6d67767f6033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17750
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E820 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~licpo6d4&c=8574531301821&slotId=4287265650910.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=AyrNxJlY13U&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4017:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E820 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~licpo6xr&c=8574531301821&slotId=4287265650910.5&qqid=CPT2jOOuof8CFQLRdwodW9gL4A&gqid=IDB4ZI7ROZyZ3gPb5ayQAw&fb=ima_html5-lima&sdkv=h.3.575.0&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&met.4=ghmsh_s.licpo6xv~ghmsh_s.licpo6xx&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=720x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=kKxS4OLrI9sXwcoh
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4017:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E820 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.575.0&e=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&id=ima_html5&c=2603367335106322&domain=www.vesty.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame E820 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-9314111824787632
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:07:27 GMT
x-content-type-options
nosniff
age
2194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 05:57:27 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame E820 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpK2HIDB4ZPTmO4Ki3wPbsK-ADrvIse9wm4_b96gRsJAfEAEgoa-vK2CV4pCCoAegAbDvk4YDyAEF4AIAqAMBmAQAqgSXAk_QzJBafkSswFsy6lEf8yaadY3z-EZp85uxPURVycXhtN9IdLxWtmBdKkZiCiuJKw-nvMu6-gbP_8m4eFL4elI43rg06bnwKJ1iU0Gi8IwKiJhsD5XfAVdYBRSGe6EjkCb31-t2m_74rQg7I9xlRyRCr1RVbGyyqTFi51mcBjCNyWed-gW5javPlg1-QoGd2IsNjOxPliLVUw1nP4vJLkSpXRBjiYewGKn3VGLb99ha5XfzSoZjf9YfeV6JVz8A_lJ_wsw4ur0O8Mp0U75wlkskQazYGJwB1kJZ3g3UZ9B28WAP_fBGO8_61kzHDETA8RyBMEgSIYywzYpsy2f3pZ7LbXbJkyAASm_3xah2YYiN8XwZBves-8AEz_nDiKoE4AQBiAXvzNPxR5IFCAgDEAIYAVABoAZUgAe4kOx5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcBqAgB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJGmh0dHA6Ly93d3cuZXRvcm8uY29tL3N0YXJ0sQkJktbeU1rog4AKA8gLAdALDuALAbgMAZoNAQ7YEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=t0xUYNFdbz8&label=show_ad&sdkv=h.3.575.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5NTEwNDAyNDQ3NTIMNjU2MDEwOTQ3MTg3QPICUiMQDyUAAOhBKAE6C0F5ck54SmxZMTNVQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame E820 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cq8CcIDB4ZPTmO4Ki3wPbsK-ADrvIse9wm4_b96gRsJAfEAEgoa-vK2CV4pCCoAegAbDvk4YDyAEF4AIAqAMBmAQAqgSUAk_QzJBafkSswFsy6lEf8yaadY3z-EZp85uxPURVycXhtN9IdLxWtmBdKkZiCiuJKw-nvMu6-gbP_8m4eFL4elI43rg06bnwKJ1iU0Gi8IwKiJhsD5XfAVdYBRSGe6EjkCb31-t2m_74rQg7I9xlRyRCr1RVbGyyqTFi51mcBjCNyWed-gW5javPlg1-QoGd2IsNjOxPliLVUw1nP4vJLkSpXRBjiYewGKn3VGLb99ha5XfzSoZjf9YfeV6JVz8A_lJ_wsw4ur0O8Mp0U75wlkskQazYGJwB1kJZ3g3UZ9B28WAP_fBGO8_6jk0NbkySGT4T_I22FXgUyXXv46lcpbzBu3_ni97p0Uc5ZH5dTZBDEcAt8sAEz_nDiKoE4AQBoAZUgAe4kOx5qAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDEyK4BqAgB0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAcITBhiw75OGA9gTDNAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQyMDc2NTc5NzExMjY5MzAYubMN&sigh=JcyH18vjMuY&cmd=Ch1jYS12aWRlby1wdWItOTMxNDExMTgyNDc4NzYzMhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSPABygQiDebtHE_y-mNtiPzpFnklXjP53PIbjxFjY8fVbuUTt8wsO6h3-f7bXq5c_dX_6fcgGm1XM251AcBgB&vt=10&sdkv=h.3.575.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU5NTEwNDAyNDQ3NTIMNjU2MDEwOTQ3MTg3QPICUiMQDyUAAOhBKAE6C0F5ck54SmxZMTNVQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=LWdu79Fz7NAkIWMnK1aBMjuJ2+UBd4Z7wi58mbbOtobM+TNwODp6LmtXDKGF+MUvs6spJJL6RJUadkyRSGYA3rCLYjolPyhiZcApEAC0K9s/RyhwKq4laeh36GOXnPzX1+OzhooxT6dYE0Xg4miH11J8wsbXCf0QLGJX9eZ4/T7USXXDc2W8svAnoUVKIlaJUT8g42+tdE6ygdbucfSmkXcO9+YtdV9Ed9W7Oy/kygFrq3h80CaWbeBB5rwbkpbiMZeZhO82eiyveqtoAXKPRsDNmQrmtWZfAXm1+5lWClX17db1X/0ybso0hdEGGZGNIiJWpWqQ/HGnGwMdkQnM95obJwgM6lTgkc9KD3lWenk=&cb=37617826
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.81.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-81-121.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:01 GMT
server
nginx/1.6.2
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~licpo64c&c=8574531301821&slotId=4287265650910.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4017:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-5hnekn7z.googlevideo.com/
Redirect Chain
  • https://rr1---sn-5hne6n6l.googlevideo.com/videoplayback?expire=1685627041&ei=ITB4ZOC0DZDEx_AP_66o6AQ&ip=2a03:1b20:6:f011::2e&id=032acdc49958d775&itag=22&source=youtube&requiressl=yes&mh=y7&mm=31&mn...
  • https://rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1685627041&ei=ITB4ZOC0DZDEx_AP_66o6AQ&ip=2a03:1b20:6:f011::2e&id=032acdc49958d775&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=...
9 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1685627041&ei=ITB4ZOC0DZDEx_AP_66o6AQ&ip=2a03:1b20:6:f011::2e&id=032acdc49958d775&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=29.930&lmt=1685429352202729&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgPbjj0HHBSKZl2aZjizDyfAW0RBKht_jMa_udcZpB1lMCIQC9v4h8RrK2ewQTMEcG9Rba6eReiGOdQqN394z-zoo3aw==&cpn=kKxS4OLrI9sXwcoh&redirect_counter=1&rm=sn-5hnezl7e&req_id=190c4974bfd136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=y7&mip=185.213.155.145&mm=31&mn=sn-5hnekn7z&ms=au&mt=1685597814&mv=m&mvi=1&pl=24&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIge2jN-XE9HILEeSoyz9NjCJIiHhF5jxy0NH2YLc4s_lwCIG4eOCxuBmJGvY2nuVbNJKP-JbzBJr39CcCNhgCQZGvF
Protocol
HTTP/1.1
Server
74.125.100.102 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Thu, 01 Jun 2023 05:44:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 May 2023 06:49:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1204910/1204911
Cache-Control
private, max-age=28498
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1204911
Expires
Thu, 01 Jun 2023 05:44:03 GMT

Redirect headers

Date
Thu, 01 Jun 2023 05:44:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr1---sn-5hnekn7z.googlevideo.com/videoplayback?expire=1685627041&ei=ITB4ZOC0DZDEx_AP_66o6AQ&ip=2a03:1b20:6:f011::2e&id=032acdc49958d775&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=29.930&lmt=1685429352202729&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgPbjj0HHBSKZl2aZjizDyfAW0RBKht_jMa_udcZpB1lMCIQC9v4h8RrK2ewQTMEcG9Rba6eReiGOdQqN394z-zoo3aw==&cpn=kKxS4OLrI9sXwcoh&redirect_counter=1&rm=sn-5hnezl7e&req_id=190c4974bfd136e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=y7&mip=185.213.155.145&mm=31&mn=sn-5hnekn7z&ms=au&mt=1685597814&mv=m&mvi=1&pl=24&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIge2jN-XE9HILEeSoyz9NjCJIiHhF5jxy0NH2YLc4s_lwCIG4eOCxuBmJGvY2nuVbNJKP-JbzBJr39CcCNhgCQZGvF
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Thu, 01 Jun 2023 05:44:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305250101&jk=3894130574439625&bg=!u7iluOzNAAZu7ficTu07ADkAdvg8WtmdYTb9hI03hYZLZwMzw_0tcxg_MjfypaLXKzQsyXgUeuldVayXtIQbs6afPzAb8NeGtXICAAACRVIAAABlaAEHCgBG4yCmlvsvcUzzaCywxt8T9xiWpf7Bjo1-om-JoR2ExmS1Ga-AJZ0yFVdCYh8Xd4FBYmXb8ak4Td-87_632LsS33tx5Bnw1ZkC11qDtLJ_x2xF0kUF22PnTyWvnzdwN2yK8VUScoGoG8We-OpjAzkiB6wxYG_GYF65iiAXUcsPQ-kvCdzjEm9vUxvNs_cStb_H2dJr_WNzDxKNsw9lc7fjy3sPJT5LB-A3klwtVXWm2daJnIL530YTd-itfCqvub81uw_IpN2PbwWHOcVkxQMg3rt-dwiPpTp9fAW0pzSNYoEB2wRY1EXc9ci_K_HxkGzZ_GoZIwiGfi2uyDyJoxz48DXXQXcMX_kcWLyDJP3yITcMsXtzNc0JAzLUsmOQIm2Mx5qfWqX8sesn0695Azo58CnKcqgpJYMDap3_vGf-2wXb8dpuE9oDX6NBr3qsoda-n2yVjinSdLr9EXqd33SBn_YWSTwsmz6n9aocG1h1Pc732xWhSwx6ocrDpjiWOPJwK8ywdOWwDoBiRYIEES6Blq3bqJy5EGDvoe_5r9p5kHjlWwZNN9Krn7V5NeeW8eYPXJ39UoM5GOruOYcSkoshP7Tnbt8tUqCSVtg2rnRJbAvysycPZSvaR_i5X67ZsxAW0sZAWR8oDCo19kSgxtnIAaC_s2-FWtA6fPv9Hq4GH2Q6-15-OjkZhBnqCcdNn4dU7d3TbcM2hGaIt_jxyIESADRFc6RrR046UQgGHXWEIORs71MqJc6zDs4MwY18dwDgiHdGRSMaVaCXEuBTVekFKuo8gX-M7hudPRD118QzECiSptzX87okwBAYG3ChtDmjuU02XIZyD-29HB3VbD4_bnCctPRzh4twZnlg_JfHMeY_hkwqHjql7H-IENdLAonELZ2NM3TVusjgerGujZ0SiKpkdPZgc5VTYyI0-3ZcXxaH5vH3IaubkjQKiMYfnjAfM0CgNW8ipemxY9c32OIFHQG5MzfHEBGYPsyTvtaq-m6tNaHowtprC0Z9VDnVCQ1h5Ywe8M8HPvIvOmgZTuri1kPkT3xKAUIIaiRUT2zfQNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 99F8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.211.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-211-47.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f31b54f763bf999cdcd36728a339288247a533cc907791c51f296d3105bfef60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:01 GMT
content-encoding
gzip
last-modified
Wed, 31 May 2023 09:40:57 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=14203
content-length
10112
expires
Thu, 01 Jun 2023 09:40:44 GMT
khaos.jpg
token.rubiconproject.com/ Frame 99F8 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csi
csi.gstatic.com/ Frame E820 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~licpo6y0&c=8574531301821&slotId=4287265650910.5&qqid=CPT2jOOuof8CFQLRdwodW9gL4A&gqid=IDB4ZI7ROZyZ3gPb5ayQAw&fb=ima_html5-lima&sdkv=h.3.575.0&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.licpo6y2~vss_tr.sl&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.575.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4017:811::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h/DESKTOP/WIDGET_ON/ 		77 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Fb1ybxzs8h/DESKTOP/WIDGET_ON/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-05-31/widget_app_base_1685571097325.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.164.82.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-82-183.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 05:44:02 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-aca8867a
demand
events.browsiprod.com/events/v2/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/demand?p=0cf6981b-a1c8-4c5c-ab86-5ffe7a86bdad
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.15.15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.53.105 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-53-105.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vesty.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.vesty.co.il
date
Thu, 01 Jun 2023 05:44:02 GMT
access-control-allow-credentials
true
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 99F8 		0
0
dcm
s.amazon-adsystem.com/ Frame 99F8 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 99F8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame 99F8 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 99F8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ltqj4418Qbiia7JpAE34Lw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ltqj4418Qbiia7JpAE34Lw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ltqj4418Qbiia7JpAE34Lw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Server
67.220.226.233 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jun 2023 05:44:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WTV76150HWBR9AY4JF2E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Ltqj4418Qbiia7JpAE34Lw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 99F8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=4
  • https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
token
pixel.rubiconproject.com/ Frame 99F8 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/token?pid=3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rbcm
rcp.c.appier.net/ Frame 99F8 		0
0
tap.php
pixel.rubiconproject.com/ Frame 99F8
Redirect Chain
  • https://cm.smadex.com/sync?sm_p=rbc&sm_r=rbc
  • https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=a6783245-59cb-40d3-9c9c-161b95c079ab&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=a6783245-59cb-40d3-9c9c-161b95c079ab&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=71194&nid=3636&put=a6783245-59cb-40d3-9c9c-161b95c079ab&expires=30
date
Thu, 01 Jun 2023 05:44:02 GMT
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
cQN2OzyhiJMWUJ30c3odtxCNWzVsLDajoa7o-HGrU8togsvFHJhkBg==
x-cache
Miss from cloudfront
debug
am-trc-events.taboola.com/ynet-vesty/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/ynet-vesty/log/2/debug?tim=05%3A44%3A02.924&type=warn&msg=Could%20not%20find%20external%20container%20with%20selector%20.MultiImagesLabelsGallery%20to%20move&llvl=2&id=5846&cv=20230530-4-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 05:44:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19043

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.google.com
URL
https://ads.google.com/
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/6227350466491785267/CbV_MY24_C40_DE_Banner_970x250/index.html
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
rcp.c.appier.net
URL
https://rcp.c.appier.net/rbcm

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 boolean| credentialless object| onbeforetoggle object| onscrollend string| articleId object| dataLayer function| _isMobile boolean| isMobile1 string| defaultNativeVideoType function| $ function| jQuery string| dcPath object| dcTags string| dcContentID object| googletag string| gen_ban object| general_banners_divs string| gen_ban_size object| general_banners_divs_sizes boolean| page_800 string| dcBgColor string| dcGeo string| ParentCategory string| dcCG string| video string| dcSite number| dcLoadAds number| Dc_refresh_all number| Dc_refresh_jumbo number| Dc_refresh_ozen string| gptVer string| gptCtv string| new_gpt string| newMedia string| browsi_on_gpt string| show_truvid_mobile string| show_truvid_desktop string| adx_interstitial_mobile object| ggeac object| google_tag_data object| google_js_reporting_queue object| regeneratorRuntime function| CloseSargel object| AdUnit_template_functions function| video_off object| AdUnit_properties function| renderAd function| closeTransitions function| handlecss object| Templates function| CreativeTemplates object| TemplatesConsole object| __core-js_shared__ object| _pageRefresher function| pageRefreshDisable function| pageRefreshEnable object| apd_options object| _taboola boolean| should_load_zoomd string| video_ad_iu string| video_ad_iu_mobile string| video_analytics_src string| video_ad_description_url string| video_ad_yncd string| youtube_player object| YITSiteWidgets function| flowplayer object| _flowplayerTimekeeper object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| cnc object| pcode_779240_default_3Twf4DUyK9 object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads string| WCM_POPULARITY_LINK string| siteID string| analyticsCode string| fpToken function| IframeLightbox undefined| waitForElement boolean| closeBigAd string| dateFormat string| timezone string| languageCode object| currentPlayingYoutubePlayer object| YoutubeAPIControlller boolean| isAbroad function| hpbClickTrans object| article_body object| div_trinity string| curr_url object| trinity_script object| interstitialSlot function| getCookie number| rand_num object| expires object| TRC object| _tblConsole undefined| msg object| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| _ function| handleCommentsPopupVisability boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| __cfBeacon object| AdUnitFunctionsClassObj object| AdUnitPropertiesClassobj undefined| google_measure_js_timing object| google_reactive_ads_global_state object| FB boolean| yandex_context_perf_logging string| wcmNumOfComments object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| $sf object| yaSafeFrameAsyncCallbacks object| UserWayWidgetApp object| google_tag_manager string| GoogleAnalyticsObject function| ga object| dmp object| permutive function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway boolean| __TRINITY_IS_LEGACY__ number| __TRINITY_TAG_TIME__ object| TRINITY_PLAYER function| onYouTubeIframeAPIReady object| gaplugins object| google_optimize object| gaData object| __buffer object| taboolaElementCategory object| taboolaElementArticle object| scriptUrl object| ttPolicy object| YT object| YTConfig boolean| yt_embedsEnableHouseBrandAndYtCoexistence function| onYTReady function| TRINITY_DISPLAY object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| nam object| placementData object| browsitag string| browsi_bootstrap_loaded function| onTruvidPlayerAdded object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| cmTag object| _middyo boolean| __bt_already_invoked object| _cm_wfCounters object| UserWay object| interdeal object| pbjs function| __awaiter function| __generator object| adblockDetector object| forPM function| runMenuRemediationScript object| GoogleGcLKhOms object| brWidgetInit object| truvid_protected function| playerLog object| trv_players object| closure_lm_473800 object| closure_lm_386866 object| google_image_requests

29 Cookies

Domain/Path Name / Value
www.vesty.co.il/ Name: ab-checking
Value: 61
www.vesty.co.il/ Name: dcsyncundefined
Value: true
www.vesty.co.il/ Name: tmcundefined
Value: 1
.vesty.co.il/ Name: _gcl_au
Value: 1.1.931014385.1685598236
trinitymedia.ai/ Name: AWSALBCORS
Value: Vkm5yrdae+pMcTUZboWwlUeEVeFiC1H3MQQVNPNX4l0xyBunGuex/Riw2OFDNlNiGHT3V6C08b1Xu8vD7ARu8TpB+K433gg64nrxJHqXlrkjo4IE30idM+VALUTK
.vesty.co.il/ Name: _ga_HBGSDK9P6D
Value: GS1.1.1685598235.1.0.1685598235.0.0.0
.vesty.co.il/ Name: _ga
Value: GA1.3.1907318486.1685598236
.vesty.co.il/ Name: _gid
Value: GA1.3.829797926.1685598236
.vesty.co.il/ Name: _dc_gtm_UA-5536870-20
Value: 1
.dxmdp.com/ Name: dmpid
Value: 3bc34bda-d1ef-498e-9dab-c65a29ee6da2
.youtube.com/ Name: YSC
Value: d9ttR8SujfM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: djlLHK8sEUg
.vesty.co.il/ Name: __gads
Value: ID=c8f55f599d9b6a92:T=1685598235:RT=1685598235:S=ALNI_MYkjiZqn1ySYxU1rLC-A_TOhZ_6zQ
.vesty.co.il/ Name: __gpi
Value: UID=00000c2aaaf9d694:T=1685598235:RT=1685598235:S=ALNI_MaBqDx-xSpK0I9qh93CxEsxScExDA
.dxmdp.com/ Name: audids
Value: xcYmesNs
www.vesty.co.il/ Name: TRINITY_USER_DATA
Value: eyJ1c2VySWRUUyI6MTY4NTU5ODIzNjQ0NX0=
www.vesty.co.il/ Name: TRINITY_USER_ID
Value: 3d7b8ffb-18d0-477f-9e1f-66fb303dfcb5
.doubleclick.net/ Name: IDE
Value: AHWqTUlSFUUkLRiVeWwhJthd8jo6DHy02dmZXESB07tY121Ar82QUs88Gbm_db17674
.getrockerbox.com/ Name: uuid
Value: rbcr-4adee6fe-6e67-4431-9d88-5385e8234f5e
.casalemedia.com/ Name: CMID
Value: ZHgwHOC8ZDe1xa7EUWWabwAA
.casalemedia.com/ Name: CMPS
Value: 3298
.casalemedia.com/ Name: CMPRO
Value: 3298
.adform.net/ Name: C
Value: 1
www.vesty.co.il/ Name: __browsiSessionID
Value: f57e7913-2731-482d-a85a-5801da91abde&false&false&DEFAULT&de&desktop-4.15.15&true
www.vesty.co.il/ Name: __browsiUID
Value: 2f778d7e-156f-4f1c-a646-416330cf9a5d
.adform.net/ Name: uid
Value: 1679800707801587350
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: uuid2
Value: 6328122765920562220
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVRcvt's!]tbPl1M>e)ZlrFUfJ+tGXxp.D<[`eD?>*Da$6#j@1%z]AfD!8YZT]n'n5OG3If)y3KL9D3I?+P#[%*y

9 Console Messages

Source Level URL
Text
network error URL: https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript error URL: https://www.vesty.co.il/main/article/b1ybxzs8h
Message:
Access to fetch at 'https://ads.google.com/' from origin 'https://www.vesty.co.il' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://ads.google.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdn.permutive.com/fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js?d=2023-06-01
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ads.google.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.btloader.com
api.userway.org
btloader.com
cb3d83ba72d67e8b743988c7727e46cc.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.browsiprod.com
cdn.firstimpression.io
cdn.flowplayer.com
cdn.permutive.com
cdn.taboola.com
cdn.userway.org
cds.taboola.com
cf.dxmcdn.com
cloudflareinsights.com
cm.g.doubleclick.net
cm.smadex.com
cnt.trvdp.com
connect.facebook.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
event.dxmdp.com
events.browsiprod.com
fw.adsafeprotected.com
go.trvdp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
images.taboola.com
images1.ynet.co.il
imasdk.googleapis.com
imprammp.taboola.com
match.adsrvr.org
metrics.getrockerbox.com
mrb.upapi.net
onetag-sys.com
p.trvdp.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rcp.c.appier.net
region1.google-analytics.com
rr1---sn-5hne6n6l.googlevideo.com
rr1---sn-5hnekn7z.googlevideo.com
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
scontent-lhr8-1.xx.fbcdn.net
scontent-lhr8-2.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
src.trvdp.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync.teads.tv
tag.escalated.io
tags.dxmdp.com
token.rubiconproject.com
totalmedia2.ynet.co.il
tpc.googlesyndication.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
trinitymedia.ai
ups.analytics.yahoo.com
us-u.openx.net
vd.trinitymedia.ai
vidstat.taboola.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.vesty.co.il
www.ynetnews.com
www.youtube.com
x.bidswitch.net
yandex.ru
yastatic.net
yield-manager.browsiprod.com
ynet-pic1.yit.co.il
ads.google.com
pixel-us-east.rubiconproject.com
rcp.c.appier.net
s.amazon-adsystem.com
s0.2mdn.net
104.19.149.54
104.70.125.117
13.224.189.128
13.224.189.16
13.225.78.109
13.32.99.86
130.211.23.194
138.199.36.10
141.226.224.32
141.226.228.48
142.250.186.66
142.250.186.67
142.250.186.70
143.204.215.89
143.204.98.18
143.204.98.72
15.197.193.217
151.101.1.44
172.217.18.98
172.64.164.10
172.67.70.134
18.66.112.22
18.66.97.37
185.80.39.216
2.18.161.51
2001:4860:4802:34::36
23.212.211.47
23.32.185.60
2600:1f13:800:7781:39e7:d3d6:74ed:31eb
2600:9000:223f:8a00:8:48e:53c0:93a1
2606:4700:20::681a:246
2606:4700:20::ac43:464d
2606:4700:4400::6812:23a3
2606:4700::6810:3865
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c09::9b
2a00:1450:4017:811::2003
2a02:2638:d::d
2a02:6b8:20::215
2a02:6b8:a::a
2a02:6ea0:c700::11
2a03:2880:f058:10c:face:b00c:0:3
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::300
2a05:d018:d29:3601:a02a:b4dd:86d8:2318
3.65.115.221
3.75.62.37
34.198.41.114
34.248.242.36
34.254.215.196
34.98.64.218
35.161.53.105
35.164.82.183
37.157.5.132
37.252.171.21
51.89.9.254
54.172.81.121
54.246.207.140
54.77.238.227
65.9.66.101
65.9.66.111
67.220.226.233
69.173.144.138
69.173.144.165
74.125.100.102
74.125.8.166
99.86.4.108
99.86.4.124
00fd381e742154a662ef37040e24b1148b4af824e8b0abb9641cb291e31b7a15
018144810275161f79a9ef6fe1708661f13c78fc5d5d87770a3bfc90c9be8ad5
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
038bd0b34b7d1c79b7553c709e463043c2bcefda39ef73cbbab315072846d0a6
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
048a6099e10c5ac79ff998eb79a4b5d5679e9dbef7cada30c224dfbc262c7fdb
04a6c8bef417b9a27f9319e3740ab8947e774de7dc8acce089e28071954636b4
06b37316b38c8f1f7d9a254158baeff84ea85bdb10e5e261bc75a17b20ce3b5d
06eac4afa084c9a223ea6623e22f5e3a17eec06e6eac8701fc1cb49637fc90d9
07d331d3b862e37ce8c62ae5dd6cc283ac39bda87d6ea5e60e18f75c247f3c39
0a2ba70282f4bec77e1b3ecdcc81944a182604ccd340280b7b35844df2787e92
0a77ec63d5a2bba9eef75118a7c24ab1a9c96d8e9df77ac9f3bbad27e411b7fe
0a9115c7f15f56a5280059185aafd63eeaf124193165362eda62102d2f13d255
0b5b043c65bd7bdfbeff519f41e82f1d26ab172d76eb9b44e40e0761575d2092
0b5c146f4e10f164d2492237600fa47a59a3b5b1568c147e4a8ec13198f9904e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bec93ecbc699c0afeb25f95414f14fde249e10dd5ca045a9d599e985ee0e393
0c4f2a295d1c26949a94e4472818f3fd9734bb73118f3aa01f5a20ed3cf50d58
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0d04c51e09fe885a7eb542fbef102f22f52072c5cf07e2e1719744b812fdc4ae
102226e81d3a3109c21b53da10db1d22de84674944ae961a7c6feff84afd58f9
1160b526d9e1495566951f48d527fafc9805346d264fdf486528712485192c8e
118ab0bb925b77bc7e6e5ab12aefc99212d01819af7e18348a5796f97584da2a
11981e7d8a5ea45c1d0818f7fa49bf648eda510e5f5e6dd7f20a9e9a09ff570e
11dbe46578266e04259c1ca0a713ffbf86c3803b94a379e5fc6ef8a381095084
11e422db2791d09a8567d4e569f72b6698f66168e1cefef1fba16cf83ec5c2ce
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1384259e6f4ab2c7553cb9b40c64bcc72a3ddfee4a3665a92fc9b6bf617413c7
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
155385e136685bbcd1a0221f640bee645f843f00b409b3002ecc9fc2fd7611a2
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1991c1d27c9548141c21c2cae1ed61ab2af64506a1c26e8d4077c9aa401ce8ac
19e096f7ffa2dc5236c46a3a65a2db3da73d021509148ff48c66326318fb6b1f
1a125935da70c13b8e02899542b319dde2d65cee1abc837f5743edd9153a3ed1
1a3f09c64a229e9f2bd2ad089b6d9e67093339e5a5a21948f30f15be34549c63
1bcf979135eb6c90265d617e208d32c68a0e38e4434386d987259482a93db4da
1d71480d1558fff5af3c6cc2a25b6e771ff309726337719501229b7db44e6f06
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394
1f37b35441158c74a27389fda31807f6806785c8b0c4ca9b6c93b1ecd88e6c6b
209c55ae7959d440c2e815be93bdb70437bc0d10982d1d14c7f0aab93aebaa28
29e36e355552d3856086c9a3f692ae0541f1f5f6ce200a15e3d19e418cec6188
2ab736bb53afe18a051092f0dbc40b0034f3788c286a97ca3ab88bcbc5ed46bf
2be640a3a70b025c4e35827972930d9a16b66175e8aa652b1f4874c45d50bd51
2c0f2704adbc7e87811cb477aa3ddcdfe20e68f8610ba6b8f28e58fa6bfb7fcb
2fdbb7173df58151a3b9cee1ad593e7ad40b39584dc4599357d62d565fa90e6e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34604045879551d9e3dc0a6bfff8ccc4f5acc35f7d91edd7855937ef417a9736
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34879b9e2bf687d73136aa78381006501b3565c161d6d633b8ecd98cd7c598a0
3735e94afb2539b14515fdd10d7cc066cffa99d4b52762959e342295e08a770e
373d96dce358894b5896f2c8879e06398958dfe80db8291294d6f0d3b85e8a2e
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3c615cc03cc18b8a0a6fac0428664c455c523bab35d662145074f494a6b10ca9
3c6ce816bfa2750b2c01b3595b359d4e5d77e2af89e506f891149be5b0b817e3
3c89d3dbb4e1b421bb7d4b236c8d70f6568d700141dc425d4fb389c41c10679f
3cee1f330570c0aa32c71f8b95f63770540140a52fbc885cc3796c0a1eccb946
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb
3dcceb7c31d2b797f56a67dc5e0f3e891fd48cbc07cf4ea601910da39ca47713
3e0042d9feee1e4ef9aaf81e7600d02762c6984fa85ae2ed7a101b23c8d42956
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f193224eeeb5f48f83a59e39969eb2499143b9e3eb349ce05a4bdf0ea6be2ec
3f9f532d9791610dfcc4f0902dcac54e5274eec29a675eae9612ad25c4512fbb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cd6bad06286f661be9d98f8744feb752d555d4c2678d1becf7804ec4b139d2
40d04ace125700e72bd35044cd03b212e06be6c36b0c96b13318cf6afb92f3db
41dbaa51ee1b6a81f1fd3a9ac4adc41068e669e39ae336600c10d247ea8efb93
42000dec13a6aae21e66fafa14ea2e0bbcce998c9add7b3b1c79cac7fa9fb469
427176ef763337a66afbc5a4cae5bf4afe5b2e157865bd62e77fed481710d431
451ec16adec4941d6711bb005aef648a1bf76dc259a4eae0b77901389cc73077
461a72811f65ea900f55a1dc78606600a3dbe294b48a438ea13ae7a2649bb895
461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49b6f7a70ee3d7f71c178641dec7c2b4cae50de328e404d593f7318d9a8b6c9b
4b108d10517b218ebb22d63ad00b85baf89a7b4f1884c3fd01eb03f0790b1cd6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0958fbb955305dbe358d9f003009081cf3761cbd04ae141959f154023ab467
4d5e0849332acff7b91d64ac054f09bd1f5db75df129c800b2feb90cd2a841e7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f73618b0508eb86558693335a9b05064a901da2fb79079aac6fe2270de03558
4f7958eb599f0a17f3a0998b843eb8bde2d41a071cbd3aff534728837fa7b7e4
4f81646d99b3fc74d8e01a5341ec6e5e51138daecd799f62e01ff59a7bb1c61c
501f415b2cb66824ddd524f3f22240efb6995a8ebd12e282ed048564e28e0738
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510e43765cd2cff920a21e25df0292564c6c06682fc5d4f4f17ec62266d58e50
51759e982746e820cc0a88d3b55f6208f88a459fb456a949fcc3161be7967b6d
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
59c0989ad42ae03e74b50cfd3c23b25eb973a2a1dab7e9593893bdf1edeedc2f
5a9619c6c2cd4801860b4d461af81cbec9b653514837103043e326ea9813b9a4
5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8
5b0eb91bfc4c69db12b5d45caa4f04374a4caaf210106732323d646fb62d4c6b
5d5e0d3e1cbfadb5c7a63053b5339d06457fe7a66c344a970a762a56123c5ec0
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f37d581833ef12fd202af5ea1883c3bd8e01fc91a0a129864e2ae2106d1dc34
602c46beb922196484bee4f9ba8e6c6c2fd4b019fc12141200bd8e277c45807c
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d
64c847dc6ef05e07043bfc50cbdb5c1e8de280877e7a40e9d03e7df0c56abd99
655a9b6d56c1e4ec552e1dabb26b40499f72e081ae07a2455aa4b6fc3a6832c3
6644b38612adab7c985316a135aa23e3accb658eb27bd7d9239b18b6109f74ad
68425923e30ccc97de3488098f07323215808c761c5b709c4cddada4fc49d887
6851a08172611dee3087ed287fb22873c5697e163391ba4b0555e3d7982ca541
6a40f7092b6c797f55054048dabc6314a3558b238d31ade75917a520a933ba9c
6b714da0ee71995873912f31aa8da3bc842f3a5d065cfefc26ae0c90fb239f65
6c4f42bbb80ed0308dd79b93b4bf8d39caa0e2f374717130ccdb5e87b3077546
6c75b0d6862aafea13a1ad7f4779ea4f47a058be8aed60c15cf32dacea3e3acd
6e452b9406fd885ae8136ef3beb319e451ce7a43627e528bf734f6f7aa905ed2
6eeda07454b179d45f6a9b5a3d35fbd116aa2efe54319088a18369176d6f6f9c
6ff01df04f197d9059376051c0b1bc8c667dac83b361064b2066c0486b25df7e
72b37ec23ed359a8b2da02ada434ff798cab5fd01f1952a8afc914e638d636b3
746249137d6bbb4e5f2be33b3e875cd1202809ef26e0c9af1533e398712cf5d5
76b6fd084e8f50832f9814d79c9206b060500c454442d7f5796ad3c476563a64
77e67726f5b10d4e887da34c9d7647f8ad709550b024eebb0dcacedbc142c8f0
79d2be51b14dede17833bcad28a6750726349c84cbaecc656be71dcfa33f76d6
7be9364f21808a881f4530002ab0363deabf7de3321a1356984e88fb316ac165
805f911869d903d297ec0cb6fb3f02540a883908096434d0c2535f48934ce767
817912f74c243cb931e0ba11ae0aa155f9a508208c4288223f9cee5ce07892ed
82d7f0ae53ddbe8de962a23c632fbc9f93e18005368a95671ade348794ba1197
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b5d14131b0ce563122630184fca4dbff248880636ab2ea348c62040822d645
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851fd64c4950fca21be89e6dde49ef1223b87227c12da7320528be240b7c45f4
856242afa71cc84545c0bb3bbb3cfe7226d1071a1f3e87607cbad2bf8daae497
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf
8783883968da07275df5ed817ae769253fa3a51509283f371d81aff455039d8b
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369
8991cdeed3a031d0bacfaf1927b884b93e2e36eb71ab18ac2c201c17f7c21569
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8bf06609adc2161bf2be5cae5a5f800e50539f0ee1f06e410eb5285d835e9b48
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e053500351e8398cc2da3b0fbc974df4ac7fc7dc6c3af1b474bde5668cd1ad0
8f010fdfa614f65771a8385b794fc7b6a8dcc6894197a6fab59a6d67767f6033
903a1b70c8c6476cddaed2b1f98ec5589d069e06660dcc14a6a225842216ccaf
9176dfafa2beac923666d80208d52163366268d65a3f6d4c9c7dc062f13db1fc
9561314ad3f5e017885ee51821e21db5ed0c47f328939c92bbc2c69315e695e5
9647129e04fb0087ff7d9aa50a657bbce11fcfcd89f2688cba822d0d7bf1f025
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9952a8dcad912fe91be6574b823e231879e5f43666abb1000e647eb6d2f6b6e8
9ac5d86cbcdf58b89344f83ac426d0300c5d6adc80226c2e62f9d2e3d0be2a40
9b140186ec8368d335681fb0a6e871323c01ee0d72d0b66a68f0f2f4f2002daf
9b1645d05205c0de76ee78715ddbbbe2a5e4b2fe9f5faee9037e070c07691212
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c1928501888f72c1c9d2cb3bdd18742623c6f6e806416db07aa8c538ef9a8ec
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9e37f8709ca8dc7c4f0094e4eda5c8900887c5448aff04bfaf9eaa71a96de5b3
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9efb2ec23ca8bdfb0acd203ca3292260873761f487e47ac24d3091835ee4edf6
9f19114fc66ef2ca455dc1b7e93be045b3698a3f291312e951b163473fbf6980
9fe801269d9ef99d44e6aa9d17ef66db64d1b983d0116c8e142faa8f9da3424d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a1e104a973da1c30632261c23c442b794dba8508925ae0942d2ab8b74359d265
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a558097700b7d43ab370181ad21f135afd5318e000a2844c5d2bdca97d6ae8ca
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a8d6537559bba91d5987243b73b24db1fb3ed42d7cc66a3a3799939b3145cc55
a91fca903f7f2a3d051f657b5b25baed4e99b6c1e51bfee63737f73ff54f2b7c
a9d145c23be845f9f5b13638ad97ce55256d3366ca513d7cd54bd7c849c629c0
aace298e700157aedcfe9b062cc530a67ece01ad08c3af7fe8a52be86bc01d04
ab32b2c4c4edb597ff057500e0716830305580857189e611e5b07acbba87d78a
ae8017866a6744d35f26aa9da389e9771d40bcae3ee65df4c1b5e16e57b09fda
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750
afa1ff79dda80807b1b38e3a4b80b4467b695ca9ce7c15cfefa890bdcb35e7e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4df7f2de9ea8edc3db32a53bcaeaf46daee08607763062bcf7652bcaa57bf8a
b7c75468e63bbfc47e9b7e43bf8c709185836b2868ea3a893339966c208435c5
b8c26e1e6918b4f0846c853128748dbc6f0b8a4db4ce690060740aeaa5b606f3
b94ab7d03297a9036dc60e17afc685bd191904db7c25e1c4d92f0f1a84f546c2
b9756ab3110569adb981f1b23475d67749b2e9717b4c74c084e280d9ddf20459
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
c0ee77e6f6023a7d56c375a41920b9be9fcb5e66827eee6c645c19364726373d
c1f8548f59ad3046366b3c82d923308cf960624c7be4e4b9fc4732314940795c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b
c35827c134a532b9e68396abb6e4e6b79e42039d083a963aa6efd65ee9384926
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c4d130b5b897b093c4df9a9cea0b5bdab26720880f95555684f1f354e43464dc
c5acac149b50071f4f0435867b53804101eac47a91975d5d44347565fca062cd
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533
c9901eba322320d37653843ced2b7ef18b27e92f36c7407211d564ab762508a5
c99077787e257c7edd731fe6edd4c4f89d3938a8da03c945e53ae65f39dff746
ca10977700b1bc7b44bfe44bbfc1e134c13cc993d5e59c4bca6de5f7370c1827
cab9d462a9a175760c61a7064803d06ffef31dedbf1f1e60a0a32a5cb2f3c273
cb505f9b238a9e432f0fef92f30b51a7382134621126778726f08e371d7ab899
cbfeec5e4fcd8eb68c82bae4d6fed0e5c3d462bf8d374dbf9f549221ed1d7c48
cd20055d8c801ef0e0c4698fe5f5bce77cbe3e1acc8dc99625fbbbf59047985d
ce68025aaa5088ef5c7ebd8184ae4b707a2b7d74484e5034453e3fdd6d5ad208
cf37ed902f7b08d2b1187f9aacc5c4140d146747073a3164c25de37141d53ba4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe30957bf850e28b1bdf1123eebece20ba4af542a0fe63a93f7e16aaa9d2233
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d4017512b0037bc61e80b775adbecc701e7e61f01dc4914f2f7b4062ffdb30a2
d54e851db62143344146dd02717567e87695725d3e25e18a2feafd3dc6ba5714
d5a40988d01fa1b8bfa5399d25fbe99975275d43b066f7573aa6395812e13180
d63c657f5953949a641627cfb91bad8589c232e5f14610316e114d157fb61740
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b
de8cb79361a6875847673adf11f3c2e714013d9cbc68ecd4d0f4c2ff24b0d4a2
dec9b665d7cb35ff071c8946c4d195e5efa8a6410ad41bd331a483dd265e23ba
df4acba18ca9890f91ffb3945d31079bc2cd527ac59eefef5dfa28570c538e7a
e14b921d38dacc2a9cd9d714c70dd0fc57e6f9ee71c8785fa7ccbd51264e3cbf
e185be24a5c863f4cff1b0fd544c3f21446025ccb83d36eed06e36ab98d3a165
e38a0b83d916f6202f122793ab33382b5f66d6d771619831e42e8324f89e73a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072
ead3191b9474219c0a9d6951bb245857e62390003d50d08d80a182e99fad9a73
ee59a729348a1ee72417458ddb4879d4e09668334d2a715f3a700edb5e19bf04
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8962d478a7626ae3eca69fde1420da458d3eaa2e30a5f4cec434eb1293a431
f28180ef39ca232cf1ccd46c1161d8513d87148f7c70d9c6ccb916c322530769
f2e8cc86bb5670eae767a2add71d2acdbbc7adb4374e3416f02f9a368cd75e18
f31b54f763bf999cdcd36728a339288247a533cc907791c51f296d3105bfef60
f5a640f7031ce17f8b5ffbbdba879028c6983aa841e66d82699868f4c9fe17fb
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fcbc406de6d244fa65cea4df1a366ccccfb0b9c6ef1bcfba1a007f845c0078ae
fdfc4de862c4b94a7f110229dd94d12a420e2208c10c69f919f3f0ffd36315bb
fe4cbace9fd4820232a3ef9ebfef646bb3948bec6a5fbf5015a7caa1eb09718e
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
fedc9a5ed3d075f3a8a120ea6a4c67c0d605a864db0b91c808a4d66e3ab19a46