www.haaretz.com Open in urlscan Pro
151.101.114.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.haaretz.com/israel-news/business/1.757670
Effective URL:
https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Submission: On June 18 via api (June 18th 2020, 4:49:02 am UTC) from US

Summary HTTP 345 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 36 domains to perform 345 HTTP transactions. The main IP is 151.101.114.217, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.haaretz.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on June 16th 2020. Valid for: a year.

This is the only time www.haaretz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 70	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
19	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::621 2a04:4e42::621	54113 (FASTLY) (FASTLY)
2	2600:9000:218... 2600:9000:2182:da00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	35.176.56.39 35.176.56.39	16509 (AMAZON-02) (AMAZON-02)
12	152.195.39.46 152.195.39.46	15133 (EDGECAST) (EDGECAST)
2	18.213.129.100 18.213.129.100	14618 (AMAZON-AES) (AMAZON-AES)
14	2.21.37.220 2.21.37.220	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	212.71.236.31 212.71.236.31	63949 (LINODE-AP...) (LINODE-AP Linode)
1	185.3.92.12 185.3.92.12	63949 (LINODE-AP...) (LINODE-AP Linode)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1	172.217.18.166 172.217.18.166	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
11	35.171.145.24 35.171.145.24	14618 (AMAZON-AES) (AMAZON-AES)
4	54.171.157.204 54.171.157.204	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:39d::3892	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	23.210.248.65 23.210.248.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.23.9.254 23.23.9.254	14618 (AMAZON-AES) (AMAZON-AES)
5 5	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
14	18.209.196.238 18.209.196.238	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	54.208.107.16 54.208.107.16	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
25	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 11	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	67.202.110.24 67.202.110.24	32748 (STEADFAST) (STEADFAST)
1	185.86.138.79 185.86.138.79	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.196.104.43 18.196.104.43	16509 (AMAZON-02) (AMAZON-02)
1	52.216.16.91 52.216.16.91	16509 (AMAZON-02) (AMAZON-02)
2	104.16.88.26 104.16.88.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	67.202.110.31 67.202.110.31	32748 (STEADFAST) (STEADFAST)
2	104.16.39.14 104.16.39.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	208.100.17.190 208.100.17.190	32748 (STEADFAST) (STEADFAST)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
2	13.226.146.86 13.226.146.86	16509 (AMAZON-02) (AMAZON-02)
3	52.207.21.55 52.207.21.55	14618 (AMAZON-AES) (AMAZON-AES)
6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
3	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	52.59.74.203 52.59.74.203	16509 (AMAZON-02) (AMAZON-02)
345	55

70 151.101.114.217 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

www.haaretz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.haarets.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
graphql.haaretz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms-apps.haaretz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:da00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.56.39 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-56-39.eu-west-2.compute.amazonaws.com

route.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 152.195.39.46 (United States)

ASN15133 (EDGECAST, US)

cdata.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inimage.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.129.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-129-100.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.21.37.220 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-220.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.71.236.31 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-212-71-236-31.london.nodebalancer.linode.com

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.3.92.12 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-185-3-92-12.london.nodebalancer.linode.com

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.171.145.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-145-24.compute-1.amazonaws.com

logging.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.171.157.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-157-204.eu-west-1.compute.amazonaws.com

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39d::3892 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

images2.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 23.210.248.65 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-65.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.9.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-9-254.compute-1.amazonaws.com

content.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.209.196.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-196-238.compute-1.amazonaws.com

analytics.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.107.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-107-16.compute-1.amazonaws.com

xtr.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap3ams1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

carambola-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.202.110.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.79 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.16.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.110.31 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-110.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.39.14 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.190 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.146.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-86.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.21.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-21-55.compute-1.amazonaws.com

psa.carambo.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

33across-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

gslbeacon.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

725d18cd3df13a5f2d28310cb1daa391.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.74.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	haaretz.com 2 redirects www.haaretz.com graphql.haaretz.com ms-apps.haaretz.com	720 KB
43	carambo.la 1 redirects route.carambo.la cdata.carambo.la logging.carambo.la inimage.carambo.la content.carambo.la analytics.carambo.la xtr.carambo.la media.carambo.la psa.carambo.la	351 KB
41	googlesyndication.com 1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 725d18cd3df13a5f2d28310cb1daa391.safeframe.googlesyndication.com	754 KB
29	doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	304 KB
28	lijit.com ap.lijit.com gslbeacon.lijit.com vap3ams1.lijit.com	92 KB
26	ampproject.org cdn.ampproject.org	541 KB
22	outbrain.com widgets.outbrain.com amplify.outbrain.com odb.outbrain.com tr.outbrain.com amplifypixel.outbrain.com mcdp-nydc1.outbrain.com	89 KB
17	openx.net 1 redirects carambola-d.openx.net 33across-d.openx.net eu-u.openx.net	221 KB
15	outbrainimg.com log.outbrainimg.com images.outbrainimg.com	237 KB
13	haarets.co.il images.haarets.co.il	134 KB
11	tynt.com cdn.tynt.com sc.tynt.com ic.tynt.com de.tynt.com	9 KB
6	google.com 5 redirects adservice.google.com www.google.com	414 B
5	33across.com ssc.33across.com cdn-sic.33across.com sic.33across.com	115 KB
5	firstimpression.io ecdn.firstimpression.io cdn.firstimpression.io	190 KB
4	adnxs.com acdn.adnxs.com ib.adnxs.com	33 KB
4	facebook.com graph.facebook.com www.facebook.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	29 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	cookielaw.org cdn.cookielaw.org	24 KB
2	chartbeat.net ping.chartbeat.net	338 B
2	facebook.net connect.facebook.net	161 KB
2	chartbeat.com static.chartbeat.com	29 KB
2	polyfill.io polyfill.io	729 B
1	advertising.com pixel.advertising.com	125 B
1	amazonaws.com s3.amazonaws.com	36 KB
1	emxdgt.com hb.emxdgt.com	307 B
1	smartadserver.com prg.smartadserver.com	1 KB
1	pubmatic.com hbopenbid.pubmatic.com	116 B
1	gstatic.com fonts.gstatic.com	11 KB
1	googleapis.com fonts.googleapis.com	879 B
1	googletagservices.com www.googletagservices.com	27 KB
1	zemanta.com images2.zemanta.com	15 KB
1	onetrust.com geolocation.onetrust.com	404 B
1	jquery.com code.jquery.com	30 KB
1	google.ee adservice.google.ee	169 B
1	analysis.fi ecdn.analysis.fi	2 KB
345	36

	Domain	Requested by
43	www.haaretz.com	2 redirects www.haaretz.com
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.haaretz.com cdn.ampproject.org tpc.googlesyndication.com
26	cdn.ampproject.org	securepubads.g.doubleclick.net pagead2.googlesyndication.com
19	ap.lijit.com	www.haaretz.com carambola-d.openx.net ap.lijit.com
19	securepubads.g.doubleclick.net	www.haaretz.com securepubads.g.doubleclick.net cdn-sic.33across.com
14	analytics.carambo.la	cdata.carambo.la psa.carambo.la
14	images.outbrainimg.com	www.haaretz.com
13	widgets.outbrain.com	www.haaretz.com widgets.outbrain.com
13	images.haarets.co.il	www.haaretz.com
11	logging.carambo.la	cdata.carambo.la
11	graphql.haaretz.com	www.haaretz.com
9	googleads.g.doubleclick.net	www.haaretz.com pagead2.googlesyndication.com
7	ic.tynt.com
7	pagead2.googlesyndication.com	ecdn.firstimpression.io pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	vap3ams1.lijit.com	www.haaretz.com
6	eu-u.openx.net	1 redirects 33across-d.openx.net carambola-d.openx.net
6	33across-d.openx.net	cdn-sic.33across.com 33across-d.openx.net
6	media.carambo.la	www.haaretz.com
5	carambola-d.openx.net	www.haaretz.com cdata.carambo.la carambola-d.openx.net
5	www.google.com	5 redirects
5	cdata.carambo.la	www.haaretz.com cdata.carambo.la
4	cdn.firstimpression.io	ecdn.firstimpression.io
3	gslbeacon.lijit.com	ap.lijit.com
3	ib.adnxs.com	acdn.adnxs.com
3	psa.carambo.la	ap.lijit.com
3	mcdp-nydc1.outbrain.com	widgets.outbrain.com
3	ms-apps.haaretz.com	www.haaretz.com
3	1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	odb.outbrain.com	widgets.outbrain.com
3	www.facebook.com	www.haaretz.com connect.facebook.net
2	c.amazon-adsystem.com	cdn-sic.33across.com c.amazon-adsystem.com
2	de.tynt.com	cdn.tynt.com
2	cdn-sic.33across.com	cdn.tynt.com cdn-sic.33across.com
2	ssc.33across.com	www.haaretz.com cdn-sic.33across.com
2	www.google-analytics.com	www.haaretz.com www.google-analytics.com
2	cdn.cookielaw.org	www.haaretz.com cdn.cookielaw.org
2	ping.chartbeat.net	www.haaretz.com
2	connect.facebook.net	www.haaretz.com connect.facebook.net
2	static.chartbeat.com	www.haaretz.com
2	polyfill.io	www.haaretz.com
1	pixel.advertising.com
1	725d18cd3df13a5f2d28310cb1daa391.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	sic.33across.com	cdn-sic.33across.com
1	acdn.adnxs.com	cdn-sic.33across.com
1	sc.tynt.com	cdn.tynt.com
1	cdn.tynt.com	www.haaretz.com
1	s3.amazonaws.com	www.haaretz.com
1	hb.emxdgt.com	www.haaretz.com
1	prg.smartadserver.com	www.haaretz.com
1	hbopenbid.pubmatic.com	www.haaretz.com
1	fonts.gstatic.com	www.googletagservices.com
1	xtr.carambo.la	cdata.carambo.la
1	fonts.googleapis.com	cdata.carambo.la
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	content.carambo.la	cdata.carambo.la
1	images2.zemanta.com	widgets.outbrain.com
1	inimage.carambo.la	cdata.carambo.la
1	amplifypixel.outbrain.com	www.haaretz.com
1	tr.outbrain.com	www.haaretz.com
1	geolocation.onetrust.com	code.jquery.com
1	ad.doubleclick.net	www.haaretz.com
1	log.outbrainimg.com	widgets.outbrain.com
1	amplify.outbrain.com	www.haaretz.com
1	code.jquery.com	cdn.cookielaw.org
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ee	securepubads.g.doubleclick.net
1	ecdn.firstimpression.io	www.haaretz.com
1	ecdn.analysis.fi	www.haaretz.com
1	graph.facebook.com	www.haaretz.com
1	route.carambo.la	1 redirects
345	70

This site contains links to these domains. Also see Links.

Domain
cookiepedia.co.uk
onetrust.com
promotions.haaretz.com
traffic.outbrain.com
rmkz.themarker.com
paid.outbrain.com
www.haaretz.co.il
www.outbrain.com
ad.doubleclick.net
r1.zemanta.com
www.clicktraceclick.com
plarium.com
www.facebook.com
twitter.com
play.google.com
apps.apple.com
www.themarker.com
finance.themarker.com
haaretz.com

Subject Issuer	Validity	Valid
y2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-16` - `2021-06-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-08` - `2021-04-17`	10 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.carambo.la DigiCert SHA2 Secure Server CA	`2019-02-21` - `2021-02-25`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
sni9451gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-07` - `2021-05-12`	a year	crt.sh
*.analysis.fi Sectigo RSA Domain Validation Secure Server CA	`2020-05-17` - `2021-06-16`	a year	crt.sh
*.firstimpression.io Sectigo RSA Organization Validation Secure Server CA	`2019-11-06` - `2020-12-04`	a year	crt.sh
*.google.ee GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-15` - `2021-04-23`	10 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.zemanta.com DigiCert SHA2 Secure Server CA	`2019-12-17` - `2021-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2019-07-17` - `2020-07-17`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-03-11` - `2020-09-07`	6 months	crt.sh

This page contains 43 frames:

Primary Page: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Frame ID: 8063B034FED3987849DADDB5136466BE
Requests: 198 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: A227101034A0C3A8E5CEB0CC044D16B9
Requests: 11 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 6803A53868022765D4869B6E2D5B8569
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: A4D75CF335A0CB90D108B6FE0EBF02EB
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 697C0E71AD5B1E9CD63222FBBEA9DCB5
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C46E1263F06BB69A57FA3E7774918143
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 91FFE2C53AF98E7BE3E71020169AE0D1
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8F7399E3D0EA7BCF996511FC3B89EDFC
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 2ABAFF58CD1038481043FB27C74C83D7
Requests: 1 HTTP requests in this frame

Frame: https://1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 32F19738F08C8063F4855B37D8E1C457
Requests: 1 HTTP requests in this frame

Frame: https://1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 9476297A5C02EE97076A6FBF5EC6488E
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 74A7175DE23D31F9691E72A333026A30
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 9B3E0D269A3092DAA9FA1EC5AD930EDB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 538E77DE4FE2EB4FC4575CBE547EB115
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 0CADC6607D41A63B964FCCF996C98661
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 4D92CB94EEB302FBF683DA8B1CB0BF17
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js
Frame ID: 3F16F5D190E6022854C81D19B9A434EA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html
Frame ID: 8BF0AD6D24BE9549C5A57E7125117884
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622156405313063&output=html&h=90&slotname=188c714.3b2318c&adk=2419923556&adf=861824501&w=728&lmt=1592455721&psa=1&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&flash=0&wgl=1&adsid=NT&dt=1592455721337&bpp=9&bdt=3214&idt=232&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7830051421655&frm=20&pv=2&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=169&ady=1514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=0g9C4s6gBU&p=https%3A//www.haaretz.com&dtd=250
Frame ID: 1EB684C4881C6B31DE14ECF9F99B3378
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622156405313063&output=html&h=250&slotname=3848a34.d274aac&adk=1482580090&adf=3618095171&w=300&lmt=1592455721&psa=1&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&flash=0&wgl=1&adsid=NT&dt=1592455721346&bpp=3&bdt=3223&idt=284&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7830051421655&frm=20&pv=1&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=414&ady=3364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=IW09sEN6g6&p=https%3A//www.haaretz.com&dtd=288
Frame ID: AB8BA2F3A015EC46396DAC8917689D94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1592455721&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592455721350&bpp=1&bdt=3227&idt=308&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=7830051421655&frm=20&pv=1&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=12&uci=a!c&fsb=1&dtd=316
Frame ID: 1F6F939B0E5EB897B2D0DB02E309FB72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A5CD89C539DD35A45D915D65B9DC8ABD
Requests: 1 HTTP requests in this frame

Frame: https://carambola-d.openx.net/w/1.0/jstag
Frame ID: D4627686DEF55D0278D653C5CC0B7D8B
Requests: 2 HTTP requests in this frame

Frame: https://carambola-d.openx.net/w/1.0/jstag
Frame ID: B4BB950357C3190B1650235476F84D45
Requests: 2 HTTP requests in this frame

Frame: https://cdn.tynt.com/siab.js
Frame ID: 30854D1DEE4A5E84A7B74AC57FAD8460
Requests: 6 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?p64toCdMtT&_ADTIME_&z=555864&width=300&height=250
Frame ID: 992155346B64F3D508C0BFEACDFEE948
Requests: 11 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?N90bJwARze&_ADTIME_&z=555863&width=300&height=250
Frame ID: FC729530E9B0019CC026FE386C046911
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: A75EB374AF5F183DA0C3BB1E6F3474E0
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: EEC111B32804F7729CECF58D75461CB7
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 81CFEF9FCC43D48F392C22322B4A9519
Requests: 8 HTTP requests in this frame

Frame: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Frame ID: 1CC57D6BE5222A47C52B8015B37A9196
Requests: 2 HTTP requests in this frame

Frame: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Frame ID: 832B84DA341C29B3940B4BD6BFF9B9F4
Requests: 2 HTTP requests in this frame

Frame: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Frame ID: 1DA2F0AF77061F1F3AA89703068F234C
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
Frame ID: AAFA587C6F5531710F84F4DEEC508B1D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
Frame ID: 02B69D03A15944C7F6FC7EE0EEC0CBD9
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_555864_0f4240bec14646848af21b25b8ee3bf6&rand=7865&informer=13410076&type=fpads&loc=https%3A%2F%2Fwww.haaretz.com&v=1.2&gdpr_consent=undefined
Frame ID: 66F53F588A55BBAD7F60437249C9E95D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
Frame ID: F6547EE66DDAF55F0EF8331FA215D7BE
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&rand=889&informer=13410076&type=fpads&loc=https%3A%2F%2Fwww.haaretz.com&v=1.2&gdpr_consent=undefined
Frame ID: E60DBFB22F886A6796A93F99B4F4286F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/www/delivery/fpi.js?{random}&_ADTIME_&z=555863&width=300&height=250
Frame ID: 5388B3CC59CB242DA8EB4D5B5754EB98
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Frame ID: 5EF40B77B9618347577C64A1FB63693C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: CDB18D6343917245CDCBDB4D41E5016B
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Frame ID: 2DB7923939D3DA26432B2A1FDDA105BC
Requests: 1 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_555863_494d5b756190421e83672dec11441f81&rand=1843&informer=13410076&type=fpads&loc=https%3A%2F%2Fwww.haaretz.com&v=1.2&gdpr_consent=undefined
Frame ID: 348EF3D2EC3CC54AE238539CB99E48AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.haaretz.com/israel-news/business/1.757670 HTTP 301
https://www.haaretz.com/israel-news/business/1.757670 HTTP 301
https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-pre... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Page Statistics

345
Requests

100 %
HTTPS

36 %
IPv6

36
Domains

70
Subdomains

55
IPs

7
Countries

4178 kB
Transfer

10941 kB
Size

9
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More Information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://promotions.haaretz.com/promotions-page?htm_source=site&htm_medium=button&htm_campaign=subscription&htm_campaign_type=subscription&htm_content=hello_default
Title: SUBSCRIBE NOWSubscribe now

Search URL Search Domain Scan URL

URL: https://traffic.outbrain.com/network/redir?p=mEPpl4po0ErFpPACfyFsUN2983ImJpdGPvU_5Ffeu7nqVA49L6jZ_Hix4R91XAgHoSJ5J1XNtnyIgy4UVlwFYMw2gPvxtuQ2BtPa0ZM6OuyINJ2TrjmaYIvLof2hEEo0Brm5qN2otvtLe_aaDnqkf3NnuFlU6d3keE6oItlmKnvj9e_UwVsgDbW7SE0DPIBXS_caER22_RfDKaz7JQb3pPXCNVVxSkFdiBorKoUBGq3o3lzqmwbHB4g_X2GEToDD6HZ9CgIm3cJOmqQf0TnjJ8D6I055xhqlRIvLlCdcbxVJ7cmInBCroIgfZCmcNJ_a4LLqhna0KSSQdRa9FSLGpr13LbIz5y2ek4DVj0nKNx1hnGAB-azZOyEeRMHCvrXyjg2uHp8HFxIvYd3kAxgeFsL5LzOlj_kTPLrPDndJaUwkwg7y8WXGmNahhg-r3v-9GcCjwyxgNJtPjgQCqSO8H_qMQkhVHfHtuJB3VNpl2IIWMd9ReBrC0P5xmh-WYONwOkronIfgJtkJ19-chcw_nREnAXD0xrESJ5uXDAtX4NLT5eZUyfWxrBUvphBgPSV9P_0T9bG0W53o30l0AjHzPXXmXo5Xz4lvNnkZbPweET9TUpF_n7dptGJ-Q_0zyhoBLqCO1iAM8rwgk7BueRHmOo0PlrzPgzlpyTeBXVcngkt_D7VxJDxL7T4BGAqSGJZrHyPR9bNtmMZle2bD5BWfFbGA-AqCQrlXJQZQEHXR0ovHU8jwaFnQ9olwfDUX64WMVCm-ZRCQS3G1fE1krSZeXTgFA3WWhQWBh9hhf4XnCGcbkNyAADL7JZfS_xbdxpZXQt4_vmyH4sH_k4RdtOn90-3XP1IBO_wCmqJf63m8Cf_pgzXR9JF8LBdJJqi4E9wvV_OpsjNLyu0Rjm0Z30vkJWtsNkicukL5P2ZWvENq4_duqhaFE9h7kn5Vc84rhPPANWdBSMXTz5AsRXjMzP0r4Qt18aY0u2W3Iz9p8U38_H3I_0PNfg4qOhB0J5ILLz9YrbAoAGaHts1EPEmdsnF_w3fP7suVeW3XGjusWKAtqF0zOVMCDk39gjaEGOjYsmALhTZLoTEwvW6jUg7-tcKKdqeZ_sulOsIxltje8sERcV-aGMEBJodg0blR6InnFPqWo3exT1XYWYPOkNKTupm9pg&c=47829cac&v=3
Title: Greece? Cyprus? Iceland? Israelis face few options for overseas travel this summer

Search URL Search Domain Scan URL

URL: https://traffic.outbrain.com/network/redir?p=sWqIkUn8snI6-MQfPH9bV_UufzPNjF--bGpmajPn-daeXgqcVjiiCbw1hgaZ7Z3sKhd9Udzdf1BNT9x2_hlD0COlrDe7K_8ggy4i-noMDLWUNLOFVjsHiL_y8F8A3EB294c2nVyhLUsFxPlseX2Qd8FVoLa-oubDX5r1ceke3Lk6QUSL2DQrxudKtcS00i5UYaQw5gBorfWidsFodMEYp8WSIi2lKDv-aV9tdddyy3DsYT4mQwcNDVjqitGHnv1-8I-ZDS867yQ7_pYLvWYu4cUFjPqetv02Z6ay8Ud6nVoUKFnOpqGtgCCp7ZO8hWn_50iN_gTz3eGdNuvIaKDUdG_Vg1vkvoWgTlbyQoybjN18IxJRKye8V6vAfZ5T7fVZe_F3UBCnwYCUaXF09rk5usbwojWEXteEV-OZZFLLDdp9aiyvE4OXr4jQJL_NWk3JlQCGEZ_p6X_h9ZR1mIt1_btskjg0RPY6n4bcpkIrZ8juTreM3PSCyMxKUUiLQuNQWI0DY7xu890IcmkO7IjgXonDmkBq89abdiEjlO_4VfsqBRvUHipmxJfcwyAGNF001LqbRMGsH_I6bih1XE7eCuG0hwIL0YauSLcHJ2muCHujwWCbPoZO5j06ywYx1QqTl2idcnwimjBJp-52Sjqh6Rg2jgqxYjF7cLmHQhOyu7UBTyktPU7-Xj_kw8xoeKB1xCobA3-3bOxBVFq77yvwux6E2SCVEctOaoyTqQhpqYW2hnu9GayNIMhlBB5DKDV4sCmGTes00uGKeAGXxmZxDKAFeN-ly8j4dlLZRJLeHkdcoRs2CW0zvkYKnmHF4QN-oVzXPRxWW7vYvYdgWtelwo3hc9VXOJ5wZdahY-UCOenmHuW8GPzspf2mVz9JOtQgK9qXgusDHmtBOjwtRXrTwIRJM2G8fRXM0GZq03tnvRrQSEA5NyKM5UnLbL-N3XsugL0nCYWkRXZfHvkg7c1yaWFSeDM-UxzTKJF6IeULyKkYopjX8abAuA9RSIC8dMW3KeScG7-_IomezM0NbiDvFYjhA33bMOBvhtQpVmyuvt876b176FzcYGrpqnJ6mgECLy3rR4oOPo-lITFZxuTlh_S1v6REUCFXcyxXLzzNjMmKdBi6CC5B6L7CWZNO4EflylKuf4tvtX-Ry_GYUEulDA&c=a63c3931&v=3
Title: Deep waters off Israel coast, once thought desolate, are teeming with life

Search URL Search Domain Scan URL

URL: https://rmkz.themarker.com/gampad/clk?id=5398448534&iu=/9401/ClickTracker.Marketing
Title: זאת ההזדמנות שלכם ללמוד מקצוע חדש מבלי לקום מהספה

Search URL Search Domain Scan URL

URL: https://paid.outbrain.com/network/redir?p=TLpEiDvKA0ne150LKC3XcHfRBLmMJoSaIkFdRMi-pNmTAq_wgpmqKjRVpRM1qqXBKRfS62excIOqkecnJErPVphuq41WsDEexp7MpHIN3MuTACuNHfnAV3-R0mYSkhEm3PulOXrrPW5jyACJp_M3Jjx-CZiLWjfyKqeUQDSMnEuDdYvf_bAref873kWjFEXaHqAKcqyN23JgtXrPuo0rn2xfilPV_nxGit0FWPig4SFIJ7wxEXpERyx6ZxLk_BJK8ou4-3Kz2oymQ8DrtGhtpyiN8oCoU2Xh3A8expUsyJO6tgUJVJva9DDzq8PCixdCEX2Xgp2BHb9gOOUG1-pQko3jJNavSiRVpD09o-Gzsh04w9JswHqB8cBLLQ9sq6JqK7pWubeT6cAFCdtxHUWmRGPsjb8m26dDMQO1DrfwT9lQXzf4qcPMAtehHTMOZftTwbzivYVzRlg7jnO2GumQJR5jetdLvt4usqvAxm43QUKJ4gq7LAssQcgrBzLl7GTfgKQdT7iVSH4JeeHvc98Vo2uHuufRTu98FkjKhagyE4FCT9r6lsu1hEGnPjjRF7yFfY1GHcmHFZHRYz4gs5GaxPrHRv8LIkIMmSW4LJLc-9oLJv3YsurzOpw-2LJxl-wbxAK8uPa2FW5WthrMNEyVkXabuAZ3Ykjxr-WtavW8p2l5Uw3A9way8cbS1Ajvo2gRTm5K4rfB_lht-JsUmgSlE16ofF9MIIc4_5vG_34_f3sJ2DqEEoP__YzRDPL0OmBhAopmBcyyBIe9eIVg-s0ZDeJ7totVz-Bdq1W5AYE7u9oWIYplticY6g5JGD6phTKXW4yhLCu8uV972CAtLhDFnHvuG3OSOw6Z-M2xybPXF_eBhdqAqo_6EY880qPxEpQ0n2lnLeyo6Y_-98TA6MY5yrNZ3_pBE4gG--KaxKb_FRdr-Ez2u3KGrj_OiYKStEVxrmpM9mvA68_06epjvlEAOgnX92rep4BOiMML-dqlU66zdrAPj4GkHphPemVVIjk-dBLD4hOEdsruva6DA_Hz6IQ99rzLiIJsgHfH12LcxSTohl170WeWRAY3G1sXWq1fh0ma1ltV_LS2x-l93-LrIPwh84Q4YBJ7omkeKypTTHNFDizgsklvnorViGK9uQ5gCCzICJsUuO8eBkkuaTuQUXC9Ey5GlRaXjPGciI_Co71edpbPKfTKUXVxra7pIgwsVBv83gJaP653z21JExDSlvBGLEbJGJKaSjoXFfwP-hZftBOdN38Zx-ELgTdXinbL69c84urIA_HKshUeJgKqdlQh1VTDp2td_9kRmwIbNmDWUDoj734f7wskyf6n5pO2&c=ded0de2e&v=3
Title: Far & WideUnique European Maps Show Rarely Considered Perspectives

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/personal-area/newsletter

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N1114924.1984505OUTBRAIN/B24157809.273390727;dc_trk_aid=467732981;dc_trk_cid=132378976;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?obOrigUrl=true
Title: Sponsored - IBM Test Watson Assistant at no charge for 90 days

Search URL Search Domain Scan URL

URL: https://r1.zemanta.com/rs/u1l8xdrk8ikg/b1_outbrainrtb/2198364/20349896/9ufVmDqZssVgT0elKansImxz-TrSh4ndTcUo6bhIUbndMQ0SsksDsWUXM6oFu0QCtuqpzo-shdNGpOba2xKtXS4l8abYh5AWt0rICdtCT5SLO7xj6XLSqxspVBJbM9AhuJ4MvbBI4g6R0TSTenE3M0d9l_swdSCyAvVTv2LJ-n3N2kLFC70NqNdf86pTAtZ8rcXqe_V_hQQ-GIQ_vCthW2v-zQIQdFDX6i4A1R0GwqfzSG9bm4NdeUsiEaOmSJF2Y1S4SxiOTdhmqixhQ1tL4ev3tIm3AqZ7YkwBbqJN7P4KW8tzzqYAuKRmJCqjmfnF_s1h5-cIKddFq1J54pWOMx_wYVZ_K1ACEJ9HvC3fWcQKuTYFRMUk7YW2xQPUbi8forXKL8bc_fbX0DiQUk6rGwpkY_TnLjOpydDqnjWHjQH1P75CigiIDbnV30UnMmh_BNCgg-o9U07OBecA9FzitRHJs7k4umU1Id4T5yFzLGou8LEAo9FUzLx-E9GTftRcptLSBpkCJuwa6cSpf_8GKZnjg85itSbLS-p9JqJjxx4SY_iDebtIpCY1upZ8PnYM0ZKwNI41w1C3_G0obb7iJ4Wp-kkzU7Qm/?obOrigUrl=true
Title: Sponsored - Z Today The Greatest Us Presidents Ranked. Guess Who Is No. 1

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N1114924.1984505OUTBRAIN/B23949736.273978972;dc_trk_aid=468341700;dc_trk_cid=130659695;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?obOrigUrl=true
Title: Sponsored - IBM Find out everything about Edge Computing

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N1114924.1984505OUTBRAIN/B23956329.275324424;dc_trk_aid=469504022;dc_trk_cid=130328955;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?obOrigUrl=true
Title: Sponsored - IBM Stay resilient in changing times with IBM IT Infrastructure. Learn more

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N1114924.1984505OUTBRAIN/B23949736.273978960;dc_trk_aid=468285806;dc_trk_cid=130659695;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?obOrigUrl=true
Title: IBM Why Edge Computing Needs Autonomous Management

Search URL Search Domain Scan URL

URL: https://www.clicktraceclick.com/384fba9c-30c4-4340-b643-28cce2fb4493?sectionid=$section_id$&sectionname=$section_name$&publisherid=$publisher_id$&publishername=$publisher_name$&adtitle=Mind+Blowing%3A+%231+Antivirus+Now+Free+For+Mac+Users.&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: My Antivirus Review Mind Blowing: #1 Antivirus Now Free For Mac Users.

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N1114924.1984505OUTBRAIN/B23979378.274646126;dc_trk_aid=469241019;dc_trk_cid=130542480;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?obOrigUrl=true
Title: IBM Learn how IBM’s ladder to AI helps you modernize all your data.

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/en/vikings/village_steps_m_prelp001?plid=150508&pxl=outbrain&PublisherID=002fa2e82f0f77c15981c0f0356104f496&placement=$publisher_name$_$section_id$&adpartnerset=0015b6ac32753a2d95616a5057fbb0d719&clickID=$ob_click_id$&obOrigUrl=true
Title: Vikings If You're Over 40 And Own A Computer, This Game Is A Must-Have!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/haaretzcom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/haaretzcom
Title: Twitter

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.opentech.haaretz
Title: Android

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/haaretz-english-edition/id504537897
Title: Apple

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.opentech.haaretz&hl=en
Title: Download App

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/
Title: הארץ

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/news
Title: חדשות

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/health/corona
Title: עדכוני קורונה

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/health/EXT-INTERACTIVE-1.8632229
Title: מעקב קורונה

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/gallery
Title: תרבות

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/food/passover-recipes
Title: מתכונים לפסח

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/family/MAGAZINE-1.8556370
Title: לוח חופשות 2020

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/news/weather/rainradar
Title: מכ"ם גשם

Search URL Search Domain Scan URL

URL: https://www.haaretz.co.il/news/weather/kinneret-level
Title: מפלס הכנרת

Search URL Search Domain Scan URL

URL: https://www.themarker.com/
Title: TheMarker

Search URL Search Domain Scan URL

URL: https://www.themarker.com/allnews
Title: חדשות

Search URL Search Domain Scan URL

URL: https://finance.themarker.com/
Title: שוק ההון

Search URL Search Domain Scan URL

URL: https://www.themarker.com/consumer
Title: צרכנות

Search URL Search Domain Scan URL

URL: https://www.themarker.com/realestate
Title: נדל"ן

Search URL Search Domain Scan URL

URL: https://finance.themarker.com/indices/142
Title: ת"א 35

Search URL Search Domain Scan URL

URL: https://finance.themarker.com/indices/164
Title: מדד תל אביב בנקים 5

Search URL Search Domain Scan URL

URL: https://finance.themarker.com/stock/629014
Title: מניית טבע

Search URL Search Domain Scan URL

URL: https://finance.themarker.com/stock/1082379
Title: מניית טאואר

Search URL Search Domain Scan URL

URL: https://haaretz.com/st/inter/Global/dailyedition-en/today/
Title: E-paper

Search URL Search Domain Scan URL

URL: https://promotions.haaretz.com/promotions-page/product?htm_source=site&htm_medium=pop_up&htm_campaign=Zen&htm_content=SUBSCRIBE
Title: SUBSCRIBE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.haaretz.com/israel-news/business/1.757670 HTTP 301
https://www.haaretz.com/israel-news/business/1.757670 HTTP 301
https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://route.carambo.la/inimage/getlayer?pid=hrtz22&did=112931&wid=3&rdn=540 HTTP 302
https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 221

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 225

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 347

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb&gdpr=1 HTTP 302
https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=e4449bd3-ac3e-048a-1491-bb7066afb354

345 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157 Show response
www.haaretz.com/israel-news/business/
Redirect Chain

http://www.haaretz.com/israel-news/business/1.757670
https://www.haaretz.com/israel-news/business/1.757670
https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

171 KB
41 KB

462ms
462ms

Document
text/html

151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy / Next.js

Resource Hash

4d8705acfdb69a5157626d06bc5235939a8aa2220d92b4993e7a7866696195ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.haaretz.com
:scheme: https
:path: /israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-powered-by: Next.js
etag: "2aa70-ICR041c2H2/2LufW4cwWw4lYgzA"
content-type: text/html; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 390
server: istio-envoy
accept-ranges: bytes
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4031-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1592455718.688863,VS0,VE404
vary: Accept-Encoding
z-paywalldebug: A123
z-actions-log: news article allowed, cookie was not unset,
z-ttl: 30m
z-block: false
z-surrogate-keys: www.haaretz.com article 1.5471157 hdcarticle
z-true-client-ip: 165.231.142.36
z-react-beckend: true
z-stale-enabled: true
z-fastly-info-state: MISS-CLUSTER
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
z-long-homepage-ttl: false
z-react-reason: hdcW
content-length: 41351

Redirect headers

status: 301
server: Apache-Coyote/1.1
location: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
expires: Thu, 18 Jun 2020 04:53:37 GMT
content-type: text/html;charset=utf-8
via: 1.1 google 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
date: Thu, 18 Jun 2020 04:48:37 GMT
age: 0
x-served-by: cache-hhn4031-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1592455718.617748,VS0,VE12
z-paywalldebug: A123
z-actions-log: news article allowed, cookie was not unset,
z-ttl: 30m
z-block: false
z-surrogate-keys: www.haaretz.com article 1.757670 hdcarticle
z-true-client-ip: 165.231.142.36
z-react-beckend: false
z-stale-enabled: true
z-fastly-info-state: MISS-CLUSTER
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
z-long-homepage-ttl: false
z-react-reason: hdcW hdcB
content-length: 4

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 180ms
65ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

d5f974c2623d51d49e843378cfa70837080400d3065175962b178a40bbb0255f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "546 / 842 of 1000 / last-modified: 1592405514"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14418
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:38 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
584 B 24ms
7ms Script
text/javascript 2a04:4e42::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&unknown=polyfill&features=fetch%2Csmoothscroll%2CObject.entries%2CArray.prototype.entries%2CIntersectionObserver%2CIntersectionObserverEntry%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.includes%2CFunction.prototype.name%2CArray.prototype.%40%40iterator%2Cdefault

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Origin: https://www.haaretz.com

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1310719
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jun 2020 23:53:31 GMT
date: Thu, 18 Jun 2020 04:48:38 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 article.js Show response
www.haaretz.com/_next/static/2.0.1392/pages/ 338 KB
70 KB 66ms
62ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/2.0.1392/pages/article.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

5c4086b9b0b702a5f521281d2381e7de494a308ff78649c2c3aa447a1bc3dc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233944
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160156,VS0,VE0
etag: W/"5474b-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 8
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 4
z-react-beckend: true
content-length: 71582
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com article.js
z-react-reason: W

GET
H2 200 _app.js Show response
www.haaretz.com/_next/static/2.0.1392/pages/ 197 KB
59 KB 66ms
63ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

227b90abf31eeb352a982a9da08788e1a5c3927de2450409c65e22afb43fff54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233975
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160132,VS0,VE0
etag: W/"313dd-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 2
z-react-beckend: true
content-length: 60124
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com _app.js
z-react-reason: W

GET
H2 200 101.6db36ab2b36a35bfd3de.js Show response
www.haaretz.com/_next/static/chunks/ 2 KB
1 KB 65ms
61ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/101.6db36ab2b36a35bfd3de.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

c537d3eff4e1eb6e66ae76698c323f80f5be4d9a04ffaa528092af6b5f55aa7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 132214
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160120,VS0,VE0
etag: W/"74c-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 4
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: true
x-cache: HIT
x-envoy-upstream-service-time: 9
z-react-beckend: true
content-length: 972
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com
z-react-reason: hdcW hdcB W

GET
H2 200 commons.41163e84303902e0184f.js Show response
www.haaretz.com/_next/static/chunks/ 248 KB
73 KB 64ms
61ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/commons.41163e84303902e0184f.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

2075df87956116b0df702a4761a8abca2fdda7099fdb563e4c6ab2024ae40441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233948
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160112,VS0,VE0
etag: W/"3df97-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 7
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 135
z-react-beckend: true
content-length: 74274
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com commons.41163e84303902e0184f.js
z-react-reason: W

GET
H2 200 c8f7fe3b0e41be846d5687592cf2018ff6e22687.c77c2481b84717bc5582.js Show response
www.haaretz.com/_next/static/chunks/ 122 KB
42 KB 63ms
60ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.c77c2481b84717bc5582.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f77b8f9e17513a3cd6f564eec68f68d579cba053df0f3de835551430abf31ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233948
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160262,VS0,VE0
etag: W/"1e77a-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 32
z-react-beckend: true
content-length: 42190
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com c8f7fe3b0e41be846d5687592cf2018ff6e22687.c77c2481b84717bc5582.js
z-react-reason: W

GET
H2 200 50.1111de01a9d8651cd913.js Show response
www.haaretz.com/_next/static/chunks/ 7 KB
3 KB 64ms
61ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/50.1111de01a9d8651cd913.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

4862fe7c48a3fe00691cbd3ac3ccfa0dabed2f9aa18edd5081dbf6eda5d2735f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 165439
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160260,VS0,VE0
etag: W/"1bf3-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 4
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 9
z-react-beckend: true
content-length: 2630
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 50.1111de01a9d8651cd913.js
z-react-reason: W

GET
H2 200 webpack-69f0b02ed810e3d2d819.js Show response
www.haaretz.com/_next/static/runtime/ 5 KB
3 KB 63ms
60ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

8b252fb865305597218482f0aac34b86c9eb587900288c8e3b8561da5abbbf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233975
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160247,VS0,VE0
etag: W/"1478-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 3
z-react-beckend: true
content-length: 3009
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com webpack-69f0b02ed810e3d2d819.js
z-react-reason: W

GET
H2 200 framework.bbfdfb74cdc398a0177e.js Show response
www.haaretz.com/_next/static/chunks/ 147 KB
45 KB 65ms
62ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/framework.bbfdfb74cdc398a0177e.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

1451b6661e09d490164e5ae0447a52175286d038179dd170294dbf0fa2197e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 694979
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160234,VS0,VE0
etag: W/"24d5d-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 4
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 10
z-react-beckend: true
content-length: 45720
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com framework.bbfdfb74cdc398a0177e.js
z-react-reason: W

GET
H2 200 ee90fdca8b35d5685e64d3b1f33a50a145ade9b4.3b385855b67449d4d9ed.js Show response
www.haaretz.com/_next/static/chunks/ 39 KB
11 KB 62ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/ee90fdca8b35d5685e64d3b1f33a50a145ade9b4.3b385855b67449d4d9ed.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

350221f3cd5aea684e6c48e5380122d3354a6881a032a7cdda362063daee4c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233948
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160339,VS0,VE0
etag: W/"9c16-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 3
z-react-beckend: true
content-length: 10828
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com ee90fdca8b35d5685e64d3b1f33a50a145ade9b4.3b385855b67449d4d9ed.js
z-react-reason: W

GET
H2 200 main-62f0317a0e2864ca0958.js Show response
www.haaretz.com/_next/static/runtime/ 16 KB
6 KB 61ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/runtime/main-62f0317a0e2864ca0958.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f946ac360422cd9dabd5c9eb00f58c522c3fcc0989d08e63791b7381075c186a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 14941
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.160332,VS0,VE0
etag: W/"4003-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 8
z-react-beckend: true
content-length: 5982
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com main-62f0317a0e2864ca0958.js
z-react-reason: W

GET
H2 200 22efcae6fa70f3a46defd37e82ea99ca9f299156.36ace6282c17dd274530.js Show response
www.haaretz.com/_next/static/chunks/ 56 KB
15 KB 148ms
145ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/22efcae6fa70f3a46defd37e82ea99ca9f299156.36ace6282c17dd274530.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

920188f1ec0ee54ea6717cfd0fe80c8d1d2097196e2f99f347da66c2c3d3445d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233948
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.194587,VS0,VE0
etag: W/"de25-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 133
z-react-beckend: true
content-length: 15324
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 22efcae6fa70f3a46defd37e82ea99ca9f299156.36ace6282c17dd274530.js
z-react-reason: W

GET
H2 200 06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js Show response
www.haaretz.com/_next/static/chunks/ 154 KB
46 KB 149ms
146ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

8c249da9e6f96572c33cd33bf9e95a5a9f4d0a015048206c7053002e34d34a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233949
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.194573,VS0,VE0
etag: W/"268b4-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 224
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 135
z-react-beckend: true
content-length: 46555
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js
z-react-reason: W

GET
H2 200 11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js Show response
www.haaretz.com/_next/static/chunks/ 318 KB
84 KB 148ms
146ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

feed02b6ccb7248e2f3cda5ac3527cdaf93851210c0515111d4c53a2d0e04cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233975
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.194553,VS0,VE0
etag: W/"4f7c8-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 5
z-react-beckend: true
content-length: 85538
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js
z-react-reason: W

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 10ms
10ms Script
application/x-javascript 2600:9000:2182:da00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:da00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 03:49:09 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 3568
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: FWvA2Vu_HC_8A8gPmyLkcsFjSUUBOGXcVOc7YcU2HEQ-NukORtJfMA==
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
expires: Thu, 18 Jun 2020 05:49:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: private
x-fb-debug: N0VM7pEFavSRjNCru5DnJt9ZQaVyiSPH5YsWmZsBUSDcNU4uBQxAgU6YbRknuGcBUdovysN5sZ/g3qqrLlfibA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 04:48:38 GMT, Thu, 18 Jun 2020 04:48:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1018316866.jpg
images.haarets.co.il/image/fetch/w_151,h_151,c_crop/q_auto,h_100,w_100,g_face,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.554434... 4 KB
4 KB 127ms
111ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/w_151,h_151,c_crop/q_auto,h_100,w_100,g_face,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.5544346!/image/1018316866.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3533006683b2b5070f4d8d9572869524c2016bd072551b100d3e099ece570672

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
age: 169599
x-cache: HIT
status: 200
z-surrogate-keys: 1018316866.jpg
server-timing: akam;dur=32;start=2020-04-23T10:00:28.570Z;total=233;desc=miss,rtt;dur=2
content-length: 3675
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Thu, 12 Mar 2020 11:07:31 GMT
server: cloudinary
x-timer: S1592455718.214420,VS0,VE0
etag: "d95e451ade1611034c1ffd036dfcb843"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 1018316866.jpg
images.haarets.co.il/image/fetch/w_2200,h_1468,c_crop/q_auto,h_488,w_840,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.5549872!/im... 25 KB
25 KB 285ms
269ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/w_2200,h_1468,c_crop/q_auto,h_488,w_840,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.5549872!/image/1018316866.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d16321e2a011fb65804ad9cd4637353039c504e922f8561b39e40f98cb040919

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200
content-disposition: inline; filename="1018316866.webp"
server-timing: akam;dur=33;start=2020-06-18T04:48:38.217Z;total=207;desc=miss,rtt;dur=0
content-length: 25446
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Fri, 29 May 2020 08:44:29 GMT
server: cloudinary
x-timer: S1592455718.214614,VS0,VE212
etag: "4bb83ec0a2c244bdbcdde895b84cd27b"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604783
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 1018316866.jpg
x-cache-hits: 0

GET
H2 200 1018316866.jpg
images.haarets.co.il/image/fetch/w_1928,h_1305,c_crop/q_auto,h_406,w_600,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.5666716!/im... 28 KB
28 KB 733ms
718ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/w_1928,h_1305,c_crop/q_auto,h_406,w_600,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.5666716!/image/1018316866.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0b9f13f039ff3899275809733d4bf0f9d12d0057e881b7a24b9d4a2ad2304a28

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
status: 200, 200 OK
content-disposition: inline; filename="1018316866.webp"
server-timing: akam;dur=32;start=2020-06-18T04:48:38.216Z;total=656;desc=miss,rtt;dur=0
content-length: 28674
x-request-id: ec5a892e3f64357410003088f029ddbd
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 01 Jan 2020 08:46:14 GMT
server: cloudinary
x-timer: S1592455718.214608,VS0,VE659
etag: "e5a349de985424e8b09b53b0df68779a"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604785
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 1018316866.jpg
x-cache-hits: 0

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 72 B
145 B 7ms
6ms Other
text/javascript 2a04:4e42::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Origin: https://www.haaretz.com

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1310719
detected-user-agent: Chrome/83.0.4103
status: 200
request_came_from_shield: FRA
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Mon, 01 Jun 2020 23:53:31 GMT
date: Thu, 18 Jun 2020 04:48:38 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 _buildManifest.js Show response
www.haaretz.com/_next/static/2.0.1392/ 714 B
839 B 115ms
114ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/2.0.1392/_buildManifest.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

fcd5c959e162a9b123c15fa2baaf70038e37b1c1cfece776dfe1b6490f82222c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233948
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.204562,VS0,VE0
etag: W/"2ca-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 3
z-react-beckend: true
content-length: 419
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com _buildManifest.js
z-react-reason: W

GET
H2 200 _ssgManifest.js Show response
www.haaretz.com/_next/static/2.0.1392/ 76 B
396 B 114ms
114ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/2.0.1392/_ssgManifest.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233944
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455718.204555,VS0,VE0
etag: W/"4c-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 5
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 2
z-react-beckend: true
content-length: 60
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log: cookie was not unset,
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com _ssgManifest.js
z-react-reason: W

GET
H2

200

Carambola_layer_152.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/
Redirect Chain

https://route.carambo.la/inimage/getlayer?pid=hrtz22&did=112931&wid=3&rdn=540
https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js

446 KB
113 KB

163ms
36ms

Script
text/javascript

152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70D) /
Resource Hash: 3840a78b86236fb2c48cde5f394f1ed3da21ed424c17742b9ab2f16ccf3badf4

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: gzip
age: 14051033
x-cache: HIT
status: 200
access-control-max-age: 3000
x-amz-request-id: 8AA1592B44350CA7
x-amz-id-2: YN/Qaz4Zjx+ibjdm/Uij8+O+Lp9wgRHX2WYThLGAEoPsf1J1mcQpiTSWpt8l4VEM6MP/qkF77RI=
last-modified: Tue, 07 Jan 2020 13:40:14 GMT
server: ECS (ska/F70D)
etag: "72b3633674ac17236c91a68764472f3d+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 114862

Redirect headers

Location: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Date: Thu, 18 Jun 2020 04:48:38 GMT
Server: nginx/1.14.1
Connection: keep-alive
X-Powered-By: Express
Content-Length: 0

GET
H2 200 merriweatherLatin-700.woff2
www.haaretz.com/static/fonts/ 18 KB
19 KB 111ms
110ms Font
font/woff2 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/static/fonts/merriweatherLatin-700.woff2

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Origin: https://www.haaretz.com

Response headers

age: 6147
x-dns-prefetch-control: off
status: 200
z-surrogate-keys: www.haaretz.com merriweatherLatin-700.woff2
x-served-by: cache-hhn4031-HHN
z-stale-enabled: false
x-timer: S1592455718.217058,VS0,VE0
etag: W/"49ec-172b7755eb0"
content-type: font/woff2
z-long-homepage-ttl: false
cache-control: max-age=315360000
z-ttl: 1d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
access-control-allow-origin: *
x-cache: HIT
x-envoy-upstream-service-time: 4
z-react-beckend: true
content-length: 18924
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:10:22 GMT
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-react-reason: W

GET
H2 200 merriweatherLatin-regular.woff2
www.haaretz.com/static/fonts/ 19 KB
19 KB 111ms
110ms Font
font/woff2 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/static/fonts/merriweatherLatin-regular.woff2

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Origin: https://www.haaretz.com

Response headers

age: 18996
x-dns-prefetch-control: off
status: 200
z-surrogate-keys: www.haaretz.com merriweatherLatin-regular.woff2
x-served-by: cache-hhn4031-HHN
z-stale-enabled: false
x-timer: S1592455718.217049,VS0,VE0
etag: W/"4b64-172b7755eb0"
content-type: font/woff2
z-long-homepage-ttl: false
cache-control: max-age=315360000
z-ttl: 1d
z-fastly-info-state: HIT
x-cache-hits: 4
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
access-control-allow-origin: *
x-cache: HIT
x-envoy-upstream-service-time: 2
z-react-beckend: true
content-length: 19300
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:10:22 GMT
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-react-reason: W

GET
H2 200 307252476589397 Show response
connect.facebook.net/signals/config/ 516 KB
129 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/307252476589397?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36b9910a69f1a56413d9a1d59f247e47f88a7e04926bf8328cc6d9816be749ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131771
x-xss-protection: 0
pragma: public
x-fb-debug: j+mci8zabVYAeTMCnfXt0cXVbmrmfgzQLJcroCWH1F4HqWeLXnEIZL/9zGTAFblKm8tbB2adxJfpFsvhtnRSZg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 18 Jun 2020 04:48:38 GMT, Thu, 18 Jun 2020 04:48:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 417ms
139ms Image
image/gif 18.213.129.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=haaretz.com&p=%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&u=Bnqn1v6FioGBV8mn8&d=haaretz.com&g=5952&g0=Business&g1=Reuters&n=1&f=00001&c=0&x=0&m=0&y=4145&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=940&t=DQ5cjYCIXZdcBstlam6UTlBBoXb2M&V=120&i=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs%20-%20Busi&tz=-120&sn=1&sv=Cj-CaDDtDALuCSpvwKBUHYySwmbYo&sd=2&im=067b0ff0&_
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.129.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-129-100.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 18 Jun 2020 04:48:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 f435b5c826579dcd093a0e9030741c9b4ab112e1.f86d7c10e3ea38f22310.js Show response
www.haaretz.com/_next/static/chunks/ 25 KB
8 KB 59ms
58ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/f435b5c826579dcd093a0e9030741c9b4ab112e1.f86d7c10e3ea38f22310.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

a5c060d9a604d88188d0f6e62b9bfd78c351c687611d5570cc94099a8e50e84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 233944
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.651122,VS0,VE0
etag: W/"6532-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 6
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 6
z-react-beckend: true
content-length: 7457
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com f435b5c826579dcd093a0e9030741c9b4ab112e1.f86d7c10e3ea38f22310.js
z-react-reason: hdcB W

GET
H2 200 39.a65412c55e7052a8315a.js Show response
www.haaretz.com/_next/static/chunks/ 2 KB
1 KB 59ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/39.a65412c55e7052a8315a.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

9a191717dd06de465dbb041cd47ee6a04f0f4e6104b2a0087c89b409b54872fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 140327
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.651105,VS0,VE0
etag: W/"783-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 179
z-react-beckend: true
content-length: 1024
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 39.a65412c55e7052a8315a.js
z-react-reason: W

GET
H2 200 42.4c47fb45d3c6c550d762.js Show response
www.haaretz.com/_next/static/chunks/ 408 B
875 B 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/42.4c47fb45d3c6c550d762.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

d7881b3432520bbbc60033c3c2fe7ca9783f78549c57b38a293d6a099a102ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.661766,VS0,VE0
etag: W/"198-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 170
z-react-beckend: true
content-length: 318
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 42.4c47fb45d3c6c550d762.js
z-react-reason: W

GET
H2 200 40.dddee3f143d886f8c017.js Show response
www.haaretz.com/_next/static/chunks/ 882 B
748 B 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/40.dddee3f143d886f8c017.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

b573582db2fab969ab15b18c74182ebb1aca1200eeb157b91b9ae27054cf9ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 1180972
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.702900,VS0,VE0
etag: W/"372-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 8
z-react-beckend: true
content-length: 521
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 40.dddee3f143d886f8c017.js
z-react-reason: W

GET
H2 200 44.72344f13fd9154f3d7a9.js Show response
www.haaretz.com/_next/static/chunks/ 2 KB
1 KB 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/44.72344f13fd9154f3d7a9.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

aa9d4e3162468c549e26e0193fa02d0cb146958c2b9757fa8bc265d55fb90059

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 707515
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.775290,VS0,VE0
etag: W/"6c1-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 5
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 7
z-react-beckend: true
content-length: 887
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 44.72344f13fd9154f3d7a9.js
z-react-reason: W

GET
H2 200 37.3f9189011bd1827717b5.js Show response
www.haaretz.com/_next/static/chunks/ 185 B
394 B 58ms
58ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/37.3f9189011bd1827717b5.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

efa646d87a5648985968cfc1244520f80010a749fe42a0a549c616746e29cd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.779753,VS0,VE0
etag: W/"b9-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 9
z-react-beckend: true
content-length: 177
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 37.3f9189011bd1827717b5.js
z-react-reason: W

GET
H2 200 79.7483aa8fde71ba4e18aa.js Show response
www.haaretz.com/_next/static/chunks/ 1 KB
1 KB 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/79.7483aa8fde71ba4e18aa.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

9405296f4f8962003dfa2c0aaad3348f0cf9d4fdb0f1708c4fa6a54f1217df60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 12736
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.813614,VS0,VE0
etag: W/"4c3-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 167
z-react-beckend: true
content-length: 689
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 79.7483aa8fde71ba4e18aa.js
z-react-reason: W

GET
H2 200 103.65c69d6e2b153a8a4208.js Show response
www.haaretz.com/_next/static/chunks/ 370 B
518 B 58ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/103.65c69d6e2b153a8a4208.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

15801586e277201ab150bc28903534886003b953c9f757a703b277926b78a0ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 2272
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.833841,VS0,VE0
etag: W/"172-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 127
z-react-beckend: true
content-length: 292
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 103.65c69d6e2b153a8a4208.js
z-react-reason: W

GET
H2 200 100.ec1a8e264d0b12150788.js Show response
www.haaretz.com/_next/static/chunks/ 2 KB
1 KB 60ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/100.ec1a8e264d0b12150788.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

7efa33f19ec1deacf3225351934a7c05ef46a37e35dca1011a77fce1486f24ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.835105,VS0,VE0
etag: W/"7f7-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 6
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 4
z-react-beckend: true
content-length: 1004
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 100.ec1a8e264d0b12150788.js
z-react-reason: W

GET
H2 200 104.24754d89c18e18e51152.js Show response
www.haaretz.com/_next/static/chunks/ 4 KB
2 KB 59ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/104.24754d89c18e18e51152.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

8247d895072ab59c1923f9e644edc5dbc72e39530268458362e22e357e179163

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.835087,VS0,VE0
etag: W/"115e-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:38 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 72
z-react-beckend: true
content-length: 1653
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 104.24754d89c18e18e51152.js
z-react-reason: W

GET
H2 200 / Show response
graphql.haaretz.com/ 4 KB
4 KB 58ms
57ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=NavMenu&variables=%7B%22input%22%3A%7B%22listId%22%3A%227.9797663%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22102dce74b35aa2040cb49e35fa8e24d721253fe86d039e8f60f32fb002458ed3%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 0a48eb407e2c1d9d5b876c29b15b03d84e5eeabca6ec8bff13682c793896f0cf

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 2867
x-powered-by: Express
x-cache: HIT
status: 200
x-envoy-upstream-service-time: 32
z-surrogate-keys: graphql.haaretz.com
content-length: 4003
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"fa3-7BNxeDlPbz/rR3lHclOvgYf55YQ"
x-timer: S1592455719.054345,VS0,VE0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_k8s
accept-ranges: bytes
z-ttl: 3m
x-cache-hits: 10

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 134 KB
45 KB 201ms
67ms Script
application/x-javascript 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5d297fb22336630fd42f7a7bb883542ddb70cba5ec6a616ab3e3d415ff5cc33

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:38 GMT
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 08:04:06 GMT
status: 200
etag: W/"2161f-TyrWfkg28gOVnQ0g0Ohxe1xWN6c"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 45734
expires: Thu, 18 Jun 2020 08:48:38 GMT

GET
H2 200 / Show response
graphql.haaretz.com/ 2 KB
3 KB 851ms
851ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=ArticleGallery&variables=%7B%22input%22%3A%7B%22path%22%3A%22%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2280484251297e0f710a78d4c5e034c2a98c5cee114102614fbde87a39ec7dce83%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: e4a3daeb79eff861f0d34004141bf81fcd545d2a52748824d5f3692a5fd94377

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 785
z-surrogate-keys: graphql.haaretz.com article 1.5471157
content-length: 2437
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"985-xW6M9EvRuJha4UjXZ2VpvnARc4M"
x-timer: S1592455719.060599,VS0,VE794
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-ttl: 10m
x-cache-hits: 0

GET
H2 200 / Show response
graphql.haaretz.com/ 7 KB
7 KB 58ms
57ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=FooterQuery&variables=%7B%22input%22%3A%7B%22listId%22%3A%227.4419300%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2289c301892192b4f52e83af78682a87e33a1e1a5db59408f2745b868ddb5faee3%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: ae7564e17248018359e0bb6684505613cfc1e5c0d98c8a97185d2a4d065516a6

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 2784
x-powered-by: Express
x-cache: HIT
status: 200
x-envoy-upstream-service-time: 33
z-surrogate-keys: graphql.haaretz.com
content-length: 7514
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"1d5a-Hsuak5/O45g9AvdjTD7z8sEUMy4"
x-timer: S1592455719.054325,VS0,VE0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_k8s
accept-ranges: bytes
z-ttl: 3m
x-cache-hits: 11

GET
H2 200 / Show response
graphql.haaretz.com/ 209 B
371 B 282ms
282ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=ArticleBIContent&variables=%7B%22input%22%3A%7B%22path%22%3A%221.5471157%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%222edade52866d3c1e469cf589a2f16a8bff8f8c6967d1fe5e3c0a879f0afc0c81%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 905173c5c4a42972ca5449622d03c00ff9c288c835a85a358f47c8f170fe8104

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 215
z-surrogate-keys: graphql.haaretz.com article 1.5471157
content-length: 209
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"d1-fUDVYM8ujwG8pAEOWhij54SE898"
x-timer: S1592455719.054825,VS0,VE225
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-ttl: 60m
x-cache-hits: 0

GET
H2 200 13703da9-e7b3-4c6d-be0e-bc9961f232c7.js Show response
cdn.cookielaw.org/consent/ 86 KB
19 KB 32ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/13703da9-e7b3-4c6d-be0e-bc9961f232c7.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F81) /
Resource Hash: 1340f0ba929f963691ce7cebaacb86ec87c7bc58efe5701355797b5cc02ea6a0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Jun 2020 04:48:38 GMT
content-encoding: gzip
content-md5: l+q7k05IFST/Ok9syVvaNw==
age: 2897
x-cache: HIT
status: 200
content-length: 18577
x-ms-lease-status: unlocked
last-modified: Mon, 03 Feb 2020 13:21:51 GMT
server: ECAcc (frc/8F81)
etag: 0x8D7A8AC07EBC80F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5923c090-e01e-00b9-7624-453be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 18 Jun 2020 08:48:38 GMT

GET
H2 200 / Show response
graph.facebook.com/ 135 B
541 B 62ms
49ms Fetch
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&fields=og_object{engagement}

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bac6e0bb3ec3d989a2e0f984ae6f5863c68d0e393c0209dbe953482290c4270

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "c7734cb550a635427bbae38c113e064ba19797c7"
status: 200
x-fb-rev: 1002261326
alt-svc: h3-27=":443"; ma=3600
content-length: 135
pragma: no-cache
x-fb-debug: STjy6OytbcYiprJkL80J8IoPOMdYivIzCHxa+NPQBWMr2/F25f3Ft/Scmy3Ed4tYn1LRu2Gb5//wEn8Xexp+9Q==
x-fb-trace-id: HAMhPadkoj7
date: Thu, 18 Jun 2020 04:48:38 GMT, Thu, 18 Jun 2020 04:48:38 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: APnAuJmfmLHljj1iJajuzQB
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 275ms
64ms Script
application/javascript 212.71.236.31
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.71.236.31 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-212-71-236-31.london.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:47:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jul 2015 00:00:00 GMT
Server: nginx/1.12.2
ETag: "55a5a280-560"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: close
Content-Length: 1376
Expires: Thu, 18 Jun 2020 05:47:35 GMT

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 610 KB
183 KB 261ms
69ms Script
text/javascript 185.3.92.12
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.3.92.12 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

nb-185-3-92-12.london.nodebalancer.linode.com

Software

nginx/1.12.2 / PHP/7.3.11

Resource Hash

89c1b41fe260643302623f450f90ae31546e83c029190ce49097bca678d21596

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:59:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 01 Jan 2015 00:00:00 GMT
Server: nginx/1.12.2
X-Powered-By: PHP/7.3.11
ETag: e7f996f296025ecb0cd544d5f9f266c0
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
X-XSS-Protection: 0
Expires: Thu, 18 Jun 2020 05:59:03 GMT

GET
H2 200 38.ad615af3c7a68257669a.js Show response
www.haaretz.com/_next/static/chunks/ 185 B
799 B 59ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/38.ad615af3c7a68257669a.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

af6ab56e9b3003a09b75e74cbff1304c5d0a7e70e07860623a0b17b3a1a9b88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.010374,VS0,VE0
etag: W/"b9-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 3
z-react-beckend: true
content-length: 175
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 38.ad615af3c7a68257669a.js
z-react-reason: W

GET
H2 200 19.c52952925a991d96e406.js Show response
www.haaretz.com/_next/static/chunks/ 2 KB
2 KB 58ms
58ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/19.c52952925a991d96e406.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6be22cd86ae587ea881df5973ebc3a3481bf903bd4f5c6e5081aa2bf3e147a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.030250,VS0,VE0
etag: W/"791-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 5
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 5
z-react-beckend: true
content-length: 1015
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 19.c52952925a991d96e406.js
z-react-reason: W

GET
H2 200 108.25bc42a3a5f433287752.js Show response
www.haaretz.com/_next/static/chunks/ 3 KB
2 KB 60ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/108.25bc42a3a5f433287752.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

6d6c743dcaafd45515209c74458abd727693241269fa5d8a5e8b31c3c8017f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 19195
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.054879,VS0,VE0
etag: W/"af7-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 2
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 2
z-react-beckend: true
content-length: 1231
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 108.25bc42a3a5f433287752.js
z-react-reason: W

GET
H2 200 35.f72cff76c672cde1f9f8.js Show response
www.haaretz.com/_next/static/chunks/ 3 KB
2 KB 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/35.f72cff76c672cde1f9f8.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

d82cded3fc6861d71dbbd9715dbdbefeb0aae77d96ef441c1cb1ddaf5aa8adcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 1180946
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.058115,VS0,VE0
etag: W/"bf5-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 8
z-react-beckend: true
content-length: 1347
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 35.f72cff76c672cde1f9f8.js
z-react-reason: W

GET
H2 200 p.gif
www.haaretz.com/logger/ 43 B
349 B 69ms
69ms Image
image/gif 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.haaretz.com/logger/p.gif?a=1.5471157&d=/2.12984/2.14138/2.14183&referrer=
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 google, 1.1 varnish
z-true-client-ip: 165.231.142.36
x-cache: MISS
status: 200
z-stale-enabled: false
z-ttl: 0s
z-surrogate-keys: www.haaretz.com p.gif
content-length: 43
x-served-by: cache-hhn4031-HHN
server: Apache
z-block: true
z-actions-log: cache disabled , return(pass) ,
z-paywalldebug: A
z-react-beckend: false
x-cache-hits: 0
content-type: image/gif
z-long-homepage-ttl: false
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_all_www_sites
cache-control: no-cache
accept-ranges: bytes
x-timer: S1592455719.095240,VS0,VE12
z-react-reason: hdcW B
z-fastly-info-state: PASS
expires: Mon, 04 Jan 1999 00:00:01 GMT

GET
H2 200 / Show response
graphql.haaretz.com/ 891 B
1 KB 186ms
186ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=GetNotificationData&variables=%7B%22userId%22%3A%2215924557188653858%22%2C%22pageInput%22%3A%7B%22path%22%3A%22%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157%22%2C%22isBlock%22%3Afalse%2C%22isExploded%22%3Afalse%7D%2C%22email%22%3A%22%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22540de3822b9bb646bce594e73dc2e26686865639e3034791294dcb07efd17df4%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 2df2c717d14b1a6ab790e4aefdcc6534a445738d5af1691d2af643049cbf894a

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 119
z-surrogate-keys: graphql.haaretz.com article 1.5471157
content-length: 891
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"37b-jAlPIDgwroRTCG7vkvh+A74/cLc"
x-timer: S1592455719.191816,VS0,VE129
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-ttl: 0m
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
364 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=307252476589397&ev=PageView&dl=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&rl=&if=false&ts=1592455719158&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1592455719157.2001411985&it=1592455718284&coo=false&rqm=GET

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT, Thu, 18 Jun 2020 04:48:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 04:48:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 19ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=307252476589397&ev=ViewContent&dl=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&rl=&if=false&ts=1592455719160&cd[article_id]=1.5471157&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1592455719157.2001411985&it=1592455718284&coo=false&rqm=GET

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT, Thu, 18 Jun 2020 04:48:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 18 Jun 2020 04:48:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.ee/adsid/ 109 B
169 B 18ms
18ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ee/adsid/integrator.js?domain=www.haaretz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 19ms
19ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.haaretz.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020061205.js Show response
securepubads.g.doubleclick.net/gpt/ 246 KB
88 KB 63ms
63ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

f8a71c83692923b567fcfc765b779f079d6eb1c421853fa4a0fc0fc8efcae164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jun 2020 18:39:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89797
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 541
date: Thu, 18 Jun 2020 04:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 18 Jun 2020 06:39:38 GMT

GET
H2 200 / Show response
graphql.haaretz.com/ 8 KB
8 KB 607ms
607ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=MichelleQuery&variables=%7B%22input%22%3A%7B%22listId%22%3A%227.9804649%22%2C%22history%22%3A%5B%5D%2C%22section%22%3A%22%2Fisrael-news%2Fbusiness%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22be026b17e34ef08a1ee94869580f9d4e910aa1fa9f4bc07f2d1cc8202f60e85f%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: b3931b8a613d97a0e7b9e4c4c4ed70584230185f04aeb52a87f712f30a48d8bb

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: HIT
status: 200
x-envoy-upstream-service-time: 85
z-surrogate-keys: graphql.haaretz.com
content-length: 8102
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"1fa6-hXTcvpRpIxU9sIVjMLz99Ic3M6s"
x-timer: S1592455719.371131,VS0,VE550
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-ttl: 3m
x-cache-hits: 1

GET
H2 200 0e61faf0.3dd7ad7421b9d433c9ba.js Show response
www.haaretz.com/_next/static/chunks/ 392 KB
95 KB 60ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/0e61faf0.3dd7ad7421b9d433c9ba.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

43d925b0960bd6e5491c8fb76fc34ee8f202168f6d9642999ba1af7c21920e28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 1119056
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.310925,VS0,VE0
etag: W/"621be-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 5
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 8
z-react-beckend: true
content-length: 96148
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 0e61faf0.3dd7ad7421b9d433c9ba.js
z-react-reason: W

GET
H2 200 102.b1a74b6bdc622f09fdda.js Show response
www.haaretz.com/_next/static/chunks/ 3 KB
2 KB 59ms
59ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/102.b1a74b6bdc622f09fdda.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

08863160873ab8b92eb9bd61a35d62edcb6dcb9a3ce9e23e0efd854402151f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63419
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.310905,VS0,VE0
etag: W/"d6d-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 13
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 4
z-react-beckend: true
content-length: 1410
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 102.b1a74b6bdc622f09fdda.js
z-react-reason: W

GET
H2 200 / Show response
graphql.haaretz.com/ 4 KB
5 KB 102ms
101ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=ZoidbergQuery&variables=%7B%22input%22%3A%7B%22listId%22%3A%227.10481715%22%2C%22history%22%3A%5B%5D%2C%22section%22%3A%22%2Fisrael-news%2Fbusiness%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%227c1c2fc06f67c896f313f3298e1c309d779317811cd777fca4f0cf7229a7c601%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 49e842389b7013af5fea301f51a71011dcb15786fb38a3ea7618e9cdc204e456

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 35
z-ttl: 3m
z-surrogate-keys: graphql.haaretz.com
content-length: 4584
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"11e8-TDxHc9io5mdmrk9/V/cOEq77c7s"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
cache-control: max-age=120
accept-ranges: bytes
x-timer: S1592455719.379420,VS0,VE45
x-cache-hits: 0

GET
H2 200 optanon.css
cdn.cookielaw.org/skins/5.11.0/default_flat_bottom_two_button_black/v2/css/ 23 KB
6 KB 7ms
7ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/skins/5.11.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/13703da9-e7b3-4c6d-be0e-bc9961f232c7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAA) /
Resource Hash: 3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: gzip
content-md5: TmOjN+hiJ4xElZwDkjvdgQ==
age: 3647
x-cache: HIT
status: 200
content-length: 5553
x-ms-lease-status: unlocked
last-modified: Fri, 17 Jan 2020 01:57:40 GMT
server: ECAcc (frc/8FAA)
etag: 0x8D79AF0A2A27608
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 04065fe6-d01e-00ba-0823-4538ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 18 Jun 2020 08:48:39 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 19ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/13703da9-e7b3-4c6d-be0e-bc9961f232c7.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Origin: https://www.haaretz.com

Response headers

Date: Thu, 18 Jun 2020 04:48:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1592455719.dop143.fr8.t,1592455719.cds120.fr8.shc,1592455719.cds120.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 obtp.js Show response
amplify.outbrain.com/cp/ 6 KB
3 KB 68ms
67ms Script
application/x-javascript 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 10:37:32 GMT
server: AkamaiNetStorage
etag: "d96c66d3880781fb37c90849587edaa0:1587983852.14205"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1200
accept-ranges: bytes
content-length: 2563
expires: Thu, 18 Jun 2020 05:08:39 GMT

GET
H2 200 109.832534a3f8e780264557.js Show response
www.haaretz.com/_next/static/chunks/ 1 KB
1 KB 58ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/109.832534a3f8e780264557.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

d350ea638fda9c9c90cf40b88d7b2b16893e702cc84147f3c2abb8b0ef6d562b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 618353
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455719.450494,VS0,VE0
etag: W/"487-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 4
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 6
z-react-beckend: true
content-length: 574
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 109.832534a3f8e780264557.js
z-react-reason: W

GET
H2 200 / Show response
graphql.haaretz.com/ 660 B
840 B 304ms
303ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=PaywallQuery&variables=%7B%22input%22%3A%7B%22referrer%22%3A%22direct%22%2C%22referrerUrl%22%3A%22https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157%22%2C%22userType%22%3A%22anonymous%22%2C%22hasMail%22%3Afalse%2C%22isValidated%22%3Afalse%2C%22showArticleMode%22%3Atrue%2C%22userId%22%3A%2215924557188653858%22%2C%22useragent%22%3A%22desktop%22%2C%22articleCount%22%3A2%2C%22sessionCount%22%3A1%2C%22sessionTwitter%22%3A0%2C%22externalId%22%3A%22HDC.Paywall.Super.Container%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a3e3102a017f34883ec5eb13850b241b08464991627e44b0aa6a87bb74dd0e81%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 7336043bf2643aabdccadd79b9df3a74ae30abf115b58ce353d2afdfdd6d0fdc

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 236
z-surrogate-keys: graphql.haaretz.com article 1.5471157
content-length: 660
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"294-7mXen6jqcYTlHC7cxJ6dPjlVVuI"
x-timer: S1592455720.526745,VS0,VE247
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-ttl: 10m
x-cache-hits: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 510ms
128ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1592455719445&sessionId=79a14def-f629-2afd-d880-103d50a7d41a&url=www.haaretz.com&cheqSource=1&cheqEvent=0&exitReason=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:39 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 8782879d356313dee68f31ee34afe0cf
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 50 KB
18 KB 418ms
303ms Script
text/x-json 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.haaretz.com%2F1.5471157&idx=0&rand=29673&key=NANOWDGT01&widgetJSId=AR_16&va=true&et=true&format=html&lsd=34661d07-5d76-40f1-ae93-bfbfe9b1466f&lsdt=1592455386852&pdobuid=-1&adblck=false&px=189&py=4313&vpd=3113&settings=true&recs=true&version=200021&sig=TQG8UAcK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&secured=true&cmpStat=0&ccpaStat=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8465f252205769729175fa28ba66ed0555d4a6824d37fe5ad180a0deda1ff813

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: 81c9c5596314939df8e6b500886537bb
content-length: 17787
x-served-by: cache-lga21960-LGA, cache-hhn4064-HHN
pragma: no-cache
x-timer: S1592455720.593481,VS0,VE246
date: Thu, 18 Jun 2020 04:48:39 GMT
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.117.60
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
531 B 169ms
57ms Image
image/x-icon 172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:15:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1989
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 19 Jun 2020 04:15:30 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 545
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Thu, 18 Jun 2020 05:39:34 GMT

GET
H2 200 73.d110dd328b9b652620b1.js Show response
www.haaretz.com/_next/static/chunks/ 1 KB
1 KB 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/73.d110dd328b9b652620b1.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

458398215180e8e71790df9da6beabc3a5bb5550737908b7b00c6f1a9a666569

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 63420
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455720.554335,VS0,VE0
etag: W/"5c4-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 4
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 5
z-react-beckend: true
content-length: 765
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 73.d110dd328b9b652620b1.js
z-react-reason: hdcB W

GET
H2 200 / Show response
graphql.haaretz.com/ 796 B
969 B 74ms
73ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=BIRequestArticleData&variables=%7B%22input%22%3A%7B%22path%22%3A%221.5471157%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22ebdc55235773abc10563fdf82eb51ef56c2ac7e8db0ca9befba96d8d4f011cd7%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 93eb1f2a1cd8ad8be460ec5b04ebde72557d37cde15583158fab4ea4a03a7bba

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
age: 0
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 6
z-surrogate-keys: graphql.haaretz.com article 1.5471157
content-length: 796
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"31c-LTr8z2njEjQ+/5XS877yDSUmZPU"
x-timer: S1592455720.641063,VS0,VE16
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-ttl: 60m
x-cache-hits: 0

GET
H2 200 EU Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/ 32 B
404 B 35ms
21ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/countries/EU?callback=jQuery331008468501953542673_1592455719548&_=1592455719549

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5a5261174a1ac27c-FRA
content-length: 32
cf-request-id: 03675b02900000c27c5e219200000001

GET
H/1.1 200
OK pixel
tr.outbrain.com/ 43 B
275 B 533ms
135ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/pixel?marketerId=0082f5489b562b2a396b965a1fd7391478&obApiVersion=1.1&obtpVersion=1.1.9&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&optOut=false&bust=04455432212511845
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:40 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: dcf50aad4dea889375eb004d051fc4e3
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 515ms
128ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=0082f5489b562b2a396b965a1fd7391478&dl=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&bust=08995971092539945
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:40 GMT
Cache-Control: no-cache
X-TraceId: a5e157ec80684e14dd00b8295820ec48
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 87.45b8b4c652a0e0176041.js Show response
www.haaretz.com/_next/static/chunks/ 3 KB
2 KB 57ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/87.45b8b4c652a0e0176041.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

e160655a267af232adec3ff662219b79f592efb2bf4ade368014e2a856039c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 621392
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455720.622196,VS0,VE0
etag: W/"a2a-1727ee9a1a0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 8204
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 47
z-react-beckend: true
content-length: 1250
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2020 10:39:00 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 87.45b8b4c652a0e0176041.js
z-react-reason: hdcB W

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 267ms
267ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.side.halfpage.2%2Chaaretz.com.side.halfpage.2_section%2Chaaretz.com.side.halfpage.2_section.israel-news%2Chaaretz.com.side.halfpage.2_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719643&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4069813643&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=644&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

293e080bd899e7b00cac75296c29fbc81d9ddf60ac95f02fda2e6197110560de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10176
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 58ms
13ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
23 KB 485ms
484ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.box.article%2Chaaretz.com.box.article_section%2Chaaretz.com.box.article_section.israel-news%2Chaaretz.com.box.article_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719660&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=1104&adys=172&adks=1014319642&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=4&ohw=300&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

7ff2f8adcacfcdeac7f393d200e842aa7e615be067064de5b8d37192d09ac92d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12238760472891823335/vk_300x250_p.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12238760472891823335/vk_300x250_p.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMqvhOzHiuoCFc3JuwgdFwECaQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12238760472891823335/vk_300x250_p.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12238760472891823335/vk_300x250_p.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12238760472891823335/vk_300x250_p.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMqvhOzHiuoCFc3JuwgdFwECaQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/12238760472891823335/vk_300x250_p.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23212
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 18 Jun 2020 04:48:40 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 558 B
460 B 472ms
471ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.side.native.1%2Chaaretz.com.side.native.1_section%2Chaaretz.com.side.native.1_section.israel-news%2Chaaretz.com.side.native.1_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=124x93&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719667&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=1192&adys=969&adks=142843504&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x607&msz=300x92&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=516&ohw=300&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

a7f01be574397d6f922870240ea5a6aba32406be47f25197670c14e7abdbd3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
23 KB 651ms
651ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.inread.1.desktop%2Chaaretz.com.inread.1.desktop_section%2Chaaretz.com.inread.1.desktop_section.israel-news%2Chaaretz.com.inread.1.desktop_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C336x280%7C1x1%7C300x150%7C543x305&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719674&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=560&adys=2353&adks=1503241795&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=592x285&msz=592x285&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=4&ohw=592&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

835f0da40824dcc8d02665867042497faff7ad7acae43b3e349d35f6e474f012

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9541225699929985954/vk_336x280_p.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9541225699929985954/vk_336x280_p.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COijkuzHiuoCFSzFuwgd6eMNLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9541225699929985954/vk_336x280_p.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9541225699929985954/vk_336x280_p.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9541225699929985954/vk_336x280_p.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COijkuzHiuoCFSzFuwgd6eMNLA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9541225699929985954/vk_336x280_p.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23222
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 18 Jun 2020 04:48:40 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 793ms
793ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.inread.2.desktop%2Chaaretz.com.inread.2.desktop_section%2Chaaretz.com.inread.2.desktop_section.israel-news%2Chaaretz.com.inread.2.desktop_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C336x280%7C1x1%7C480x300%7C300x150%7C543x305&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719682&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=560&adys=3177&adks=1412205796&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=592x285&msz=592x285&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=4&ohw=592&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

bdb16aa91e58c65e619a4a53b321af7df4de48b560a9a94ee0d11ceb9571afa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10190
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 975ms
975ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.inread.3.desktop%2Chaaretz.com.inread.3.desktop_section%2Chaaretz.com.inread.3.desktop_section.israel-news%2Chaaretz.com.inread.3.desktop_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C336x280%7C300x150%7C543x305%7C1x1&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719689&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=560&adys=3994&adks=2125064997&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=592x285&msz=592x285&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=4&ohw=592&btvi=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

4334fd0173b224cb6e28ca4f1a8661b50e579532cf724b510ad450ee7c47c813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10191
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 605 B
418 B 1018ms
1017ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.article.textlink.desktop%2Chaaretz.com.article.textlink.desktop_section%2Chaaretz.com.article.textlink.desktop_section.israel-news%2Chaaretz.com.article.textlink.desktop_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=468x61&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719695&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=476&adys=5133&adks=1691674026&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=592x61&msz=592x61&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=4&ohw=592&btvi=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

ed006d9967fc2454d3804a4c71e1498095275129a0998e3f50afbe6fe7e63b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 1284ms
1283ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.side.halfpage.1%2Chaaretz.com.side.halfpage.1_section%2Chaaretz.com.side.halfpage.1_section.israel-news%2Chaaretz.com.side.halfpage.1_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x600&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719700&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2156168271&ucis=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=644&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

2cb2aba030993556fbf057c0f104fbbccc0ab2ab27f9ad67f88af32ac04e9082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10266
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
10 KB 1431ms
1431ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2775205318892354&correlator=2072749667315314&output=ldjh&impl=fif&adsid=NT&eid=21065975%2C21066170&vrg=2020061205&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.billboard.desktop%2Chaaretz.com.billboard.desktop_section%2Chaaretz.com.billboard.desktop_section.israel-news%2Chaaretz.com.billboard.desktop_section.israel-news.business&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C970x90%7C970x250%7C3x3%7C1200x330&cust_params=anonymousIdKey%3D15924557188653858%26pageType%3D%26country%3DSE%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26section%3Disrael-news%26sub_section%3Dbusiness%26articleId%3D1.5471157&cookie_enabled=1&bc=31&abxe=1&lmt=1592455719&dt=1592455719706&dlt=1592455718123&idt=1477&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=116&adks=3466645787&ucis=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=68&icsg=4278423081975804&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1263x125&msz=1263x90&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&fws=4&ohw=1263&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

47eef045ba619547d0692134b7e356daa98327ff00895ba2aac4f6d928086b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10291
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 impression Show response
ms-apps.haaretz.com/ds/ 83 B
142 B 289ms
288ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-apps.haaretz.com/ds/impression
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5702ba1437cdf0f12224d39756360b68a4f61df3a2a0a29014833d2cd117f07

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
x-cache: MISS
status: 200
z-surrogate-keys: ms-apps.haaretz.com
z-actions-log
x-served-by: cache-hhn4074-HHN
server: nginx
z-block: false
x-timer: S1592455720.901304,VS0,VE232
z-paywalldebug: A123
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_192_118_72_60
accept-ranges: bytes
z-ttl: 0s
x-cache-hits: 0

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 690ms
177ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:28 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 403 d0a6e0916568218637123dfe819f835c_04440f259b1a8ee1bd4ab7ea0c3ebb79a87ee810_incontent_unified_3.json Show response
inimage.carambo.la/1/hrtz22/112931/ 243 B
546 B 269ms
154ms XHR
application/xml 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://inimage.carambo.la/1/hrtz22/112931/d0a6e0916568218637123dfe819f835c_04440f259b1a8ee1bd4ab7ea0c3ebb79a87ee810_incontent_unified_3.json
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b53cef3ae1fb85e8d51a05610cf840918a11d4ffb20e8acdb5e0790ee3fa1740

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
server: AmazonS3
x-amz-request-id: 4FACE3D469BCCFCA
status: 403
etag: "61e6137ea72721e7346e097a6ca794f5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/xml
access-control-allow-origin: *
access-control-max-age: 3000
x-amz-id-2: A/1AUs2pI1Q0gj6UrqiF2DIAI1Q60jTqL+/0T/wscJkvK/dDe7brYxtUTM2xywIk8UTkHcB0t8M=

GET
H2 200 4102053482.jpg
images.haarets.co.il/image/fetch/x_6,y_139,w_794,h_461,c_crop/q_auto,h_154,w_265,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.892... 10 KB
11 KB 61ms
60ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_6,y_139,w_794,h_461,c_crop/q_auto,h_154,w_265,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8928013!/image/4102053482.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d2c170a443fcb463380db444497672e06a028f59b57c8647afb2d84764f9cc6a

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
age: 12518
x-cache: HIT
status: 200
z-surrogate-keys: 4102053482.jpg
server-timing: akam;dur=15;start=2020-06-18T01:20:01.466Z;total=19;desc=miss,rtt;dur=0
content-length: 10705
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 13:32:53 GMT
server: cloudinary
x-timer: S1592455720.815002,VS0,VE0
etag: "9e0db03621a7136ebf2a4f19c56d5f45"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=562438
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 2459210662.jpg
images.haarets.co.il/image/fetch/x_10,y_516,w_1190,h_895,c_crop/q_auto,h_204,w_265,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8... 7 KB
7 KB 61ms
61ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_10,y_516,w_1190,h_895,c_crop/q_auto,h_204,w_265,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8927791!/image/2459210662.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e00fb320c35289f10977a6cd0e79c083abf214a4a7d69e9f1fe20b650a9cf2ae

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
age: 33914
x-cache: HIT
status: 200
content-disposition: inline; filename="2459210662.webp"
server-timing: akam;dur=53;start=2020-06-17T19:23:25.215Z;total=155;desc=miss,rtt;dur=0
content-length: 6676
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 19:22:48 GMT
server: cloudinary
x-timer: S1592455720.815001,VS0,VE0
etag: "a7f9667fc1b6ce0419082f79d960189a"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 2459210662.jpg
x-cache-hits: 1

GET
H2 200 1892338807.png
images.haarets.co.il/image/fetch/x_65,y_18,w_1065,h_799,c_crop/q_auto,h_204,w_265,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.89... 12 KB
12 KB 59ms
59ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_65,y_18,w_1065,h_799,c_crop/q_auto,h_204,w_265,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8926381!/image/1892338807.png
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a1bbd6218468058efb385b32219cac7e03eee613f3f4fb092528d2c65de56715

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
age: 19209
x-cache: HIT
status: 200
content-disposition: inline; filename="1892338807.webp"
server-timing: akam;dur=15;start=2020-06-17T23:28:30.703Z;total=19;desc=miss,rtt;dur=6
content-length: 12262
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 12:44:17 GMT
server: cloudinary
x-timer: S1592455720.814984,VS0,VE0
etag: "3a9b1f40166c61c3a51fb711599f5fb4"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=566260
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 1892338807.png
x-cache-hits: 1

POST
H2 200 /
www.facebook.com/tr/ 0
83 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybB8hTnv3a8fX7jf7

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 18 Jun 2020 04:48:39 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.haaretz.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 request Show response
ms-apps.haaretz.com/ds/ 80 B
188 B 128ms
128ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-apps.haaretz.com/ds/request
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c36ee187cefe4e1c71c7adbb2cac4ab5d0c3a43de248fa41ef36d59eb17fdff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
x-cache: MISS
status: 200
z-surrogate-keys: ms-apps.haaretz.com
z-actions-log
x-served-by: cache-hhn4074-HHN
server: nginx
z-block: false
x-timer: S1592455720.003117,VS0,VE71
z-paywalldebug: A123
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_192_118_72_60
accept-ranges: bytes
z-ttl: 0s
x-cache-hits: 0

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 41 KB
7 KB 522ms
341ms Script
application/javascript 54.171.157.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=6956&url=%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&charset=UTF-8&wrapto=firstSpcFetch&ch=6&ref=www.haaretz.com&referer=&_firid=83892061&fiodpe=
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.157.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-157-204.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: cbef6996631039b10273deac3a78a5e9f7b3b3ebbd9ce0a223343246d4a15114

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=UTF-8
expires: 0

GET
H2 200 99.00381fdfce7313ea77aa.js Show response
www.haaretz.com/_next/static/chunks/ 4 KB
2 KB 58ms
57ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/99.00381fdfce7313ea77aa.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

fd4775fb3354e7bbb53d0f8e21bcd1ca1576dfc553070ade2c042a11bddb19ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 60913
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455720.911666,VS0,VE0
etag: W/"1062-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:39 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 45
z-react-beckend: true
content-length: 1721
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 99.00381fdfce7313ea77aa.js
z-react-reason: W

POST
H2 200 impression Show response
ms-apps.haaretz.com/ds/ 83 B
168 B 122ms
121ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ms-apps.haaretz.com/ds/impression
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/06772788870debeff8cee6e63f403e2a02024a8c.e3ba78963644070d59a5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c5702ba1437cdf0f12224d39756360b68a4f61df3a2a0a29014833d2cd117f07

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
x-cache: MISS
status: 200
z-surrogate-keys: ms-apps.haaretz.com
z-actions-log
x-served-by: cache-hhn4074-HHN
server: nginx
z-block: false
x-timer: S1592455720.222509,VS0,VE63
z-paywalldebug: A123
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_192_118_72_60
accept-ranges: bytes
z-ttl: 0s
x-cache-hits: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame A227 202 KB
56 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 96900
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 17 Jun 2020 01:53:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jun 2021 01:53:39 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A227 16 KB
6 KB 52ms
22ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 716511
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 09 Jun 2020 21:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 21:46:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A227 97 KB
29 KB 50ms
20ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 440686
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:23:53 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A227 4 KB
2 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 667008
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 11:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:31:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame A227 48 KB
15 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 512450
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 06:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:27:49 GMT

GET
H2 200 2210197404018168496
tpc.googlesyndication.com/simgad/ Frame A227 25 KB
26 KB 10ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2210197404018168496?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm14R1vpA_pMuFUsVq-_W6I5KhzAQ

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc48dbec66494a02480c2c01ad92297a5eac84a6a1ca5b3ed57e10b118d54540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:13:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Nov 2016 02:14:10 GMT
server: sffe
age: 704092
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26101
x-xss-protection: 0
expires: Thu, 10 Jun 2021 01:13:47 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A227 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73419
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A227 344 B
561 B 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48389
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A227 0
0 71ms
70ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYEOiJ_LqXqeHK9PD7_UPx-6fkATHm5b6XIDy8oj2Cfy19svSFxABILf6wiBg6gGgAa73mdIDyAECqQJF3BpN_reoPuACAKgDAcgDCKoEugJP0JNamHN5z5boPtB6abooQF-tqXwlEIoCwPfD7TSXeHp5xPrDr0gdZS32JnZN7XnbkK8aMX4yZgcrkzZRTILQNoKC5RKEMI1zfpEveGUFdcRsBWI7tWkoRZPomtwSker7R5qG9vEDaQk5bOuRf_PYtk66tn2ERvEOFBGAg10VkkzVW-6hMCBKoKMOeIEieStBYYu6S4Ze1ALy4DVjvc9mD7lnS3wAnPSFiPSgu5pIy-CqKkeS8CLVvCxSIZE6NsMH7aHsNktVNddmx2dQHz4H-V8M5NNtO2m5PdhcKgzibgvRKAoC5fJ1YOdgBoTS6pQKMSWqptajbFke_ckiYVtn1h8SaALbaIDEp06Ok4r7czCGY0ZYpohIgxO793TVYEd5LDLDdgXiirQTnyfVoJO_Y7RIxmqh5h53icAEgvKapp8C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7qI5i2oB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQxrYM0ggJCIDhgHAQARgdgAoDyAsB2BMM&sigh=PB0-ZHAZxn4&tpd=AGWhJmu3faxSvXOrE7-BwgIt5bsaL1ZZtx-DMFbUmhwRp3SRIw
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 6803 0
0 72ms
67ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=75~id=0a99839ceb02d3f2f0bfdae7b49acf9b; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A4D7 0
0 70ms
68ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=45~id=98cc0b6def284ba879a55336e2bcacd5; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 ob_logo_16x16.png
widgets.outbrain.com/images/widgetIcons/ 1 KB
2 KB 68ms
67ms Image
image/png 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.png
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
last-modified: Wed, 17 Jun 2020 08:03:33 GMT
server: AkamaiNetStorage
etag: "96dd1eed1ecd3297bab335082e4a072e:1592382006.360062"
status: 200
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 1524
expires: Sat, 18 Jul 2020 04:48:40 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 70ms
69ms Image
image/svg+xml 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
last-modified: Wed, 17 Jun 2020 08:03:33 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1592381993.649708"
status: 200
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 2735
expires: Sat, 18 Jul 2020 04:48:40 GMT

GET
H/1.1 200
OK 42a29f5e983e288221988084fa0271698a.jpg
images2.zemanta.com/p/srv/sha/98/7b/95/ 15 KB
15 KB 31ms
9ms Image
image/jpeg 2a02:26f0:10c:39d::3892
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images2.zemanta.com/p/srv/sha/98/7b/95/42a29f5e983e288221988084fa0271698a.jpg?w=214&h=154&fit=crop&crop=center&fm=jpg

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10c:39d::3892 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

imgix /

Resource Hash

8b7f44fd3375aa08a1cad98713670ac78273aa8d0b3915494de7b4222cd8f12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 06 Jun 2020 08:19:52 GMT
Server: imgix
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1567840
X-Imgix-ID: 67ff92c1d3c657c0c0df090a90b132b930ea97b5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15203
X-Served-By: cache-lax8635-LAX, cache-ams21028-AMS

GET
H2 200 disclosure.png
widgets.outbrain.com/external/vendors/ 476 B
868 B 72ms
71ms Image
image/png 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
last-modified: Wed, 27 May 2020 11:07:36 GMT
server: AkamaiNetStorage
etag: "4d39e26ad7c27bebbc022d353bf4bbb6:1590577704.340043"
status: 200
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
content-length: 476
expires: Sat, 18 Jul 2020 04:48:40 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
376 B 587ms
136ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=b6ac3061fb86ab26d9aa60950051d381_85_1592455719784&tm=537&eT=0&widgetWidth=816&widgetHeight=610&widgetX=190&widgetY=5369&tpcs=4&wRV=200021&pVis=1&lsd=34661d07-5d76-40f1-ae93-bfbfe9b1466f&eIdx=&cheq=0&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Connection: close
X-TraceId: 9de5eadf7d5d287550b3127253f3252
Content-Length: 30

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 697C 0
0 70ms
70ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=81~id=1b358c78f44a7dc3113e2974e3635b29; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C46E 0
0 70ms
70ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=68~id=8947004510643eea11bc07c2c45a8b54; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 91FF 0
0 69ms
67ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=85~id=7507b03da0c4038b6186e7bda7a6becd; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8F73 0
0 68ms
68ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=52~id=6d5e223f9e4e672d6cacd0e51d038237; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 get Show response
odb.outbrain.com/utils/ 29 KB
10 KB 282ms
279ms Script
text/x-json 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.haaretz.com%2F1.5471157&idx=1&rand=2051&key=NANOWDGT01&widgetJSId=SB_4&va=true&et=true&format=html&lsd=34661d07-5d76-40f1-ae93-bfbfe9b1466f&lsdt=1592455386852&pdobuid=0&t=YjZhYzMwNjFmYjg2YWIyNmQ5YWE2MDk1MDA1MWQzODE=&adblck=false&px=0&py=0&vpd=0&settings=true&recs=true&version=200021&sig=TQG8UAcK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&secured=true&cmpStat=0&ccpaStat=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ad42a1649f7920840d35d28b55f7302bb1700f14ce8484ffb454d3b8fa37d3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: 42ecdb6c6fa2bf0936e3c9e64b42c2c8
content-length: 10194
x-served-by: cache-lga21935-LGA, cache-hhn4064-HHN
pragma: no-cache
x-timer: S1592455720.056284,VS0,VE224
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.117.35
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6Ijg4MDYwMTkyMzEwNGZjY2ViZTdiY2EzYTA0ZjQ3ZTJiYzcwN2UzMGQxMmE1MTJmOWJlOGQwM2Q5YzFmZDQ5MDYiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
20 KB 241ms
108ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4MDYwMTkyMzEwNGZjY2ViZTdiY2EzYTA0ZjQ3ZTJiYzcwN2UzMGQxMmE1MTJmOWJlOGQwM2Q5YzFmZDQ5MDYiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

500df6ceb1a1917c822fbbf9870d099acbb72d8687d9f15000af2b37bc4ae321

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Tue, 16 Jun 2020 14:04:07 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2323034
x-traceid: fd0d8939face07443f755bf410f08685
timing-allow-origin: *
content-length: 19875

GET
H2 200 eyJpdSI6ImRjNDk0ODVlYzAyNDFkYjBhZjI4YzZhN2UyZjQwY2I3NzI0NDgwNDVjMDNkZTk1OGQwYWIxMGY0ODI5NTdiNzUiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 14 KB
14 KB 261ms
128ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRjNDk0ODVlYzAyNDFkYjBhZjI4YzZhN2UyZjQwY2I3NzI0NDgwNDVjMDNkZTk1OGQwYWIxMGY0ODI5NTdiNzUiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

78b13e8fa32b754a2ccbc4590d5a18d7c98aa6cb7eb41e9d6e1c1ddedb8f26ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 19:52:47 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2430607
x-traceid: d92c0c5ba1bb4e7de4ddfd4063258b52
timing-allow-origin: *
content-length: 13940

GET
H2 200 eyJpdSI6IjNhMzZkMjIxMmJkMWZmNzg4NjlkNDZiM2FlNzFjODE0MjA4ODU5NWMxNzNlMjAxYTNkNDBjNzM3MDg2MDM5NGIiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 14 KB
14 KB 271ms
138ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNhMzZkMjIxMmJkMWZmNzg4NjlkNDZiM2FlNzFjODE0MjA4ODU5NWMxNzNlMjAxYTNkNDBjNzM3MDg2MDM5NGIiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

358ed03715a48803758b1b97928c9c8b1d51b003ce4bb60a23fd8796220fb1bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Tue, 19 May 2020 13:52:03 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=885183
x-traceid: cda02f013249c3670860b078f0f7b924
timing-allow-origin: *
content-length: 14098

GET
H2 200 eyJpdSI6IjMwMGFlN2YyNzlmNzYzMzM4OThmNDViNWQwYWRkOWJiNWM2YWI4YWM0Y2E1NzA4OGFmNTMwOTlhMTQyZDk2YzkiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 30 KB
30 KB 260ms
128ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjMwMGFlN2YyNzlmNzYzMzM4OThmNDViNWQwYWRkOWJiNWM2YWI4YWM0Y2E1NzA4OGFmNTMwOTlhMTQyZDk2YzkiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2bfb59e44fbe70459914aaa8a31bc5ac9530ff5e549454000aef28a2e7b52195

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 14:02:12 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2411253
x-traceid: f046a2326506abf9aa7ff51c2fe81a55
timing-allow-origin: *
content-length: 30859

GET
H2 200 eyJpdSI6ImYyMzdjZjJmNGNjZWQ0ODA5NDI2NTZjMjg5ZTgxMzMzNzE4NTMxOWNlNTc3NGY0NmRjNGMwYjUwY2ZkNzE4NzIiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
20 KB 335ms
203ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYyMzdjZjJmNGNjZWQ0ODA5NDI2NTZjMjg5ZTgxMzMzNzE4NTMxOWNlNTc3NGY0NmRjNGMwYjUwY2ZkNzE4NzIiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

b0f04e9896f272dd98624c54480bf02c78eeed37bd43dd96f2e33e9548b53332

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Mon, 15 Jun 2020 09:41:53 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2222334
x-traceid: 8aa71174cc868be6e7ccfd7bb52922c5
timing-allow-origin: *
content-length: 19753

GET
H2 200 eyJpdSI6IjJjOWRhZDhmY2EwNjZhMzEwNTc2NTQ1NmUzMDc4YzZjMTk0YjRlNWQ2ODEyZTc3YzFmNDUyOWNiM2I5ZjcyYzEiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
5 KB 339ms
207ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJjOWRhZDhmY2EwNjZhMzEwNTc2NTQ1NmUzMDc4YzZjMTk0YjRlNWQ2ODEyZTc3YzFmNDUyOWNiM2I5ZjcyYzEiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf5a44bcd1d8876814f36ac092d971294bb6eaa88b34873bc3b8701c4ee81ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Thu, 28 May 2020 13:42:31 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=706297
x-traceid: b6ebf07b36c309bfaba861beef12b723
timing-allow-origin: *
content-length: 5280

GET
H2 200 eyJpdSI6ImY4NzMxNDc2NGU4MmEwZjQ1NGFjOTk2NTlkMzFjMTY5YjcyZGEwODY3ODA2YjBiOWZiMjExNTk3ZTZmY2I3MmUiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 3 KB
4 KB 207ms
206ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY4NzMxNDc2NGU4MmEwZjQ1NGFjOTk2NTlkMzFjMTY5YjcyZGEwODY3ODA2YjBiOWZiMjExNTk3ZTZmY2I3MmUiLCJ3IjoyMTQsImgiOjE1NCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2c63bd48999ed9acbb584a701830f0f3b98cb34acb56d7b859a5846fc2ae7e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 07:49:23 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2054926
x-traceid: f13d46db52b1b539d82bee06b428c050
timing-allow-origin: *
content-length: 3452

GET
H2 200 obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 2ABA 0
0 70ms
70ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: obuid=34661d07-5d76-40f1-ae93-bfbfe9b1466f; recs_328b03e4ce8db47179c15d53d71f8b17=0B2870529675A2870842528A2823440156A2130355905A2870853111A2867013492A2837822782A2815246575ACD1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "5e15b74e0d00262e3943b8095bac5a7b:1592219802.259276"
last-modified: Mon, 15 Jun 2020 11:16:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Fri, 19 Jun 2020 04:48:40 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
content-length: 3511
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=95~id=d169c7be1d1bb2a6ea4d49d58d2b1347; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 94.492afc3df5d9c8d7653c.js Show response
www.haaretz.com/_next/static/chunks/ 2 KB
1 KB 59ms
58ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.haaretz.com/_next/static/chunks/94.492afc3df5d9c8d7653c.js

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-69f0b02ed810e3d2d819.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

62607f40671d50ef53a1b279d7c1cb4d14984b2395f2421a5661d9fae4abe691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
age: 60912
x-dns-prefetch-control: off
status: 200
z-long-homepage-ttl: false
x-served-by: cache-hhn4031-HHN
x-timer: S1592455720.076285,VS0,VE0
etag: W/"658-172b77a4c68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=8640000
z-ttl: 15d
z-fastly-info-state: HIT
x-cache-hits: 3
date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
z-stale-enabled: false
x-cache: HIT
x-envoy-upstream-service-time: 2
z-react-beckend: true
content-length: 818
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:15:45 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: 4RbwxHSkxYKYm1xgn27H9y--F_hdc_react
accept-ranges: bytes
z-surrogate-keys: www.haaretz.com 94.492afc3df5d9c8d7653c.js
z-react-reason: W

GET
H2 200 / Show response
graphql.haaretz.com/ 2 KB
2 KB 113ms
113ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=TopNewsItemsQuery&variables=%7B%22input%22%3A%7B%22externalId%22%3A%22com.hdc.content.TopNewsElement%22%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e11bd024ceaaa05d17b4a6363eca5c9fc4cbc767c46ff04bcd360a8f64dde877%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: 337b441d34b664464f8965ae29a536a8da64bc1441c0e131282343b075762172

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 27
z-surrogate-keys: graphql.haaretz.com
content-length: 2011
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"7db-+yMIvrl6+ep11DLRt+3CWy8RjVA"
x-timer: S1592455720.193787,VS0,VE36
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_k8s
accept-ranges: bytes
z-ttl: 0s
x-cache-hits: 0

GET
H2 200 4102053482.jpg
images.haarets.co.il/image/fetch/x_6,y_139,w_794,h_461,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.892... 11 KB
12 KB 62ms
59ms Image
image/jpeg 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_6,y_139,w_794,h_461,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8928013!/image/4102053482.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 38134b2b1af1657fba9027c7837f819ed893f2579e2a36f11d73f76a6c34f09e

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
age: 54898
x-cache: HIT
status: 200, 200 OK
z-surrogate-keys: 4102053482.jpg
server-timing: akam;dur=37;start=2020-06-17T13:33:41.573Z;total=323;desc=miss,rtt;dur=0
content-length: 11589
x-request-id: 320f1e90cb3a8b2b1bb4fc99f0d9b059
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 12:40:45 GMT
server: cloudinary
x-timer: S1592455720.138179,VS0,VE0
etag: "5e18bea120baa2dbb2a64002a4e88ae1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604765
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
x-cache-hits: 1

GET
H2 200 2459210662.jpg
images.haarets.co.il/image/fetch/x_0,y_535,w_1200,h_701,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.89... 5 KB
5 KB 63ms
60ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_0,y_535,w_1200,h_701,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8927791!/image/2459210662.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e2b0174d14fae0f0883533f72850f45bf80ba1ae039aeb1e569651490000f434

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
age: 8891
x-cache: HIT
status: 200
content-disposition: inline; filename="2459210662.webp"
server-timing: akam;dur=15;start=2020-06-18T02:20:29.343Z;total=18;desc=miss,rtt;dur=0
content-length: 4806
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 19:23:02 GMT
server: cloudinary
x-timer: S1592455720.138163,VS0,VE0
etag: "678928c65fb9796054a91179ff2c5b13"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=579918
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 2459210662.jpg
x-cache-hits: 1

GET
H2 200 1892338807.png
images.haarets.co.il/image/fetch/x_38,y_14,w_1213,h_704,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.89... 12 KB
12 KB 62ms
59ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_38,y_14,w_1213,h_704,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8926381!/image/1892338807.png
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f8d9e6f68597098530a3e130e064c8681b3ae0f305ca12986f81839a8281e730

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
age: 57684
x-cache: HIT
status: 200
content-disposition: inline; filename="1892338807.webp"
server-timing: akam;dur=41;start=2020-06-17T12:47:16.064Z;total=142;desc=miss,rtt;dur=0
content-length: 11778
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 12:44:46 GMT
server: cloudinary
x-timer: S1592455720.138158,VS0,VE0
etag: "fbf6fc3a6ada4e0d092281641e59e9e3"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604768
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 1892338807.png
x-cache-hits: 1

GET
H2 200 1367638232.jpg
images.haarets.co.il/image/fetch/w_2200,h_1595,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8926543!/im... 2 KB
3 KB 101ms
100ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/w_2200,h_1595,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8926543!/image/1367638232.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4f4d25092fc217c4070e6c3f3b1fcacabe2bac063da5cfb4c21628d004b12d47

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
age: 33769
x-cache: HIT
status: 200
content-disposition: inline; filename="1367638232.webp"
server-timing: akam;dur=247;start=2020-06-17T19:25:50.484Z;total=351;desc=miss,rtt;dur=0
content-length: 2484
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 19:23:03 GMT
server: cloudinary
x-timer: S1592455720.199772,VS0,VE0
etag: "71bc4cc46cb021d2e25701137a43e4f6"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 1367638232.jpg
x-cache-hits: 1

GET
H2 200 4190187242.jpg
images.haarets.co.il/image/fetch/x_432,y_97,w_1800,h_1045,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.... 8 KB
8 KB 104ms
103ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_432,y_97,w_1800,h_1045,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8925309!/image/4190187242.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 608154ba1bbcacae2b690708d6de4ea164fab0288eec514caeeb6f967ff2fab6

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
age: 41405
x-cache: HIT
status: 200
content-disposition: inline; filename="4190187242.webp"
server-timing: akam;dur=45;start=2020-06-17T17:18:35.116Z;total=153;desc=miss,rtt;dur=0
content-length: 8064
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 17:14:37 GMT
server: cloudinary
x-timer: S1592455720.199926,VS0,VE0
etag: "ca92ff40694809430a4882a806e90760"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604767
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 4190187242.jpg
x-cache-hits: 1

GET
H2 200 3026787661.jpg
images.haarets.co.il/image/fetch/x_0,y_190,w_2141,h_1244,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8... 6 KB
6 KB 104ms
104ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_0,y_190,w_2141,h_1244,c_crop/q_auto,h_161,w_277,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8853819!/image/3026787661.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 620be5c5efe1446a8c8375798b6577a426c31bf0164a85a56aa9dd9ffb0471d0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
age: 27292
x-cache: HIT
status: 200
content-disposition: inline; filename="3026787661.webp"
server-timing: akam;dur=38;start=2020-06-17T21:13:47.776Z;total=141;desc=miss,rtt;dur=0
content-length: 5942
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Wed, 17 Jun 2020 21:12:20 GMT
server: cloudinary
x-timer: S1592455720.199925,VS0,VE0
etag: "73f45cfaecca9fbb6ac62a7b71ed3f72"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 3026787661.jpg
x-cache-hits: 1

POST
H/1.1 200
OK GetInContentInfo Show response
content.carambo.la/ 3 KB
1 KB 275ms
275ms Fetch
text/html 23.23.9.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://content.carambo.la/GetInContentInfo
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.9.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-9-254.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 83ff1448a71a5a8feb93d1696e5b645eeebf696a080598cc9b7f62fd92fb1665

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: deflate
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://www.haaretz.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1092
Expires: -1

GET
H2 200 container.html
1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 32F1 0
0 11ms
10ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 18 Jun 2020 04:48:39 GMT
expires: Fri, 18 Jun 2021 04:48:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adaf1697cd1cfb22a03a08b1a5f8373d8dcfdb1a7ce9eda5d8a2b315362755a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1592237829488777"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27912
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:40 GMT

GET
H2 200 top-banner-image.png
www.haaretz.com/static/hdc/images/ 18 KB
18 KB 65ms
64ms Image
image/png 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.haaretz.com/static/hdc/images/top-banner-image.png

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

2d46ba92712ba5ba7bcd4f7268171ee7e6774c9fc2a8a69bcebef219cf3a7fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

age: 14387
x-dns-prefetch-control: off
status: 200
z-surrogate-keys: www.haaretz.com top-banner-image.png
x-served-by: cache-hhn4031-HHN
z-stale-enabled: false
x-timer: S1592455720.240903,VS0,VE1
etag: W/"46f0-172b7755eb0"
content-type: image/png
z-long-homepage-ttl: false
cache-control: public, max-age=0
z-ttl: 1d
z-fastly-info-state: HIT-CLUSTER
x-cache-hits: 1
date: Thu, 18 Jun 2020 04:48:40 GMT
via: 1.1 varnish
x-content-type-options: nosniff
z-true-client-ip: 165.231.142.36
access-control-allow-origin: *
x-cache: HIT
x-envoy-upstream-service-time: 1
z-react-beckend: true
content-length: 18160
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Jun 2020 10:10:22 GMT
server: istio-envoy
z-block: true
z-actions-log
z-paywalldebug: A
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
z-backend-name: cluster_dir_chash_hhn_frankfurt_de
accept-ranges: bytes
z-react-reason: W

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A227
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Jun 2020 04:48:40 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 145ms
145ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:35 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 container.html
1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9476 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 18 Jun 2020 04:48:39 GMT
expires: Fri, 18 Jun 2021 04:48:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 74A7 0
0 68ms
67ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=42~id=d4e7af74fb66c4e218023d3917bff13e; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H2 200 obPixelFrame.htm
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 9B3E 0
0 68ms
68ms Document
text/html 2.21.37.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.220 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/obPixelFrame/obPixelFrame.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=345600
date: Thu, 18 Jun 2020 04:48:40 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1592455720~rv=21~id=ca4b851c89aa0948a5ad3eba6ca7ec1d; path=/; Expires=Thu, 18 Jun 2020 04:48:40 GMT; Secure; SameSite=None

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
377 B 520ms
131ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=fde8f977845262602191c3d702f06d12_85_1592455720224&tm=1155&eT=0&widgetWidth=0&widgetHeight=0&widgetX=0&widgetY=0&wRV=200021&pVis=0&lsd=34661d07-5d76-40f1-ae93-bfbfe9b1466f&eIdx=&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Connection: close
X-TraceId: a4d4b19db3ade5ba9634edb06d755836
Content-Length: 30

GET
H2 200 get Show response
odb.outbrain.com/utils/ 9 KB
6 KB 233ms
232ms Script
text/x-json 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.haaretz.com%2F1.5471157&idx=101&rand=39134&key=HAARE792EQLA7DO04OFQMLI35&widgetJSId=APP_3&va=true&format=vjapi&lsd=34661d07-5d76-40f1-ae93-bfbfe9b1466f&lsdt=1592455386852&pdobuid=0&t=YjZhYzMwNjFmYjg2YWIyNmQ5YWE2MDk1MDA1MWQzODE=&adblck=false&settings=true&recs=true&version=200021&sig=TQG8UAcK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&secured=true&cmpStat=0&ccpaStat=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8949afa8fc4f20ea9b1b3b573f28ca26d6256e324e1c594cc7a3837f791cc43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status: 200
x-cache-hits: 0, 0
x-traceid: ef958cf4c11d127ac183d7540576bc04
content-length: 5517
x-served-by: cache-lga21960-LGA, cache-hhn4064-HHN
pragma: no-cache
x-timer: S1592455721.631659,VS0,VE176
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding, User-Agent
content-type: text/x-json; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
backend-ip: 157.52.117.60
accept-ranges: bytes, bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjhmNWRkYzNhNDk0ZGQwMzIyZjEzZjZmNmQ0YTMzZWI4ZTRiNzE2MGI2NjEyMmQ3YjNhMjEwMmM3NTc2NjQzYzYiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 5 KB
6 KB 62ms
61ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhmNWRkYzNhNDk0ZGQwMzIyZjEzZjZmNmQ0YTMzZWI4ZTRiNzE2MGI2NjEyMmQ3YjNhMjEwMmM3NTc2NjQzYzYiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

a6b0dc6cd2681ddbf2dfd1cea3eea71c7bc20a6126df7e442d26dfc1fef6d384

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Thu, 28 May 2020 13:42:39 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1516861
x-traceid: 38a9c361d8a0d5f30c01ce241f0a00a2
timing-allow-origin: *
content-length: 5648

GET
H2 200 eyJpdSI6IjNjYjI3MTNmZmFjMjcxZmMzZmJlZDk2NDMwYjIxYTk0MzI1ODM5OTNhNzNlZmQwZDA5ZTJmZTNhYWU4NTQ4N2IiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 7 KB
8 KB 80ms
78ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNjYjI3MTNmZmFjMjcxZmMzZmJlZDk2NDMwYjIxYTk0MzI1ODM5OTNhNzNlZmQwZDA5ZTJmZTNhYWU4NTQ4N2IiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

c4105ffe6625b679aaf2eeb343bada58b9410e6d9fd1c989bc6f04096b4493fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Tue, 19 May 2020 16:21:29 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1568213
x-traceid: 2e5a8cb58e856e3bb5dee8f9fd282fc5
timing-allow-origin: *
content-length: 7512

GET
H2 200 eyJpdSI6ImVjZDU2NTIyYWM5OTdlZTJmYjI4ZDRiM2I2ZDNlNzhhNDBkODM0NmZiZGE3MjM5YjlhNDg5OGJmNTQzNjhjZWEiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 20 KB
21 KB 63ms
61ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjZDU2NTIyYWM5OTdlZTJmYjI4ZDRiM2I2ZDNlNzhhNDBkODM0NmZiZGE3MjM5YjlhNDg5OGJmNTQzNjhjZWEiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c613adf3b5625faf322b663e88fdce0a2f5d6aa838f493062e20bef2d5d492

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 20:12:24 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1808773
x-traceid: 5b0bd5dc68573ddc8964ba6f8c1fd888
timing-allow-origin: *
content-length: 20815

GET
H2 200 eyJpdSI6ImU0MGFiZTQ1ZTc5MGMyMTNjNGI5NzUzYjlkNzdhZWEwZDgzYTEwNjE4OWEwMTFmNzgwYWExZjI4ZjQ5ODkyYTIiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 31 KB
31 KB 67ms
65ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU0MGFiZTQ1ZTc5MGMyMTNjNGI5NzUzYjlkNzdhZWEwZDgzYTEwNjE4OWEwMTFmNzgwYWExZjI4ZjQ5ODkyYTIiLCJ3IjoyODYsImgiOjE4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

512b95d0572aff31e3ddde3de40e7dcaf49daeccbc55cd940865c37ac980155b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Mon, 04 May 2020 07:57:28 GMT
date: Thu, 18 Jun 2020 04:48:40 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=1037653
x-traceid: c50507a124f833b4b0c96b74d33db330
timing-allow-origin: *
content-length: 31603

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 538E 202 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 96901
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 17 Jun 2020 01:53:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jun 2021 01:53:39 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 538E 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 716512
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 09 Jun 2020 21:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 21:46:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 538E 97 KB
29 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 440687
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:23:53 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 538E 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 667009
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 11:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:31:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 538E 48 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 512451
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 06:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:27:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 538E 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73420
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 538E 344 B
412 B 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48390
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
DATA 200
OK truncated
/ Frame 538E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cbddfa33b8aa65244531bc6e6ef50f3a92ad4d926d0e121d4e7b94c6f9ae58f

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 13822355357625522766
tpc.googlesyndication.com/simgad/ Frame 538E 14 KB
15 KB 12ms
10ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13822355357625522766?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm2z4r1ZScRLSCFlytzrVIEBVKPxg

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcd1c4a0897e129f2ff25d83ee085bd1b892a103f51dddfd975cee05d1235145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 02:38:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2015 22:31:34 GMT
server: sffe
age: 785398
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14779
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:38:42 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 538E 0
0 71ms
70ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaKNKKPLqXqy6EaDE7_UP49Sf2A_Hm5b6XKj38oj2Cfy19svSFxABILf6wiBg6gGgAa73mdIDyAECqQJM8vEzbrWoPuACAKgDAcgDCKoEugJP0NLKt0I5sXJQdGYfk7v252aifljf2FxfzqefBeE83NByh5wsMK2lNtq7mnviAwz5ilNgNLK5DmHe0ljXMMUgrYq0neO_WsyBXeXx7VhEIqMZmvBDwUB_U9vXlam-OJBeTrVAmhSCRJRkk-3zzCh9LEBbsc_TdKkCP2uV-FB7Tn4aEiN2144IybUrnuxJOT3WSFZz6E_8L5F8lQAUZA3fEc1IKWv_AeV5ccsrKiXuvNyccfFSFuOUwKLEQfvxet0hSwZhQxvHI20tbqezaG2iXGET8Gv87lFe2ohBFZ_4z_ks4kbpvfyK7xdEESgiouNVInYdQgIgFCCa0WkA-2GOlqcUn_a6KQPrO8Zoh1TnkcbsZR5VJdnHtp-7xMfdY5nqlVGIvAhxN4iwMn87E4PG7bfHeFzN8cGG9sAEgvKapp8C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7qI5i2oB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ2pUI0ggJCIDhgHAQARgdgAoDyAsB2BMM&sigh=Oprbg5gp8Sg&tpd=AGWhJmtbMCQXL4ytIjj2oXY8CfLP2cYgmDjVMyIzDpfQCfC_HA
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 139ms
139ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:29 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 0CAD 202 KB
55 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 96901
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 17 Jun 2020 01:53:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jun 2021 01:53:39 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CAD 16 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 716512
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 09 Jun 2020 21:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 21:46:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CAD 97 KB
29 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 440687
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:23:53 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CAD 4 KB
2 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 667009
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 11:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:31:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 0CAD 48 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 512451
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 06:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:27:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0CAD 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73420
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0CAD 344 B
407 B 22ms
21ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48390
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
DATA 200
OK truncated
/ Frame 0CAD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb23590047089f6e05eccf9df7acece9a066b8a78e3d587102b7512bbde4a008

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14732577939576825921
tpc.googlesyndication.com/simgad/ Frame 0CAD 82 KB
82 KB 13ms
6ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14732577939576825921

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fd1cf836d24d0e47de37eb31b2f79d300c036826a1b7cf1c5bf6ad46bf13191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 09:01:17 GMT
x-content-type-options: nosniff
age: 503243
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83696
x-xss-protection: 0
last-modified: Fri, 29 May 2020 09:43:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 09:01:17 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0CAD 0
0 73ms
67ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CI4luKPLqXqDwGqii7_UPsbK22AXMu9TkXcaau8G-C7_hHhABILf6wiBg6gGgAa3ciogDyAED4AIAqAMByAMIqgS0Ak_Q16aAbwPWhsvTfoc8cGG6AaKMpiaWDnc9FJ3wQTHchEX-NgoFG3UAJxANP12ip4Cu6A3QHYX5yjxtZRZWnZ95mimx6rCo78O2dLqIvcOmaaQ2-qdFrJb3srvszVQMnhSVYCD6WUqY64tDkETB0MOlGZOqac2F2nIEPnWzbl-qbvF_BsavH5rbqThwvgxn_LcfEs8U9ZLOg2WVVamnm-mmpNrhsk_SADm7aJ9X5oIv37vDThbgC3O1PmWIbuxd4p4LEIGcQrJS5-FymuI3_vUIwgEl9CPSzZkyvXmU7cBOsHXEpDU466FuGh-27zep4n-8G2W4I0JnKcH7469JyzX-uUiHAeYhWewDLUWz9Ma9uShS6ym1_P07XJKDTElyKOwYVyoRQRi2DhhhKT8SG9Zgv0QZwASnkKe21gHgBAGSBQQIBBgBkgUECAUYBKAGA4AHrdzKeKgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDs9QPSCAkIgOGAcBABGB2ACgPICwHYEww&sigh=uQ1iNaYA9Cs&tpd=AGWhJmso7r6zKnyGIcxCaxA0WSuTdr9Z5CGaZK0FX3EHXD0Y_A
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A227 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4986ebb60f67ae033a73ad9153ef1a9b4285ac0283e491896e9e8a4679b298ae

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 4D92 202 KB
55 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 96902
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 17 Jun 2020 01:53:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jun 2021 01:53:39 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 4D92 16 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 716513
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 09 Jun 2020 21:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 21:46:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 4D92 97 KB
29 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 440688
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:23:53 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 4D92 4 KB
2 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 667010
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 11:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:31:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 4D92 48 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 512452
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 06:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:27:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D92 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73421
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4D92 344 B
412 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48391
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
H2 200 10788826449414605683
tpc.googlesyndication.com/simgad/ Frame 4D92 136 KB
136 KB 8ms
7ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10788826449414605683

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faa389443b5e8a411dffcdc4a643a98094fd65720e637ed5cbc32a3abe583e4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 06:29:58 GMT
x-content-type-options: nosniff
age: 512323
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139089
x-xss-protection: 0
last-modified: Tue, 26 May 2020 10:08:07 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:29:58 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4D92 0
0 68ms
67ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1T2WKPLqXv30KceO7_UPo9C2SMKPxt5d2OW7t4IMv-EeEAEgt_rCIGDqAaAB8YP9lQPIAQPgAgCoAwHIAwiqBLUCT9DIKd8_CjdfmcTqcD50pPRWg9Mx3KPDTeDOXp4gwlx1U9oEyZc_8aX0w1rUSrByXaXQedzmg_ftnnJeu1Zzv-k_seKwfh3OonXca4vpoDU6Ez7MNl66yXs0Q1BSVQlG7AoagbTercFJ-MlWYTCgvAS01J0RgULUVfH6KvRxksdZSLK458xsdq0KwSBeOAJJKLvwgqjLyMG1kGfp6ZogjXPJoPNR6zRIu3iTtqZ-twlxt_3JVOM3BI7ZXLQMjvh5-KaOzYwUlvPI50Sl8bA-mkIjaxJ8b688ovqDfnpdjutiLTY4YZvf8sNbx492XYNH_0VODgwyuvoz3a64dS2PF8_Fb0pGClNHPf8HbdQHKDqPba3fHfuvDvLgX1wtQBU34pvvK7Ck4ObUXuY_F0tp2CgYl9b5wATTvZO4oQLgBAGSBQQIBBgBkgUECAUYBKAGA4AH8YTTjwGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQupgF0ggJCIDhgHAQARgdgAoDyAsB2BMM&sigh=RpbPRY8pkx8&tpd=AGWhJmtZUpB0QWA2bzbR9uUixp6ZxlJ1-TTGNisG4Z-SgHY7DQ
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 109 KB
39 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dae9cc1571c3f90c37a10c8854015bddcc4fc2106653b5a0a86bf29bef33558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 40263
x-xss-protection: 0
server: cafe
etag: 16977007873557458630
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Jun 2020 04:48:41 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 538E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Jun 2020 04:48:41 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0CAD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Jun 2020 04:48:41 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 13822355357625522766
tpc.googlesyndication.com/simgad/ Frame 538E 14 KB
15 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13822355357625522766?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm2z4r1ZScRLSCFlytzrVIEBVKPxg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcd1c4a0897e129f2ff25d83ee085bd1b892a103f51dddfd975cee05d1235145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Jun 2020 02:38:42 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Dec 2015 22:31:34 GMT
server: sffe
age: 785399
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14779
x-xss-protection: 0
expires: Wed, 09 Jun 2021 02:38:42 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 538E 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73421
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 538E 344 B
413 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48391
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 4 B
377 B 516ms
130ms XHR
application/json 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://mcdp-nydc1.outbrain.com/l?token=0c86deb372798c1b7319ef39fff9d1ce_85_1592455720763&tm=1714&eT=0&wRV=200021&pVis=1&lsd=34661d07-5d76-40f1-ae93-bfbfe9b1466f&eIdx=&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Connection: close
X-TraceId: 34e229c64cc323967622a78246ea7a15
Content-Length: 30

GET
H2 200 / Show response
graphql.haaretz.com/ 176 B
318 B 144ms
143ms Fetch
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.haaretz.com/?operationName=OsakaNextArticle&variables=%7B%22input%22%3A%7B%22sectionId%22%3A%222.14183%22%2C%22readingHistory%22%3A%5B%221.5471157%22%5D%7D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%2263f440188619a4bd64ec52fe4762e1087726832ba0f5c6a396c43aa89cb3dce1%22%7D%7D
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/2.0.1392/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy / Express
Resource Hash: d676183f8c6eef240432713b4da7e7a95c97b253b546177eb96b1d9b5e8d7db0

Request headers

hostname: www.haaretz.com
accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
via: 1.1 varnish
z-true-client-ip: 165.231.142.36
x-powered-by: Express
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 78
z-surrogate-keys: graphql.haaretz.com article 1.5471157
content-length: 176
x-served-by: cache-hhn4074-HHN
server: istio-envoy
z-block: false
z-actions-log
z-paywalldebug: A123
etag: W/"b0-A563lA79aHcDDm/c/kljGfZm008"
x-timer: S1592455721.257481,VS0,VE87
content-type: application/json; charset=utf-8
access-control-allow-origin: *
z-backend-name: 24rZN2zCHDZeDA6qagIuQE--F_k8s
accept-ranges: bytes
z-ttl: 0s
x-cache-hits: 0

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 139ms
138ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:29 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

POST
H/1.1 200
OK SetPageRequestGeo Show response
analytics.carambo.la/ 35 B
332 B 584ms
141ms Fetch
application/json 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetPageRequestGeo
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash: a3b59cf3c15a5896f4224c367d24e647fe14e411b8024dcc87aa37783e0cf110

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:40 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.haaretz.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
Expires: -1

GET
H2 200 css
fonts.googleapis.com/ 9 KB
879 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500,300,700,400

Requested by

Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 04:48:41 GMT
server: ESF
date: Thu, 18 Jun 2020 04:48:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jun 2020 04:48:41 GMT

GET
H2 200 cbolaSprite.png
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/css/assets/ 23 KB
23 KB 34ms
34ms Image
image/png 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/css/assets/cbolaSprite.png
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70B) /
Resource Hash: 77ae69cda02c889ca874d3a9247720d1c32b653d54b8c5c8fc78f8b82e81288f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
age: 14051042
x-cache: HIT
status: 200
x-amz-request-id: AE9912B09BCFB2C7
x-amz-id-2: QTjIoaFfe15dKVJw46ggve9T+rer/Zk+z0+oDwuC5IAC3B1jctBiqJadzQE6KdfgnigMfpqKV5U=
accept-ranges: bytes
last-modified: Tue, 07 Jan 2020 13:39:58 GMT
server: ECS (ska/F70B)
etag: "5d9f6257c16e8e89a8ead1a2890530d4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 23766

GET
H2 200 cbolaIcons.woff
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/css/fonts/ 4 KB
4 KB 34ms
34ms Font
application/octet-stream 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/css/fonts/cbolaIcons.woff?phtwnv
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71B) /
Resource Hash: c85a8e7c2d1d0583578b2afd3a1ce469797bfa5c9d5598cba25f51f839348ec8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Origin: https://www.haaretz.com

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
age: 14051049
x-cache: HIT
status: 200
x-amz-request-id: E7E555F32214E503
x-amz-id-2: RU0bkaDjNTFE/Jb/OaRP0Yb11Qhh9IsCUoRmo0RDxKttrNgKRnvjcYa7VUggFlfB7moBRezOXgU=
accept-ranges: bytes
last-modified: Tue, 07 Jan 2020 13:40:13 GMT
server: ECS (ska/F71B)
etag: "dae3eb8c820d3bbb16a17610dece1c88"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 3832

POST
H/1.1 204
No Content SetPageElementsRequestNew
analytics.carambo.la/ 0
0 560ms
142ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetPageElementsRequestNew
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:40 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

POST
H/1.1 200
OK GetAds Show response
xtr.carambo.la/ 14 KB
3 KB 567ms
137ms Fetch
text/html 54.208.107.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://xtr.carambo.la/GetAds
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.107.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-107-16.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5c719eb2bcb2e69ce33d7b1ba92fc85108fd16fc34a8e9195ac392dcd544b21a

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:45 GMT
Content-Encoding: deflate
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2280
Expires: -1

GET
H2 200 12423_3_10.jpg
media.carambo.la/Images/ 12 KB
12 KB 47ms
39ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/12423_3_10.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70B) /
Resource Hash: ffdae95bd9caf6b548290ffa212388223e2c58456966863bcb47008b008e5da1

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
age: 242596
x-cache: HIT
status: 200
x-amz-request-id: 7C2716089B1B27F7
x-amz-id-2: gFlF8gGxllKhrfm/Y7JlckEkd2Yt7L39AhrqM7Wzzxg8+EMvk/J8elF+ljBmphI+yHGy+EItl7Y=
accept-ranges: bytes
last-modified: Thu, 11 May 2017 11:14:23 GMT
server: ECS (ska/F70B)
etag: "752d44f8005cccf99c2f52459c79b575"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 11805

GET
H2 200 12405_3_10.jpg
media.carambo.la/Images/ 20 KB
20 KB 41ms
33ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/12405_3_10.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71D) /
Resource Hash: 4369ec009fca02cd0bb58ec248ed5ec118253147a316674c0c6f63e742ae1a8b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
age: 426877
x-cache: HIT
status: 200
x-amz-request-id: 0D21571E79EE6D08
x-amz-id-2: B/mcGfHGkDaM5aWWUoLN7QxrMLy9Z4EY8uWFl8oWxFG4R9Uk471fRKGSbbLGBhBRF0+mWyTV4Hk=
accept-ranges: bytes
last-modified: Thu, 11 May 2017 11:14:21 GMT
server: ECS (ska/F71D)
etag: "2e77833e0909e26879243703730742b3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 20014

GET
H2 200 12401_3_10.jpg
media.carambo.la/Images/ 11 KB
11 KB 44ms
37ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/Images/12401_3_10.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71E) /
Resource Hash: e9b58d32242eb54c4639a2924cfb9518d69621c6d982a0d0c055af4cfd147abc

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
last-modified: Thu, 11 May 2017 11:14:19 GMT
server: ECS (ska/F71E)
age: 357497
status: 200
etag: "ebf4374ef9e5dbc35ce7c9c164850def"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-amz-request-id: 1E4433DCB40000CB
x-cache: HIT
accept-ranges: bytes
content-length: 11230
x-amz-id-2: I2V+LkOYnCsyyrPQjLdq25xwJuZJAfHLRHeOr7Sfw5aei3N51nE4zB+NJbbTUFf+qH5B3tYaQfs=

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 3F16 202 KB
55 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 96902
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 17 Jun 2020 01:53:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Jun 2021 01:53:39 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3F16 16 KB
6 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 716513
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Tue, 09 Jun 2020 21:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jun 2021 21:46:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3F16 97 KB
29 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 440688
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Sat, 13 Jun 2020 02:23:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jun 2021 02:23:53 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3F16 4 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 667010
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 10 Jun 2020 11:31:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 11:31:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 3F16 48 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 512452
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Fri, 12 Jun 2020 06:27:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:27:49 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F16 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73421
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F16 344 B
413 B 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48391
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
DATA 200
OK truncated
/ Frame 3F16 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b2443cdc6ef77c2bb1cd44a12d562b152a76e21c5d447426a0fb92df6be8308

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8573452462050487103
tpc.googlesyndication.com/simgad/ Frame 3F16 114 KB
114 KB 12ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8573452462050487103?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmBqUJKwQTAokyk6UO4vZaOk5E4XA

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6978cbb32cf5089775a91d6498d58489ab2b018b155ccb73d08821983fa90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 07:45:50 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 02:13:43 GMT
server: sffe
age: 680571
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116652
x-xss-protection: 0
expires: Thu, 10 Jun 2021 07:45:50 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F16 0
0 68ms
66ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4chmKPLqXpzeObOQlQfi9qbIAcGLyuZc9LecybwLFBABILf6wiBg6gGgAfGD_ZUDyAEC4AIAqAMByAMIqgSuAk_Q1abzRxvyiUPe5CG47We2e89RxdpwjRskaUhiEOmpkaj6dNEZffSmvs1tlA46n9CNM0alp1lu_1BroPuKp_C450VwuPXWVlDdyX6DtUoW70JezKeP8gBDc5DAWkQMBE0YHHvBoFOhG3ci_jroRHDr3Ah79fRU3JYPVYi6vEoHEOCprBrHnVODP2okk8fFs__G2Mb1m2pVeok5a7c5P-TG6CmAo1uEEwxWlpS5dKAPiGNsptkqttuuUo-aBbp8Fg6Z1iiIJgjOJwSlc16FMjgU8hpz97IgyEKhFSaPhDuE9zda8Tdjbmk4xjjMLYCoM3T7wlBNYOJS5FoEDySCV5H02xnOP8p8EbdKNpKgj_3CIAGV6-gJtMVziIOd_8wMWCejhygZOGcd3VAFl_7ZwATD__q5swLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH0PDMe6gHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD7yTDSCAkIgOGAcBABGB2ACgPICwHYEww&sigh=agL7-joKe0Y&tpd=AGWhJmsY3Sw6fUqUeIrx4Dg1gml9cMnDnJS6vzUto9JfEULVFg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:500,300,700,400
Origin: https://www.haaretz.com

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 792287
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/ 218 KB
82 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83998
x-xss-protection: 0
server: cafe
etag: 419886144849044271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jun 2020 04:48:41 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/ Frame 8BF0 0
0 6ms
6ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200610/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200610/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUltFWYDWB1G2pj4wKZeD78V9nJzBsNmPF7Rj8jbie86isZiYDVsX8c5fB4V
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 10 Jun 2020 22:00:32 GMT
expires: Wed, 24 Jun 2020 22:00:32 GMT
content-type: text/html; charset=UTF-8
etag: 12274286891180784318
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4510
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 629289
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 14732577939576825921
tpc.googlesyndication.com/simgad/ Frame 0CAD 82 KB
82 KB 6ms
6ms Image
image/gif 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14732577939576825921

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fd1cf836d24d0e47de37eb31b2f79d300c036826a1b7cf1c5bf6ad46bf13191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 09:01:17 GMT
x-content-type-options: nosniff
age: 503244
x-dns-prefetch-control: off
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83696
x-xss-protection: 0
last-modified: Fri, 29 May 2020 09:43:59 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 09:01:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0CAD 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73421
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0CAD 344 B
413 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48391
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
H2 200 lg.php Show response
cdn.firstimpression.io/delivery/ 1 B
261 B 219ms
76ms XHR
text/html 54.171.157.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=78192&campaignid=32&zoneid=112293&loc=%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&cb=37bda66788&ficb=196451
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.157.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-157-204.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 140ms
140ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:30 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 lg.php Show response
cdn.firstimpression.io/delivery/ 1 B
261 B 212ms
74ms XHR
text/html 54.171.157.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=78199&campaignid=32&zoneid=112294&loc=%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&cb=1b4eb72313&ficb=850270
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.157.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-157-204.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

GET
H2 200 lg.php Show response
cdn.firstimpression.io/delivery/ 1 B
261 B 213ms
75ms XHR
text/html 54.171.157.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/lg.php?bannerid=78263&campaignid=32&zoneid=112297&loc=%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&cb=aad66e4f6f&ficb=929469
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.157.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-157-204.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Accept: */*
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
server: nginx/1.16.1
x-powered-by: PHP/7.3.11
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4D92
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Jun 2020 04:48:41 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 eyJpdSI6ImRmMWUzYTBkOWI0NTM4OTcxMTZkOGYyNGM5MjhhYjdjMGJkN2FiMWUwZmIwNDg4YTM1ZmIwY2I5MWRkZDM4NjkiLCJ3IjozMDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
19 KB 71ms
70ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRmMWUzYTBkOWI0NTM4OTcxMTZkOGYyNGM5MjhhYjdjMGJkN2FiMWUwZmIwNDg4YTM1ZmIwY2I5MWRkZDM4NjkiLCJ3IjozMDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

1640001f640ebf88b16e94a81205382dd24f3f5b1ec0893d00f7cd6629459b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 13:10:07 GMT
date: Thu, 18 Jun 2020 04:48:41 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2407207
x-traceid: 37e7527868e77437302b4d99ba496271
timing-allow-origin: *
content-length: 19691

GET
H2 200 eyJpdSI6IjAyNzNmZmM1NzMwYzJmYzM0YzVlNjIyZDJlZGQ4MjVkYzBlNjBiMjIxNjY2Yzk2NmYyNGIxMjU1MTQ4ZTYwZmIiLCJ3IjozMDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 89ms
88ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjAyNzNmZmM1NzMwYzJmYzM0YzVlNjIyZDJlZGQ4MjVkYzBlNjBiMjIxNjY2Yzk2NmYyNGIxMjU1MTQ4ZTYwZmIiLCJ3IjozMDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

c59b5fb4200dc4cd2681302c313cb76769bcfa12abb702004eb52a79a51a6e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Wed, 17 Jun 2020 16:30:12 GMT
date: Thu, 18 Jun 2020 04:48:41 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2433962
x-traceid: 28df650a3d34ce3e895c65584b78385
timing-allow-origin: *
content-length: 11136

GET
H2 200 eyJpdSI6ImZlNjc3YWE3ZDRmYmJjZGEzNWFjYjQ0ZDE1MzE4ZDBiMGYzODNjYjY5MTI0ZTFmZWEyNTMxZWYyYTQwYzQ1NTciLCJ3IjozMDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 34 KB
35 KB 79ms
79ms Image
image/webp 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZlNjc3YWE3ZDRmYmJjZGEzNWFjYjQ0ZDE1MzE4ZDBiMGYzODNjYjY5MTI0ZTFmZWEyNTMxZWYyYTQwYzQ1NTciLCJ3IjozMDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Requested by

Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

f3b2b918cec0592898d231f488b35b41acd35dd1344ada57c2f2a0285811d701

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
last-modified: Fri, 22 May 2020 06:32:16 GMT
date: Thu, 18 Jun 2020 04:48:41 GMT
vary: Accept-Encoding
content-type: image/webp
status: 200
cache-control: max-age=2202655
x-traceid: 35dbe1f5b0b53d8d35bc392bc27b5c46
timing-allow-origin: *
content-length: 35318

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3F16
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 18 Jun 2020 04:48:41 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1EB6 0
0 358ms
358ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622156405313063&output=html&h=90&slotname=188c714.3b2318c&adk=2419923556&adf=861824501&w=728&lmt=1592455721&psa=1&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&flash=0&wgl=1&adsid=NT&dt=1592455721337&bpp=9&bdt=3214&idt=232&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7830051421655&frm=20&pv=2&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=169&ady=1514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=0g9C4s6gBU&p=https%3A//www.haaretz.com&dtd=250

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3622156405313063&output=html&h=90&slotname=188c714.3b2318c&adk=2419923556&adf=861824501&w=728&lmt=1592455721&psa=1&npa=1&guci=1.2.0.0.2.1.0.0&format=728x90&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&flash=0&wgl=1&adsid=NT&dt=1592455721337&bpp=9&bdt=3214&idt=232&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=7830051421655&frm=20&pv=2&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=169&ady=1514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=10&uci=a!a&btvi=1&fsb=1&xpc=0g9C4s6gBU&p=https%3A//www.haaretz.com&dtd=250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUltFWYDWB1G2pj4wKZeD78V9nJzBsNmPF7Rj8jbie86isZiYDVsX8c5fB4V
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Jun 2020 04:48:41 GMT
server: cafe
content-length: 22394
x-xss-protection: 0
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2064974190.jpg
images.haarets.co.il/image/fetch/x_171,y_28,w_1029,h_772,c_crop/q_auto,h_65,w_84,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.881... 1 KB
2 KB 58ms
58ms Image
image/webp 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.haarets.co.il/image/fetch/x_171,y_28,w_1029,h_772,c_crop/q_auto,h_65,w_84,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://www.haaretz.co.il/polopoly_fs/1.8810352!/image/2064974190.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 953d0684e4c75acc742f3dcd28cb8fd9c3a063f432fb72c13766e598adae4b09

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
via: 1.1 varnish
age: 212811
x-cache: HIT
status: 200, 200 OK
content-disposition: inline; filename="2064974190.webp"
server-timing: akam;dur=42;start=2020-06-15T17:41:50.519Z;total=462;desc=miss,rtt;dur=0
content-length: 1464
x-request-id: 49b0a41ee13c0363df530ffcb2ecd3f1
x-served-by: cache-hhn4031-HHN
timing-allow-origin: *
last-modified: Thu, 30 Apr 2020 11:10:11 GMT
server: cloudinary
x-timer: S1592455722.633484,VS0,VE0
etag: "056c5b211e4c18f17fa5cbe9afe34672"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
z-ttl: 10d
access-control-allow-headers: X-Requested-With
z-surrogate-keys: 2064974190.jpg
x-cache-hits: 51

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 142ms
142ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:30 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame AB8B 0
0 326ms
325ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622156405313063&output=html&h=250&slotname=3848a34.d274aac&adk=1482580090&adf=3618095171&w=300&lmt=1592455721&psa=1&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&flash=0&wgl=1&adsid=NT&dt=1592455721346&bpp=3&bdt=3223&idt=284&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7830051421655&frm=20&pv=1&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=414&ady=3364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=IW09sEN6g6&p=https%3A//www.haaretz.com&dtd=288

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3622156405313063&output=html&h=250&slotname=3848a34.d274aac&adk=1482580090&adf=3618095171&w=300&lmt=1592455721&psa=1&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&flash=0&wgl=1&adsid=NT&dt=1592455721346&bpp=3&bdt=3223&idt=284&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7830051421655&frm=20&pv=1&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=414&ady=3364&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8208&bc=31&ifi=11&uci=a!b&btvi=2&fsb=1&xpc=IW09sEN6g6&p=https%3A//www.haaretz.com&dtd=288
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUltFWYDWB1G2pj4wKZeD78V9nJzBsNmPF7Rj8jbie86isZiYDVsX8c5fB4V
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Jun 2020 04:48:41 GMT
server: cafe
content-length: 19381
x-xss-protection: 0
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 8573452462050487103
tpc.googlesyndication.com/simgad/ Frame 3F16 114 KB
114 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8573452462050487103?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmBqUJKwQTAokyk6UO4vZaOk5E4XA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6978cbb32cf5089775a91d6498d58489ab2b018b155ccb73d08821983fa90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 07:45:50 GMT
x-content-type-options: nosniff
last-modified: Sat, 16 May 2020 02:13:43 GMT
server: sffe
age: 680571
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116652
x-xss-protection: 0
expires: Thu, 10 Jun 2021 07:45:50 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F16 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 08:25:00 GMT
x-content-type-options: nosniff
server: cafe
age: 73421
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Thu, 18 Jun 2020 08:25:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3F16 344 B
413 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 17 Jun 2020 15:22:10 GMT
x-content-type-options: nosniff
server: cafe
age: 48391
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 18 Jun 2020 15:22:10 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1F6F 0
0 18ms
18ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1592455721&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592455721350&bpp=1&bdt=3227&idt=308&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=7830051421655&frm=20&pv=1&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=12&uci=a!c&fsb=1&dtd=316

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1592455721&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&npa=1&guci=1.2.0.0.2.1.0.0&format=0x0&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1592455721350&bpp=1&bdt=3227&idt=308&shv=r20200610&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=7830051421655&frm=20&pv=1&ga_vid=1302750268.1592455720&ga_sid=1592455720&ga_hid=81781232&ga_fc=0&iag=0&icsg=1069567115788284&dssz=76&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431&oid=3&pvsid=2775205318892354&pem=688&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=12&uci=a!c&fsb=1&dtd=316
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUltFWYDWB1G2pj4wKZeD78V9nJzBsNmPF7Rj8jbie86isZiYDVsX8c5fB4V
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 18 Jun 2020 04:48:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/ 20 KB
7 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200610/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

638443fcf9a25a8368024863fcbc644013423b13d88e193c7c3a7118d5f7daf2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7222
x-xss-protection: 0
server: sffe
date: Thu, 18 Jun 2020 04:48:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "f4b60d1dfc50ade5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jun 2020 04:48:41 GMT

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 140ms
140ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:37 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 prebid.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/external/ 226 KB
71 KB 34ms
33ms XHR
text/javascript 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/external/prebid.min.js
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F705) /
Resource Hash: b79f0afa0c46584bd10acd4d4f7aeb80b486f3505ae4676be345907ada1fb519

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:41 GMT
content-encoding: gzip
age: 14051041
x-cache: HIT
status: 200
access-control-max-age: 3000
x-amz-request-id: 5AD044C232347351
x-amz-id-2: HZOOv5IyZpr+E4DBgGFYtV0gyq3R79HPRdcW/M6lttT/kP1rtbEISl2pVfiHk0w2/+/0yyLKuKM=
last-modified: Tue, 07 Jan 2020 13:40:14 GMT
server: ECS (ska/F705)
etag: "de4f844e05e0530f46a76eb5bd97584f+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 72343

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 177ms
61ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.haaretz.com

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 47 B
727 B 218ms
106ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.44.1
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: e5e35e641540d63f6a79870176632d71b8ac7c779ef01dd51c70354443150f10

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.haaretz.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

GET
H2 200 arj Show response
carambola-d.openx.net/w/1.0/ 173 B
560 B 188ms
120ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=efef276f-60bc-45dc-bbbc-56c93e8add82&nocache=1592455721932&schain=1.0%2C1!carambo.la%2Chrtz22%2C1%2C%2C%2C&aus=300x250&divIds=cbola_code_222-1&auid=540788264&
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 58b60b0163f8be97cd3c3aaf2cc7607ebbc00cd9c1acd6a2ced3454b05aef80f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haaretz.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
353 B 443ms
148ms XHR
application/json 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: ab706c9dae60eb7b3d728dd2a45a450f8ced1135c5686f8136727340179635a1

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haaretz.com
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 284ms
152ms XHR
application/json 185.86.138.79
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:41 GMT
x-smrt-d: 4%3b2%3b48
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.haaretz.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H/1.1 204
No Content / Show response
hb.emxdgt.com/ 0
307 B 221ms
64ms XHR
text/html 18.196.104.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=2000&ts=1592455721936&src=pbjs
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 18 Jun 2020 04:48:41 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://www.haaretz.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 0

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 140ms
140ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:30 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 140ms
139ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:30 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H/1.1 200
OK chartbeat.js Show response
s3.amazonaws.com/static.chartbeat.com/js/ 36 KB
36 KB 567ms
147ms Script
binary/octet-stream 52.216.16.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.16.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Last-Modified: Fri, 24 Apr 2020 01:13:44 GMT
Server: AmazonS3
x-amz-request-id: FF87833556A1E640
ETag: "a770d044e339cc16e1385861faadb4f6"
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 36456
x-amz-id-2: 6ZwzbI0uWgzX3MSze4m9nXsRFu9zaYKyGM7bN2lmwluPxL32I3tsf7dhbz6c25Y3LOjp7p8+CpY=

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 14ms
13ms Script
application/x-javascript 2600:9000:2182:da00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:da00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 03:49:09 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 3572
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: wQa3zeiK-GGvySi_1gudT_v1T4fr57jQ0HGYSPz7Qt0RDcWWBqxhAw==
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
expires: Thu, 18 Jun 2020 05:49:09 GMT

GET getCombinedUserCampaign
ms-apps.haaretz.com/ms-gstat-campaign/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061205&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c8a5b79697b112651e8596fdd6eb186ccb63acc51027ffac46157c0b4c23260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5575
x-xss-protection: 0

POST
H/1.1 204
No Content SetEvent
analytics.carambo.la/ 0
0 141ms
140ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetEvent
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:41 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:42 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A5CD 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-length: 11302
date: Thu, 18 Jun 2020 02:00:49 GMT
expires: Fri, 18 Jun 2021 02:00:49 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10073
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061205&jk=2775205318892354&bg=!srGlsalYiP3pPEoHho0CAAAAaFIAAAAVmQGAVT_2iyAa_IT_ucl6wYjLNifzSYHlV8rpoti9FUPrRwO4M8K1Ucgi1bAt4gVWVKCqcH2w8PPgMOM5OiUbBNpIM-2dLKcz069bzc4mXGR7ATbrr5X3FCcKuWSX6TAruhc7i7A5qiuBynPeRo6USyAWzjo56A0CSEGU5LrlmMH5dIZrj_VT7deK2Z4ypmHc_IByl8GvlUuKzbsfNaLlbsx9XBB7sjNjwuG21zwplUbEtnR_NJoPK1sAXm7lBDdKP4lYiRV9500ZlMCE0owoIwMVCCXUNPyY7JTu7pM_wfdiGXhR-vDDzo7K9rwP-6yM2sK7TjKKjdBPUmfctGE0iT2M5JA8Lz2-AWg-2AN76ecWTaeSkWvVJZ-RruHYeCGZRG4RJYWKtSwunsRBurNAGLxzJEs9wHe0TfHCIVQ-2nEELxLFoiVIXu1OEAVqVojcl77XzN0OF0DJo4A3lRcV_qtLdg3ZS2YCCGnWcJRS6NZALi5ftQ43326Nci5C9spiw5FH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 139ms
139ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:31 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 protobuf.min.js Show response
cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/external/ 69 KB
21 KB 34ms
34ms XHR
text/javascript 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/external/protobuf.min.js
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F71C) /
Resource Hash: 04b075859121bd8bae2825f760da6f0a2f0a5e9c7755370a55d51c961e41354c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
age: 14051039
x-cache: HIT
status: 200
access-control-max-age: 3000
x-amz-request-id: 65FB3780CEB506B1
x-amz-id-2: uELcQhUM3FAIf259Ysh/65oLliQqAaTnPxJgG2VNZYICxrjax5UGKlemeit+ovOfOKNqvYCGgME=
last-modified: Tue, 07 Jan 2020 13:40:14 GMT
server: ECS (ska/F71C)
etag: "0b2aa9f2e7a587c31a287a8c3cdc3acd+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 21221

GET
H2 200 jstag Show response
carambola-d.openx.net/w/1.0/ Frame D462 66 KB
23 KB 68ms
67ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/jstag
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 68fa3d340992ba1fb617d52a76d0dc078fe6cd2de8035c7bf8a3c6f625caaaad

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 23344
via: 1.1 google
expires: Thu, 18 Jun 2020 05:48:42 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 140ms
140ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:41 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 jstag Show response
carambola-d.openx.net/w/1.0/ Frame B4BB 66 KB
23 KB 103ms
102ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/jstag
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 68fa3d340992ba1fb617d52a76d0dc078fe6cd2de8035c7bf8a3c6f625caaaad

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 23344
via: 1.1 google
expires: Thu, 18 Jun 2020 05:48:42 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 280ms
141ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 siab.js Show response
cdn.tynt.com/ Frame 3085 16 KB
6 KB 108ms
39ms Script
application/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/siab.js
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85775bef97a993589d135e5c9fb09b32e66aae654cd5f608365d1906d2c7c7b9

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 20:19:27 GMT
server: cloudflare
age: 116934
etag: W/"5ee1404f-4077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 5a526129a8dff210-ARN
cf-request-id: 03675b0e080000f2103fa80200000001
expires: Sun, 21 Jun 2020 04:48:42 GMT

POST
H/1.1 204
No Content SetAdsRequest
analytics.carambo.la/ 0
0 401ms
136ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetAdsRequest
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

POST
H/1.1 204
No Content SetHbBidRequestProto
analytics.carambo.la/ 0
0 374ms
138ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetHbBidRequestProto
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 acj Show response
carambola-d.openx.net/w/1.0/ Frame D462 1 KB
846 B 162ms
160ms Script
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/acj?o=9278459439&callback=OX_9278459439&ju=https%3A//www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&jr=&auid=540788250&dims=1600x1200&adxy=560%2C7270&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1&nl=63%2C65%2C64&ul=180%2C102%2C164
Requested by: Host: carambola-d.openx.net
URL: https://carambola-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 6a44417b7e8b0188d65b67701a10f8be2b9a1cfc4c3dea541a2c6592b69e9aed

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 652
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content AddLogs Show response
logging.carambo.la/ 0
176 B 138ms
138ms XHR
text/plain 35.171.145.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logging.carambo.la/AddLogs
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.145.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-145-24.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:37 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 alxossK2Sr6z0waKlId8sQ.js Show response
sc.tynt.com/script/sc/ Frame 3085 4 KB
1 KB 45ms
38ms Script
text/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/alxossK2Sr6z0waKlId8sQ.js

Requested by

Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea01c10c48ea826fb7a354347a1599ce72661d7ad479e34132c459bcbc5a074a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 90010
status: 200, 200 OK
x-xss-protection: 1; mode=block
x-request-id: cf8ad4ee-bf25-4bb5-bf35-c9110f17e9c5
x-runtime: 0.002559
x-content-digest: 3778165b914c58afe1b62db7c08506226590bd01
last-modified: Mon, 15 Jun 2020 14:06:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-request-id: 03675b0e560000f2103fa81200000001
cf-ray: 5a52612a2962f210-ARN
x-rack-cache: fresh
expires: Tue, 16 Jun 2020 02:54:12 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
296 B 453ms
150ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0&img=https%3A%2F%2Fimages.haarets.co.il%2Fimage%2Ffetch%2Fw_2200%2Ch_1468%2Cc_crop%2Fq_auto%2Ch_801%2Cw_1200%2Cc_fill%2Cf_auto%2Ffl_lossy.any_format.preserve_transparency.progressive%3Anone%2Fhttps%3A%2F%2Fwww.haaretz.co.il%2Fpolopoly_fs%2F1.5549872!%2Fimage%2F1018316866.jpg&ct=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs&t=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs%20-%20Business%20-%20Haaretz.com&cu=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&ah=https%3A%2F%2Fwww.haaretz.com%2Famp%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:42 GMT
server: nginx/1.16.1
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 acj Show response
carambola-d.openx.net/w/1.0/ Frame B4BB 1 KB
847 B 250ms
250ms Script
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://carambola-d.openx.net/w/1.0/acj?o=5494507740&callback=OX_5494507740&ju=https%3A//www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&jr=&auid=540788248&dims=1600x1200&adxy=860%2C7270&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200&mt=1&nl=63%2C65%2C64&ul=180%2C102%2C164
Requested by: Host: carambola-d.openx.net
URL: https://carambola-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: c3905454bb46cacc1491bb3cd816242ee68f6942fd8e2d24c901a542b8ad9f27

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 653
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ Frame 3085 352 KB
111 KB 112ms
41ms Script
application/javascript 104.16.39.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 3823769fb90a190baf59788bab532be7de30a367a4913bb84dbf099f61b6b1e8

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3325
x-powered-by: Love
status: 200
cf-request-id: 03675b0ec70000cb047b208200000001
last-modified: Wed, 17 Jun 2020 00:51:25 GMT
server: cloudflare
etag: W/"5ee9690d-580ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 5a52612ade2acb04-ARN
expires: Thu, 18 Jun 2020 05:48:42 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3F16 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzrdnzx82txOVREwxMZaeNnoBCMpzCjGDlp4OkzTzgGZqaJU0kTcPMaCTUjptAhOuDcxehaG277z1ydd6aHfvGt3Bk_YWsUo5wE3MW7jVSJGlJ8glPa31Hu__Ifw&sai=AMfl-YQPvCtKZ91Ia10HgUQmxZx9md0UPAJUuO7yesfXiF6uObLMe1vRO2CjwkeUYBB0XQZDMM8so4CyIZ-fzNVOvK13EDmEFCdoxxjazT5xIw&sig=Cg0ArKJSzECD7xkvyknNEAE&id=ampim&o=315,166&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=173&tls=1173&g=100&h=100&tt=1173&r=v&avms=ampa&adk=3466645787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame 9921 5 KB
3 KB 55ms
55ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?p64toCdMtT&_ADTIME_&z=555864&width=300&height=250
Requested by: Host: carambola-d.openx.net
URL: https://carambola-d.openx.net/w/1.0/jstag
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d9a8894ccd01eeb35ad25407f2956f4be97e08632ae383b1ab2ec31a5bc6295f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5e865971-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 9921 51 KB
17 KB 64ms
64ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?p64toCdMtT&_ADTIME_&z=555864&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d42c94c3a511030d8d69f3f51662d02a1c5bcb2c7cafcd989d5279c1511b8d9d

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 21:30:23 GMT
Server: nginx
ETag: W/"5e86596f-cce2"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 19 Jun 2020 04:48:42 GMT

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame FC72 5 KB
3 KB 84ms
55ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?N90bJwARze&_ADTIME_&z=555863&width=300&height=250
Requested by: Host: carambola-d.openx.net
URL: https://carambola-d.openx.net/w/1.0/jstag
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d9a8894ccd01eeb35ad25407f2956f4be97e08632ae383b1ab2ec31a5bc6295f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5e865970-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 441ms
147ms Script
application/javascript 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=alxossK2Sr6z0waKlId8sQ&dn=SIAB&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 18 Jun 2020 04:48:42 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Fri, 19 Jun 2020 04:48:43 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 440ms
147ms Script
application/javascript 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&id=alxossK2Sr6z0waKlId8sQ&dn=SIAB&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/siab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 18 Jun 2020 04:48:42 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Fri, 19 Jun 2020 04:48:43 GMT

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ Frame 3085 7 KB
2 KB 38ms
37ms Stylesheet
text/css 104.16.39.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 144ccbf730ec71818fae810e659d64064f4f6a783d5730c5f468eff5ac57828c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3323
x-powered-by: Love
status: 200
cf-request-id: 03675b0f950000cb047b216200000001
last-modified: Wed, 17 Jun 2020 00:47:29 GMT
server: cloudflare
etag: W/"5ee96821-1c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 5a52612c2f83cb04-ARN
expires: Thu, 18 Jun 2020 05:48:42 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame A75E 84 KB
30 KB 174ms
58ms Script
application/javascript 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: f335c83481cce8ac7f844875d8d734bb169e9bbda182b2b416deb821a3d59dba

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Age: 40448
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 30161
X-Served-By: cache-lga21925-LGA, cache-fra19141-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 03 Jun 2020 17:34:05 GMT
Server: nginx/1.13.10
X-Timer: S1592455723.035821,VS0,VE0
ETag: W/"5ed7df0d-15057"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 04 Jun 2020 17:34:10 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 1295

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame EEC1 102 KB
26 KB 714ms
261ms Script
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:45:52 GMT
content-encoding: gzip
server: Server
age: 170
etag: b586b236f6b3db3c4ca9410451195336
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: nhjMu5p2h_6XvQRnfAg32h424GvjnX_jCIHNzqypeInntdAkWIEUMA==
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)

GET
H2 200 authorize Show response
sic.33across.com/ Frame 3085 1 KB
1 KB 173ms
150ms Script
text/javascript 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://sic.33across.com/authorize?gdprConsentLength=0&usPrivacy=&version=3.3.0&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&product=siab&userId=&sessionId=&publisherURL=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&referrerURL=&publisherId=alxossK2Sr6z0waKlId8sQ&publisher=Haaretz300_w3.com&displayableSizes=300x250&viewportWidth=300&viewportHeight=250&screenWidth=1600&screenHeight=1200&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=300&pageHeight=250&_=1592455722895&callback=_tynt_jp.a3tjm7osl

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip24.67-202-110.static.steadfastdns.net

Software

/ Love

Resource Hash

ff063a80db3769f6ad0e5d435695f3a84a960f5f2148576ccd157fe03a39402a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-powered-by: Love
etag: W/"5f4-qF31QMOspJkkdwQ8RkVTUbbucPQ"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With, Authorization

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 9921 175 B
560 B 62ms
56ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=555864&tid=099c8f6be99643239545eaaa5fd8c260fd9ab8ce&mode=1&dmn=www.haaretz.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f0c9df2730726fd4f3fccf4b90a3314b178f91cd42800803818617fbe3a8c1

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 156

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame FC72 51 KB
17 KB 115ms
87ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?N90bJwARze&_ADTIME_&z=555863&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d42c94c3a511030d8d69f3f51662d02a1c5bcb2c7cafcd989d5279c1511b8d9d

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 21:30:27 GMT
Server: nginx
ETag: W/"5e865973-cce2"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 19 Jun 2020 04:48:42 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 9921 381 B
1 KB 98ms
97ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=555864&tid=a_555864_0f4240bec14646848af21b25b8ee3bf6&cb=96785303&mode=1&flv=0.0.0&ifr=true&od=www.haaretz.com&time=04%3A48%3A42&fd=2&be=sf&loc=https%3A%2F%2Fwww.haaretz.com&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&abf=true&dpz=false&cv=8bf7616&dop=0&ndw=1&spif=true&btid=a_555864_0f4240bec14646848af21b25b8ee3bf6&gdpr_consent=undefined
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b3715a47862fd3b0a60fbe349e4e48f98c5589d3ea825baa0e30a4ce488dd69f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 266

GET
H2 204 p
ic.tynt.com/b/ 0
121 B 151ms
150ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0&img=https%3A%2F%2Fimages.haarets.co.il%2Fimage%2Ffetch%2Fw_2200%2Ch_1468%2Cc_crop%2Fq_auto%2Ch_801%2Cw_1200%2Cc_fill%2Cf_auto%2Ffl_lossy.any_format.preserve_transparency.progressive%3Anone%2Fhttps%3A%2F%2Fwww.haaretz.co.il%2Fpolopoly_fs%2F1.5549872!%2Fimage%2F1018316866.jpg&ct=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs&t=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs%20-%20Business%20-%20Haaretz.com&cu=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:43 GMT
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame FC72 175 B
558 B 58ms
57ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=555863&tid=ee9e28c90a1f419984b571fca46fa298158e11ba&mode=1&dmn=www.haaretz.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fbd7d78326373e6e59ba42ce21dfe5fa83e9828daf4c0d1ee9ebfd0417cac5

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 154

GET
H/1.1 200
OK getPsa Show response
psa.carambo.la/ Frame 9921 2 KB
2 KB 626ms
139ms Script
application/javascript 52.207.21.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psa.carambo.la/getPsa?width=300&height=250&did=112931&pid=hrtz22&isMobile=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.21.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-21-55.compute-1.amazonaws.com
Software: nginx/1.10.1 / Express
Resource Hash: aa18e634f45d1a9578e0fe76e7a5ade095d1b4efd36baf690c9b1244102366f7

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx/1.10.1
Connection: keep-alive
X-Powered-By: Express
Content-Length: 1637
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 81CF 43 KB
14 KB 68ms
67ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

90ea976e7f021e997b9e2c1e193609df8a2ce3398be19bc80ab84a7f46270c56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "546 / 0 of 1000 / last-modified: 1592405514"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14412
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:43 GMT

GET
H2 200 jstag Show response
33across-d.openx.net/w/1.0/ Frame 1CC5 167 KB
57 KB 148ms
79ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 3016b51553ea7c06023a7827957b276a9d489dd6f0581b7d659fe2330933a247

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58076
via: 1.1 google
expires: Thu, 18 Jun 2020 05:48:43 GMT

GET
H2 200 jstag Show response
33across-d.openx.net/w/1.0/ Frame 832B 167 KB
57 KB 140ms
75ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 247ad3b148e0c5ea83f7c114658150acb2e1f9635d6695c09b328e6cac788b27

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58073
via: 1.1 google
expires: Thu, 18 Jun 2020 05:48:43 GMT

GET
H2 200 jstag Show response
33across-d.openx.net/w/1.0/ Frame 1DA2 167 KB
57 KB 233ms
173ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: ba6300d935333b4b51c562bc4bbc88ace0ab33a5df142809ef307f3c824b9606

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
server: OXGW/16.188.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58075
via: 1.1 google
expires: Thu, 18 Jun 2020 05:48:43 GMT

POST
H2 200 exchange Show response
ssc.33across.com/api/ Frame 3085 88 B
367 B 449ms
153ms XHR
application/json 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/exchange
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: / 33Across
Resource Hash: 28e3af3b38c806e49d751be7347a40aa15ab953098845138c46fd2076127d569

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
status: 200, 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.haaretz.com
access-control-allow-credentials: true

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame FC72 381 B
1 KB 89ms
89ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=555863&tid=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&cb=48827175&mode=1&flv=0.0.0&ifr=true&od=www.haaretz.com&time=04%3A48%3A43&fd=2&be=sf&loc=https%3A%2F%2Fwww.haaretz.com&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&abf=true&dpz=false&cv=8bf7616&dop=0&ndw=1&spif=true&btid=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&gdpr_consent=undefined
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: fd120782190e8ce4efeea35ead0d4e56e7b194b1b2b2bcc63895e2d7949f9fef

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 265

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A75E 165 B
860 B 231ms
114ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b770489074f47e9789d1d7ae70db069e44d29dd55e9e7fdcd0191854c38c175d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:45 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: 2ad7d280-82cb-40fb-9081-f4122a0a97ab
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.haaretz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A75E 160 B
854 B 181ms
60ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c382c5a9d328c19d5e3fca082cef5bfb838c2b1987a58064c8aff1e565b4b731

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:45 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid: f4e8b514-a39f-4f35-bee6-ee3fdae33649
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.haaretz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A75E 165 B
859 B 222ms
102ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

db6b80d63b6f426e10a965904e7647e32f9b12e09ab43fc23edb47b77efe0ebc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:45 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid: 930b9640-49b7-43b6-a1c6-0bf8300b80b9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.haaretz.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl_2020061205.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 81CF 246 KB
88 KB 63ms
63ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

f8a71c83692923b567fcfc765b779f079d6eb1c421853fa4a0fc0fc8efcae164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 Jun 2020 18:39:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89797
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:43 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
121 B 151ms
150ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0&img=https%3A%2F%2Fimages.haarets.co.il%2Fimage%2Ffetch%2Fw_2200%2Ch_1468%2Cc_crop%2Fq_auto%2Ch_801%2Cw_1200%2Cc_fill%2Cf_auto%2Ffl_lossy.any_format.preserve_transparency.progressive%3Anone%2Fhttps%3A%2F%2Fwww.haaretz.co.il%2Fpolopoly_fs%2F1.5549872!%2Fimage%2F1018316866.jpg&ct=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs&t=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs%20-%20Business%20-%20Haaretz.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:43 GMT
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK getPsa Show response
psa.carambo.la/ Frame FC72 2 KB
2 KB 538ms
135ms Script
application/javascript 52.207.21.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psa.carambo.la/getPsa?width=300&height=250&did=112931&pid=hrtz22&isMobile=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.21.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-21-55.compute-1.amazonaws.com
Software: nginx/1.10.1 / Express
Resource Hash: 4ea142c0f0a304215afab7b5921563ac4c8629d658feaaefa2f85f9f0b14a882

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx/1.10.1
Connection: keep-alive
X-Powered-By: Express
transfer-encoding: chunked
Content-Type: application/javascript; charset=UTF-8

POST
H/1.1 204
No Content SetConsentStatus
analytics.carambo.la/ 0
0 140ms
140ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetConsentStatus
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:42 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 204 p
ic.tynt.com/b/ 0
121 B 151ms
150ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0&img=https%3A%2F%2Fimages.haarets.co.il%2Fimage%2Ffetch%2Fw_2200%2Ch_1468%2Cc_crop%2Fq_auto%2Ch_801%2Cw_1200%2Cc_fill%2Cf_auto%2Ffl_lossy.any_format.preserve_transparency.progressive%3Anone%2Fhttps%3A%2F%2Fwww.haaretz.co.il%2Fpolopoly_fs%2F1.5549872!%2Fimage%2F1018316866.jpg&ct=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:43 GMT
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 acj Show response
33across-d.openx.net/w/1.0/ Frame 1CC5 454 B
610 B 130ms
129ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33across-d.openx.net/w/1.0/acj?o=23dfd046b9782&ju=https%3A//www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&jr=&nl=63%252C65%252C64%252C70%252C65&ul=180%252C102%252C164%252C72%252C67&be=1&prf=0&auid=538526169&aus=300x250&bc=hb_2api&bt=5000&c.placement=alxossK2Sr6z0waKlId8sQ%3ASIAB%3Adesktop%3AINTL%3Atier1&c.pf=75&c.cc=164&c.33xvis=0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=1x1&ifr=1&tws=300x250
Requested by: Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: c410525ec68257736a74f105d1752e9208ace916428229e34e28e8f2c057db47

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haaretz.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 281
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
33across-d.openx.net/w/1.0/ Frame 832B 454 B
478 B 157ms
157ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33across-d.openx.net/w/1.0/acj?o=2638a07d333dd1&ju=https%3A//www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&jr=&nl=63%252C65%252C64%252C70%252C65&ul=180%252C102%252C164%252C72%252C67&be=1&prf=0&auid=538526169&aus=300x250&bc=hb_2api&bt=5000&c.placement=alxossK2Sr6z0waKlId8sQ%3ASIAB%3Adesktop%3AINTL%3Atier2&c.pf=50&c.cc=164&c.33xvis=0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=1x1&ifr=1&tws=300x250
Requested by: Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: 1d84e3ed36f55da10875c0c9fb2049feb6651f1a021c8ce894fffff503ea0f40

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haaretz.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 282
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
33across-d.openx.net/w/1.0/ Frame 1DA2 454 B
475 B 207ms
207ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://33across-d.openx.net/w/1.0/acj?o=2b93941bcba311&ju=https%3A//www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&jr=&nl=63%252C65%252C64%252C70%252C65&ul=180%252C102%252C164%252C72%252C67&be=1&prf=0&auid=538526169&aus=300x250&bc=hb_2api&bt=5000&c.placement=alxossK2Sr6z0waKlId8sQ%3ASIAB%3Adesktop%3AINTL%3Atier3&c.pf=35&c.cc=164&c.33xvis=0&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=1x1&ifr=1&tws=300x250
Requested by: Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash: d6c48b3b520e41abe6146bc36595f72d5afc7cb001ae52d17255f26526e5b35b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.haaretz.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 282
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame AAFA 0
0 68ms
66ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
Requested by: Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; Version=1; Expires=Fri, 18-Jun-2021 04:48:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592455723|mOgqgikin0fcvNmWiygu; Version=1; Expires=Fri, 03-Jul-2020 04:48:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 18 Jun 2020 04:48:43 GMT
content-type: text/html
content-length: 532
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 p
ic.tynt.com/b/ 0
121 B 150ms
150ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0&img=https%3A%2F%2Fimages.haarets.co.il%2Fimage%2Ffetch%2Fw_2200%2Ch_1468%2Cc_crop%2Fq_auto%2Ch_801%2Cw_1200%2Cc_fill%2Cf_auto%2Ffl_lossy.any_format.preserve_transparency.progressive%3Anone%2Fhttps%3A%2F%2Fwww.haaretz.co.il%2Fpolopoly_fs%2F1.5549872!%2Fimage%2F1018316866.jpg&ct=Israel%27s%20Teva%20examining%20claims%20workers%20bribed%20healthcare%20officials%20to%20push%20prescription%20drugs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:43 GMT
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 02B6 0
0 64ms
63ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
Requested by: Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; Version=1; Expires=Fri, 18-Jun-2021 04:48:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592455723|mOgqgikin0fcvNmWiygu; Version=1; Expires=Fri, 03-Jul-2020 04:48:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 18 Jun 2020 04:48:43 GMT
content-type: text/html
content-length: 532
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EEC1 6 KB
3 KB 679ms
227ms XHR
application/javascript 13.226.146.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.146.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-86.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 15:43:17 GMT
content-encoding: gzip
vary: Origin
age: 47128
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Sat, 06 Jun 2020 15:26:41 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: G7DRME9-VJ9fVM5L0TUcd2b5GBNLS_NLybF5oZ3qU7MaAfE1sKv-FA==

GET
H2 204 p
ic.tynt.com/b/ 0
121 B 150ms
150ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0&img=https%3A%2F%2Fimages.haarets.co.il%2Fimage%2Ffetch%2Fw_2200%2Ch_1468%2Cc_crop%2Fq_auto%2Ch_801%2Cw_1200%2Cc_fill%2Cf_auto%2Ffl_lossy.any_format.preserve_transparency.progressive%3Anone%2Fhttps%3A%2F%2Fwww.haaretz.co.il%2Fpolopoly_fs%2F1.5549872!%2Fimage%2F1018316866.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:43 GMT
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H/1.1 204
No Content SetHbBidRequestProto
analytics.carambo.la/ 0
0 138ms
138ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetHbBidRequestProto
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H/1.1 204
No Content SetLastMile Show response
analytics.carambo.la/ Frame 9921 0
144 B 139ms
138ms Script
text/plain 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetLastMile?public_key=hrtz22&domain_id=2931&product_type=2&is_mobile=0&tag_id=0
Requested by: Host: psa.carambo.la
URL: https://psa.carambo.la/getPsa?width=300&height=250&did=112931&pid=hrtz22&isMobile=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 adc_wfp_planes_300x250.jpg
media.carambo.la/PSA2/ Frame 9921 22 KB
23 KB 34ms
33ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/PSA2/adc_wfp_planes_300x250.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70A) /
Resource Hash: 471df31b3ef047fcc68d94653e107796b802d225eefacd861e9b2383bea1a371

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
age: 21610604
x-cache: HIT
status: 200
x-amz-request-id: 5313FFCC33BB9103
x-amz-id-2: cB2kZ3GQh3R9qJWonZgUWhDEaiQBYJrhEkZ7d7C8P0OSZW/JuMW+rac01/dGfg+ltclAFpKEyzs=
accept-ranges: bytes
last-modified: Tue, 21 Feb 2017 11:43:51 GMT
server: ECS (ska/F70A)
etag: "74a06e1de574081b9b50aff18d844976"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 22910

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame 66F5 0
0 169ms
56ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_555864_0f4240bec14646848af21b25b8ee3bf6&rand=7865&informer=13410076&type=fpads&loc=https%3A%2F%2Fwww.haaretz.com&v=1.2&gdpr_consent=undefined
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

Server: nginx
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 9921 72 KB
9 KB 67ms
66ms Script
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=555864&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 5b8a6c72b9bb95f5f17799bb2ef04dac09b2ce09e0e29e3d96eff304f8d12c89

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap3ams1.lijit.com/addelivery/ Frame 9921 43 B
567 B 172ms
55ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap3ams1.lijit.com/addelivery/impression?bannerid=217303&campaignid=232&cb=56445392&tid=a_555864_0f4240bec14646848af21b25b8ee3bf6&zoneid=555864&cids=232&bids=217303&tss=0
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap3ams1.lijit.com/data/ Frame 9921 43 B
210 B 179ms
58ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap3ams1.lijit.com/data/fp?tid=a_555864_0f4240bec14646848af21b25b8ee3bf6&zoneid=555864&starttime=1592455722897&adcfg=5&adcfg_response=68&addelivery=72&addelivery_response=171&lgfired=803&beacon=805&container=806&EOL=807&ctstart=805&elapsed_ms=807
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx
X-Sovrn-Pod: ad_ap3ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame F654 0
0 63ms
63ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
Requested by: Host: 33across-d.openx.net
URL: https://33across-d.openx.net/w/1.0/jstag?nc=17118521-33Across
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; pd=v2|1592455723|mOgqgikin0fcvNmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; Version=1; Expires=Fri, 18-Jun-2021 04:48:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592455723|rskimWfcvmsHqGgqmuiynIsLomgemOvNgunsn0gi; Version=1; Expires=Fri, 03-Jul-2020 04:48:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 18 Jun 2020 04:48:43 GMT
content-type: text/html
content-length: 474
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 81CF 323 B
224 B 140ms
140ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2554793211485964&correlator=3050440452431056&output=ldjh&impl=fif&eid=21066032%2C21064169%2C21065929%2C22316437%2C21066348&vrg=2020061205&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200618&iu_parts=32867010%2CSIAB_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=c%3D10%26r%3D110%26d%3DHaaretz300_w3.com%26g%3DalxossK2Sr6z0waKlId8sQ%26gd%3DalxossK2Sr6z0waKlId8sQ%253Adesktop%26cc%3D164%26pf%3D50%26ivt%3D12%26iva%3D2%26ivb%3D1%26ivc%3D1%26ivd%3D0%26ivp%3D3%26osr%3D3%26vis%3D0%26pre%3Dapnx%253A0%2Cox%253A0%2Cttx%253A0%26pre_sz%3Dapnx%253A0x0%2Cox%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cox%253A0%2Cttx%253A0%26hb%3D0&cookie=ID%3Dec67c6f5cc37dbac%3AT%3D1592455719%3AS%3DALNI_MYfc8ZepSebyMtgfLzQJHQX2H6C2Q&bc=31&abxe=1&lmt=1592455723&dt=1592455723726&dlt=1592455723082&idt=187&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=868&adys=7678&adks=62473835&ucis=8f9fp4hjlvrx&ifi=1&ifk=1834115484&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&ref=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&top=https%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&dssz=2&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=284x250&msz=284x250&ga_vid=699211627.1592455724&ga_sid=1592455724&ga_hid=2037869879&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

3531a43e3c277463c26b1b88de6eaaac903d6b294941f3ef68d37aeca260e84e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.haaretz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
725d18cd3df13a5f2d28310cb1daa391.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 81CF 0
0 58ms
13ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://725d18cd3df13a5f2d28310cb1daa391.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 81CF 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 204
No Content SetHbBidRequestProto
analytics.carambo.la/ 0
0 137ms
137ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetHbBidRequestProto
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H/1.1 204
No Content SetLastMile Show response
analytics.carambo.la/ Frame FC72 0
144 B 214ms
138ms Script
text/plain 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetLastMile?public_key=hrtz22&domain_id=2931&product_type=2&is_mobile=0&tag_id=0
Requested by: Host: psa.carambo.la
URL: https://psa.carambo.la/getPsa?width=300&height=250&did=112931&pid=hrtz22&isMobile=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 adc_unitedway_liveunited2_300x250.jpg
media.carambo.la/PSA2/ Frame FC72 17 KB
17 KB 36ms
35ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/PSA2/adc_unitedway_liveunited2_300x250.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F706) /
Resource Hash: 258aba3f5088c32b8f230ca5f77aa86cb4a16e47aad2030822729cf5a245e897

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
age: 29878748
x-cache: HIT
status: 200
x-amz-request-id: 47A8E7558A9E5AEB
x-amz-id-2: kSRZJ1CC+A0cjfLGwfevvw2C1qmCEcD6l8IgR8q+pi7/RmhAwOKfoyh/HszD9o1gxBP2RIZIDF0=
accept-ranges: bytes
last-modified: Tue, 21 Feb 2017 11:43:45 GMT
server: ECS (ska/F706)
etag: "a327b043417a50a26c27378619a4c080"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=63072000,s-maxage=63072000
content-length: 17591

GET
H/1.1 204
No Content beacon
gslbeacon.lijit.com/ Frame E60D 0
0 161ms
55ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&rand=889&informer=13410076&type=fpads&loc=https%3A%2F%2Fwww.haaretz.com&v=1.2&gdpr_consent=undefined
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

Server: nginx
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame FC72 72 KB
9 KB 69ms
68ms Script
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=555863&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 5b8a6c72b9bb95f5f17799bb2ef04dac09b2ce09e0e29e3d96eff304f8d12c89

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap3ams1.lijit.com/addelivery/ Frame FC72 43 B
567 B 166ms
55ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap3ams1.lijit.com/addelivery/impression?bannerid=217302&campaignid=232&cb=48827175&tid=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&zoneid=555863&cids=232&bids=217302&tss=0
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap3ams1.lijit.com/data/ Frame FC72 43 B
210 B 169ms
58ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap3ams1.lijit.com/data/fp?tid=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&zoneid=555863&starttime=1592455723034&adcfg=1&adcfg_response=95&addelivery=96&addelivery_response=187&lgfired=730&beacon=731&container=732&EOL=732&ctstart=731&elapsed_ms=732
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx
X-Sovrn-Pod: ad_ap3ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 9921 43 B
210 B 71ms
71ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_555864_0f4240bec14646848af21b25b8ee3bf6&zoneid=555864&cid=18&geo=SE&all_tags=130%2C134%2C151%2C174%2C185%2C203%2C205%2C206%2C211%2C234%2C239%2C241%2C248%2C265%2C277%2C309%2C331%2C332%2C333%2C334%2C335%2C336%2C369%2C381%2C383%2C388%2C396%2C415%2C417%2C421%2C423%2C429%2C444%2C448%2C450%2C455%2C458%2C460%2C465%2C476%2C484%2C490%2C494%2C501%2C503%2C506%2C508%2C512%2C517%2C519%2C520%2C523%2C530%2C533%2C534%2C535%2C536%2C537%2C538%2C539%2C541%2C543&tss=79%2C79%2C79%2C81&fired_tags=517%2C519%2C520%2C541&count=4&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C8&elapsed_ms=82
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx
X-Sovrn-Pod: ad_ap3ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H2 204 p
ic.tynt.com/b/ 0
121 B 151ms
151ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=alxossK2Sr6z0waKlId8sQ&lm=5&ts=1592455722558&dn=SIAB&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-110.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:43 GMT
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame FC72 43 B
210 B 66ms
65ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_555863_b3ecc7d1159a4ac3a4bb9a69bd9cc362&zoneid=555863&cid=18&geo=SE&all_tags=130%2C134%2C151%2C174%2C185%2C203%2C205%2C206%2C211%2C234%2C239%2C241%2C248%2C265%2C277%2C309%2C331%2C332%2C333%2C334%2C335%2C336%2C369%2C381%2C383%2C388%2C396%2C415%2C417%2C421%2C423%2C429%2C444%2C448%2C450%2C455%2C458%2C460%2C465%2C476%2C484%2C490%2C494%2C501%2C503%2C506%2C508%2C512%2C517%2C519%2C520%2C523%2C530%2C533%2C534%2C535%2C536%2C537%2C538%2C539%2C541%2C543&tss=80%2C80%2C81%2C82&fired_tags=517%2C519%2C520%2C541&count=4&status=8%2C8%2C12%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C1%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C8&elapsed_ms=83
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Server: nginx
X-Sovrn-Pod: ad_ap3ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK fpi.js Show response
ap.lijit.com/www/delivery/ Frame 5388 5 KB
3 KB 57ms
57ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/delivery/fpi.js?{random}&_ADTIME_&z=555863&width=300&height=250
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d9a8894ccd01eeb35ad25407f2956f4be97e08632ae383b1ab2ec31a5bc6295f

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"5e86596f-1540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 81CF 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020061205&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72d85c769d03fe133ab76b79b9fb7a329d96fc370ef86257eed9fe4bc527a5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5696
x-xss-protection: 0

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 5EF4 0
0 63ms
63ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Requested by: Host: carambola-d.openx.net
URL: https://carambola-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; pd=v2|1592455723|rskimWfcvmsHqGgqmuiynIsLomgemOvNgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; Version=1; Expires=Fri, 18-Jun-2021 04:48:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592455723|rsj8gmkimWfcvmsHtlqGgqmuiyfQnIsLiSomgemOvNgulEnsn0gi; Version=1; Expires=Fri, 03-Jul-2020 04:48:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 18 Jun 2020 04:48:43 GMT
content-type: text/html
content-length: 355
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 81CF 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020061205.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 18 Jun 2020 04:48:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame CDB1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-length: 11302
date: Thu, 18 Jun 2020 02:00:49 GMT
expires: Fri, 18 Jun 2021 02:00:49 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10074
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 5388 51 KB
17 KB 67ms
67ms Script
text/javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?{random}&_ADTIME_&z=555863&width=300&height=250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: d42c94c3a511030d8d69f3f51662d02a1c5bcb2c7cafcd989d5279c1511b8d9d

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 21:30:24 GMT
Server: nginx
ETag: W/"5e865970-cce2"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 19 Jun 2020 04:48:43 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 2DB7 0
0 62ms
62ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
Requested by: Host: carambola-d.openx.net
URL: https://carambola-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.188.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; pd=v2|1592455723|rsj8gmkimWfcvmsHtlqGgqmuiyfQnIsLiSomgemOvNgulEnsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=192c2703-ddd3-0134-1d60-b292952b74c0|1592455722; Version=1; Expires=Fri, 18-Jun-2021 04:48:44 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1592455723.1|rsj8gmkimWfcvmsHtlqGgqmuiyfQnIsLiSomgemOvNgulEnsn0gi.fotKjotuvtsf; Version=1; Expires=Fri, 03-Jul-2020 04:48:44 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.188.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 18 Jun 2020 04:48:44 GMT
content-type: text/html
content-length: 407
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 5388 175 B
559 B 58ms
58ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/adcfg?zoneid=555863&tid=908f78940f8c4d989c50be69670ac0456ce85d9a&mode=1&dmn=www.haaretz.com
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b7524d20794672f6593c6f94fd1af8207fbd628c11d516809fbcd27b6827044c

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:44 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 155

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81CF 0
56 B 17ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020061205&jk=2554793211485964&bg=!VlWlVU1Y-vurnrMoragCAAAAWlIAAAARmQGyre3hdGFre8fzkVFp6bqq6puROrwqB8PethRu_XONwgwMcGpn6mciWeq7ofuIqaImSid1ESqb41RVGptXN6PfuLgQr4jpI5LHq3j5FXxob6gyjqL2W8sc9D-ETSx1rvOc8kS9LyjwUI-n8_1R-n8344OJxkr_aEeU4IOZax8xzmwr-a_rzMKbfumoYHyCCqUIX3FkKSPG5y4bFF8crVGIOxb5WUgxPZcZ1mohKTfLUWhWyatFIPjMiKaYillficvH7lrwHQpWj3gdmDEQrfOnNKnyJmfFtufpEz8NrbcgGFLz7pqG88wypHqGKDZOmX6EJX1yd7OlVAHMDn3eviZurzOuBUSRoodoaZa97T-hFX3_APeb5yOsBeIqXed4Gy_dEDvSpkRECwGTgXICX3w0Y0fW6VymYlODUgggk0cs_ZZfGGFqYrcLxzoSPZNfOjr6MgLchS7jPtsMG3GUetWmeN6-HH1PTy1IZwsoX1-C4bzGLdb2dieqwCTc0illT2Hkjfx2K5tPzVhasrKiqHlfcQJ6hzAVIXic5gvoijb17AnULtHUp4HddjLY9W0BHvroM8Y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jun 2020 04:48:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 5388 381 B
1 KB 100ms
100ms Script
application/x-javascript 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/addelivery?zoneid=555863&tid=a_555863_494d5b756190421e83672dec11441f81&cb=32428942&mode=1&flv=0.0.0&ifr=true&od=www.haaretz.com&time=04%3A48%3A44&fd=2&be=sf&loc=https%3A%2F%2Fwww.haaretz.com&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.haaretz.com%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&abf=true&dpz=false&cv=8bf7616&dop=0&ndw=1&spif=true&btid=a_555863_494d5b756190421e83672dec11441f81&gdpr_consent=undefined
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f9770f2d2bda749ae4d8a0669c71b0428192e2d8b73cf031006f4a1697617ac

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:44 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 265

GET
H/1.1 200
OK getPsa Show response
psa.carambo.la/ Frame 5388 2 KB
2 KB 135ms
135ms Script
application/javascript 52.207.21.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psa.carambo.la/getPsa?width=300&height=250&did=112931&pid=hrtz22&isMobile=0
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.21.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-21-55.compute-1.amazonaws.com
Software: nginx/1.10.1 / Express
Resource Hash: 6119843bdb82dfcce4baeb31e280a467b76302e30b7780451ed32c160c1419a9

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:44 GMT
Server: nginx/1.10.1
Connection: keep-alive
X-Powered-By: Express
Content-Length: 1638
Content-Type: application/javascript; charset=UTF-8

POST
H/1.1 204
No Content SetHbBidRequestProto
analytics.carambo.la/ 0
0 137ms
136ms Fetch 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetHbBidRequestProto
Requested by: Host: cdata.carambo.la
URL: https://cdata.carambo.la/Layer/InImage/Prod/cbola_platform/version_2.29.6/js/Carambola_layer_152.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:44 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H/1.1 204
No Content SetLastMile Show response
analytics.carambo.la/ Frame 5388 0
144 B 139ms
138ms Script
text/plain 18.209.196.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.carambo.la/SetLastMile?public_key=hrtz22&domain_id=2931&product_type=2&is_mobile=0&tag_id=0
Requested by: Host: psa.carambo.la
URL: https://psa.carambo.la/getPsa?width=300&height=250&did=112931&pid=hrtz22&isMobile=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.196.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-196-238.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:43 GMT
Cache-Control: no-cache
Connection: keep-alive
Expires: -1

GET
H2 200 rtm_shrri_oti_2.jpg
media.carambo.la/PSA2/ Frame 5388 23 KB
24 KB 34ms
33ms Image
image/jpeg 152.195.39.46
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.carambo.la/PSA2/rtm_shrri_oti_2.jpg
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.46 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F714) /
Resource Hash: 96f24e1d76c72e67e4ca271a461be61bfc5363ff06a34dc96c290ddf717e45f8

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 04:48:44 GMT
age: 227912
x-cache: HIT
status: 200
x-amz-request-id: BBCBEE70301A78EA
x-amz-id-2: T28jakwMFaSmU9BflVQy/1yhP3PFy971yqRdkZULzF17zmTcWQ30R2cOM3EoBDsLnjWOUi/FNb8=
accept-ranges: bytes
last-modified: Mon, 20 Jan 2020 13:18:57 GMT
server: ECS (ska/F714)
etag: "e074613cb344ab292d4eeba78c7695b6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 23946

GET
H/1.1 204
No Content Cookie set beacon
gslbeacon.lijit.com/ Frame 348E 0
0 57ms
56ms Document
text/plain 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://gslbeacon.lijit.com/beacon?viewId=a_555863_494d5b756190421e83672dec11441f81&rand=1843&informer=13410076&type=fpads&loc=https%3A%2F%2Fwww.haaretz.com&v=1.2&gdpr_consent=undefined
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: gslbeacon.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ctag=448:1592542123|512:1592542123|450:1592542123|388:1595047723|517:1592542123|423:1592542123|520:1595047723|234:1593665323|203:1593665323|523:1592542123|205:1592542123|174:1592542123|206:1592542123|494:1592542123|241:1592542123|369:1592542123|211:1592542123|185:1592542123|506:1592542123|508:1592542123|541:1593665323
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157

Response headers

Server: nginx
Date: Thu, 18 Jun 2020 04:48:44 GMT
Set-Cookie: ctag=448:1592542123|512:1592542123|450:1592542123|388:1595047723|517:1592542123|423:1592542123|520:1595047723|234:1593665323|203:1593665323|523:1592542123|205:1592542123|174:1592542123|206:1592542123|494:1592542123|241:1592542123|369:1592542123|211:1592542123|185:1592542123|506:1592542123|508:1592542123|541:1593665323;Path=/;Domain=.lijit.com;Expires=Sat, 18-Jul-2020 04:48:44 GMT;Max-Age=2592000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 5388 47 KB
6 KB 62ms
62ms Script
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/containertag?containerId=18&zoneId=555863&v=2
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: 11ea1e885ed2f1d9a968d745d68de1bc17686cfc90a2a74034a931904a9131ec

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:44 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ad_ap3ams1
Content-Type: application/json
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap3ams1.lijit.com/addelivery/ Frame 5388 43 B
567 B 57ms
56ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap3ams1.lijit.com/addelivery/impression?bannerid=217302&campaignid=232&cb=32428942&tid=a_555863_494d5b756190421e83672dec11441f81&zoneid=555863&cids=232&bids=217302&tss=0
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Jun 2020 04:48:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Content-Type: image/gif
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK fp
vap3ams1.lijit.com/data/ Frame 5388 43 B
210 B 56ms
55ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vap3ams1.lijit.com/data/fp?tid=a_555863_494d5b756190421e83672dec11441f81&zoneid=555863&starttime=1592455724011&adcfg=1&adcfg_response=60&addelivery=62&addelivery_response=163&lgfired=305&beacon=306&container=307&EOL=307&ctstart=306&elapsed_ms=307
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:44 GMT
Server: nginx
X-Sovrn-Pod: ad_ap3ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK ct
ap.lijit.com/data/ Frame 5388 43 B
210 B 65ms
65ms Image
image/gif 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/data/ct?tid=a_555863_494d5b756190421e83672dec11441f81&zoneid=555863&cid=18&geo=SE&all_tags=130%2C134%2C151%2C239%2C248%2C265%2C277%2C309%2C331%2C332%2C333%2C334%2C335%2C336%2C381%2C383%2C396%2C415%2C417%2C421%2C429%2C444%2C455%2C458%2C460%2C465%2C476%2C484%2C490%2C501%2C503%2C519%2C530%2C533%2C534%2C535%2C536%2C537%2C538%2C539%2C543&tss=69&fired_tags=519&count=1&status=8%2C8%2C12%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8&elapsed_ms=69
Requested by: Host: www.haaretz.com
URL: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / podlogging
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Jun 2020 04:48:44 GMT
Server: nginx
X-Sovrn-Pod: ad_ap3ams1
X-Powered-By: podlogging
Content-Length: 43
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/55981/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=c60c4e0c-5442-4600-876b-e4035d01b1eb&gdpr=1
https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=e4449bd3-ac3e-048a-1491-bb7066afb354

0
125 B

162ms
56ms

Image
text/plain

52.59.74.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=e4449bd3-ac3e-048a-1491-bb7066afb354

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.74.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-74-203.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Thu, 18 Jun 2020 04:48:45 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Thu, 18 Jun 2020 04:48:45 GMT
content-encoding: gzip
server: OXGW/16.188.0
status: 302
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=e4449bd3-ac3e-048a-1491-bb7066afb354
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 139ms
139ms Image
image/gif 18.213.129.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=haaretz.com&p=%2Fisrael-news%2Fbusiness%2Fteva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157&u=Bnqn1v6FioGBV8mn8&d=haaretz.com&g=5952&g0=Business&g1=Reuters&n=1&f=00001&c=0.25&x=0&m=0&y=8595&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=940&t=DQ5cjYCIXZdcBstlam6UTlBBoXb2M&V=120&tz=-120&sn=2&sv=Cj-CaDDtDALuCSpvwKBUHYySwmbYo&sd=2&im=067b0ff0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.129.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-129-100.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 18 Jun 2020 04:48:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ms-apps.haaretz.com
URL: https://ms-apps.haaretz.com/ms-gstat-campaign/getCombinedUserCampaign?id=15924557188653858

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 10:20:59	Name: DSID Value: NO_DATA
.outbrain.com/	1970-01-19 10:20:55	Name: recs_328b03e4ce8db47179c15d53d71f8b17 Value: 101B2870833703A2869913996A2763501837ACD1
.outbrain.com/	1970-01-19 12:30:31	Name: obuid Value: 34661d07-5d76-40f1-ae93-bfbfe9b1466f
.doubleclick.net/	1970-01-19 19:42:31	Name: IDE Value: AHWqTUltFWYDWB1G2pj4wKZeD78V9nJzBsNmPF7Rj8jbie86isZiYDVsX8c5fB4V
www.haaretz.com/	1970-01-19 11:04:07	Name: fitracking_12 Value: no
.haaretz.com/	1970-01-20 03:52:07	Name: __gads Value: ID=ec67c6f5cc37dbac:T=1592455719:S=ALNI_MYfc8ZepSebyMtgfLzQJHQX2H6C2Q
.haaretz.com/	1970-01-19 19:06:31	Name: OptanonConsent Value: groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C0_79404%3A0%2C0_79402%3A0%2C0_79406%3A0%2C0_79396%3A0%2C0_79400%3A0%2C0_79398%3A0%2C0_31796%3A0%2C0_31961%3A0%2C0_31709%3A0%2C0_79405%3A0%2C0_79403%3A0%2C0_79397%3A0%2C0_79395%3A0%2C0_79401%3A0%2C0_79399%3A0%2C0_31795%3A0%2C101%3A0%2C102%3A0%2C103%3A0%2C104%3A0%2C105%3A0%2C106%3A0%2C107%3A0%2C108%3A0&datestamp=Thu+Jun+18+2020+06%3A48%3A42+GMT%2B0200+(Central+European+Summer+Time)&version=5.11.0
www.haaretz.com/	1970-01-19 10:20:57	Name: fi_utm Value: direct%7Cdirect%7C%7C%7C%7C
.haaretz.com/	1970-01-19 12:30:31	Name: OB-USER-TOKEN Value: 34661d07-5d76-40f1-ae93-bfbfe9b1466f

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 https://www.haaretz.com/israel-news/business/teva-propes-claims-workers-bribed-officials-to-push-prescriptions-1.5471157
console-api	log	URL: https://www.haaretz.com/_next/static/runtime/main-62f0317a0e2864ca0958.js(Line 1) Message: SW registered: [object ServiceWorkerRegistration]
console-api	log	URL: https://www.haaretz.com/_next/static/chunks/11184c7cf6a0c5b6c3df4799dbdda3eb9c899482.c5c032e2d431020582b7.js(Line 1) Message: error from gstat script fetch: TypeError: Failed to fetch
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.30.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1275bd68108cbd5f6baeb9908886c0c4.safeframe.googlesyndication.com
33across-d.openx.net
725d18cd3df13a5f2d28310cb1daa391.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.ee
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.carambo.la
ap.lijit.com
c.amazon-adsystem.com
carambola-d.openx.net
cdata.carambo.la
cdn-sic.33across.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.firstimpression.io
cdn.tynt.com
code.jquery.com
connect.facebook.net
content.carambo.la
de.tynt.com
ecdn.analysis.fi
ecdn.firstimpression.io
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
graph.facebook.com
graphql.haaretz.com
gslbeacon.lijit.com
hb.emxdgt.com
hbopenbid.pubmatic.com
ib.adnxs.com
ic.tynt.com
images.haarets.co.il
images.outbrainimg.com
images2.zemanta.com
inimage.carambo.la
log.outbrainimg.com
logging.carambo.la
mcdp-nydc1.outbrain.com
media.carambo.la
ms-apps.haaretz.com
odb.outbrain.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.advertising.com
polyfill.io
prg.smartadserver.com
psa.carambo.la
route.carambo.la
s3.amazonaws.com
sc.tynt.com
securepubads.g.doubleclick.net
sic.33across.com
ssc.33across.com
static.chartbeat.com
tpc.googlesyndication.com
tr.outbrain.com
vap3ams1.lijit.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.haaretz.com
xtr.carambo.la
ms-apps.haaretz.com
104.16.39.14
104.16.88.26
13.226.146.86
151.101.114.2
151.101.114.217
151.101.13.108
152.195.39.46
172.217.18.166
172.217.23.130
18.196.104.43
18.209.196.238
18.213.129.100
185.3.92.12
185.33.221.91
185.64.189.112
185.86.138.79
2.21.37.220
2001:4de0:ac19::1:b:1b
208.100.17.190
212.71.236.31
23.210.248.65
23.23.9.254
2600:9000:2182:da00:18:1fcd:34e:d2a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b844
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:814::2001
2a00:1450:4001:814::200a
2a00:1450:4001:817::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2003
2a02:26f0:10c:39d::3892
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::621
34.98.64.218
35.171.145.24
35.176.56.39
35.244.159.8
52.207.21.55
52.216.16.91
52.59.74.203
54.171.157.204
54.208.107.16
64.202.112.95
67.202.110.24
67.202.110.31
70.42.32.31
72.251.249.14
72.251.249.9
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04b075859121bd8bae2825f760da6f0a2f0a5e9c7755370a55d51c961e41354c
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08863160873ab8b92eb9bd61a35d62edcb6dcb9a3ce9e23e0efd854402151f22
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
08f93a4cf604e12995a237b71b5db1d5d48f1ecb27687ee17608554f8f7fd6b4
0a48eb407e2c1d9d5b876c29b15b03d84e5eeabca6ec8bff13682c793896f0cf
0b9f13f039ff3899275809733d4bf0f9d12d0057e881b7a24b9d4a2ad2304a28
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11ea1e885ed2f1d9a968d745d68de1bc17686cfc90a2a74034a931904a9131ec
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
1340f0ba929f963691ce7cebaacb86ec87c7bc58efe5701355797b5cc02ea6a0
144ccbf730ec71818fae810e659d64064f4f6a783d5730c5f468eff5ac57828c
1451b6661e09d490164e5ae0447a52175286d038179dd170294dbf0fa2197e7e
15801586e277201ab150bc28903534886003b953c9f757a703b277926b78a0ef
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1640001f640ebf88b16e94a81205382dd24f3f5b1ec0893d00f7cd6629459b53
1c8a5b79697b112651e8596fdd6eb186ccb63acc51027ffac46157c0b4c23260
1d84e3ed36f55da10875c0c9fb2049feb6651f1a021c8ce894fffff503ea0f40
1fd1cf836d24d0e47de37eb31b2f79d300c036826a1b7cf1c5bf6ad46bf13191
2075df87956116b0df702a4761a8abca2fdda7099fdb563e4c6ab2024ae40441
227b90abf31eeb352a982a9da08788e1a5c3927de2450409c65e22afb43fff54
247ad3b148e0c5ea83f7c114658150acb2e1f9635d6695c09b328e6cac788b27
258aba3f5088c32b8f230ca5f77aa86cb4a16e47aad2030822729cf5a245e897
28e3af3b38c806e49d751be7347a40aa15ab953098845138c46fd2076127d569
293e080bd899e7b00cac75296c29fbc81d9ddf60ac95f02fda2e6197110560de
2bfb59e44fbe70459914aaa8a31bc5ac9530ff5e549454000aef28a2e7b52195
2c63bd48999ed9acbb584a701830f0f3b98cb34acb56d7b859a5846fc2ae7e64
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb2aba030993556fbf057c0f104fbbccc0ab2ab27f9ad67f88af32ac04e9082
2cbddfa33b8aa65244531bc6e6ef50f3a92ad4d926d0e121d4e7b94c6f9ae58f
2d46ba92712ba5ba7bcd4f7268171ee7e6774c9fc2a8a69bcebef219cf3a7fa1
2df2c717d14b1a6ab790e4aefdcc6534a445738d5af1691d2af643049cbf894a
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
3016b51553ea7c06023a7827957b276a9d489dd6f0581b7d659fe2330933a247
337b441d34b664464f8965ae29a536a8da64bc1441c0e131282343b075762172
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
350221f3cd5aea684e6c48e5380122d3354a6881a032a7cdda362063daee4c21
3531a43e3c277463c26b1b88de6eaaac903d6b294941f3ef68d37aeca260e84e
3533006683b2b5070f4d8d9572869524c2016bd072551b100d3e099ece570672
358ed03715a48803758b1b97928c9c8b1d51b003ce4bb60a23fd8796220fb1bb
36b9910a69f1a56413d9a1d59f247e47f88a7e04926bf8328cc6d9816be749ae
38134b2b1af1657fba9027c7837f819ed893f2579e2a36f11d73f76a6c34f09e
3823769fb90a190baf59788bab532be7de30a367a4913bb84dbf099f61b6b1e8
3840a78b86236fb2c48cde5f394f1ed3da21ed424c17742b9ab2f16ccf3badf4
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
4334fd0173b224cb6e28ca4f1a8661b50e579532cf724b510ad450ee7c47c813
4369ec009fca02cd0bb58ec248ed5ec118253147a316674c0c6f63e742ae1a8b
43d925b0960bd6e5491c8fb76fc34ee8f202168f6d9642999ba1af7c21920e28
458398215180e8e71790df9da6beabc3a5bb5550737908b7b00c6f1a9a666569
45fbd7d78326373e6e59ba42ce21dfe5fa83e9828daf4c0d1ee9ebfd0417cac5
471df31b3ef047fcc68d94653e107796b802d225eefacd861e9b2383bea1a371
47eef045ba619547d0692134b7e356daa98327ff00895ba2aac4f6d928086b5d
4862fe7c48a3fe00691cbd3ac3ccfa0dabed2f9aa18edd5081dbf6eda5d2735f
4986ebb60f67ae033a73ad9153ef1a9b4285ac0283e491896e9e8a4679b298ae
49e842389b7013af5fea301f51a71011dcb15786fb38a3ea7618e9cdc204e456
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4d8705acfdb69a5157626d06bc5235939a8aa2220d92b4993e7a7866696195ed
4ea142c0f0a304215afab7b5921563ac4c8629d658feaaefa2f85f9f0b14a882
4f4d25092fc217c4070e6c3f3b1fcacabe2bac063da5cfb4c21628d004b12d47
500df6ceb1a1917c822fbbf9870d099acbb72d8687d9f15000af2b37bc4ae321
512b95d0572aff31e3ddde3de40e7dcaf49daeccbc55cd940865c37ac980155b
5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
58b60b0163f8be97cd3c3aaf2cc7607ebbc00cd9c1acd6a2ced3454b05aef80f
5b8a6c72b9bb95f5f17799bb2ef04dac09b2ce09e0e29e3d96eff304f8d12c89
5c4086b9b0b702a5f521281d2381e7de494a308ff78649c2c3aa447a1bc3dc85
5c719eb2bcb2e69ce33d7b1ba92fc85108fd16fc34a8e9195ac392dcd544b21a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
608154ba1bbcacae2b690708d6de4ea164fab0288eec514caeeb6f967ff2fab6
6119843bdb82dfcce4baeb31e280a467b76302e30b7780451ed32c160c1419a9
620be5c5efe1446a8c8375798b6577a426c31bf0164a85a56aa9dd9ffb0471d0
62607f40671d50ef53a1b279d7c1cb4d14984b2395f2421a5661d9fae4abe691
638443fcf9a25a8368024863fcbc644013423b13d88e193c7c3a7118d5f7daf2
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
68fa3d340992ba1fb617d52a76d0dc078fe6cd2de8035c7bf8a3c6f625caaaad
6a44417b7e8b0188d65b67701a10f8be2b9a1cfc4c3dea541a2c6592b69e9aed
6b2443cdc6ef77c2bb1cd44a12d562b152a76e21c5d447426a0fb92df6be8308
6be22cd86ae587ea881df5973ebc3a3481bf903bd4f5c6e5081aa2bf3e147a0e
6d6c743dcaafd45515209c74458abd727693241269fa5d8a5e8b31c3c8017f2f
6e6978cbb32cf5089775a91d6498d58489ab2b018b155ccb73d08821983fa90a
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
72d85c769d03fe133ab76b79b9fb7a329d96fc370ef86257eed9fe4bc527a5df
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
7336043bf2643aabdccadd79b9df3a74ae30abf115b58ce353d2afdfdd6d0fdc
77ae69cda02c889ca874d3a9247720d1c32b653d54b8c5c8fc78f8b82e81288f
77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67
78b13e8fa32b754a2ccbc4590d5a18d7c98aa6cb7eb41e9d6e1c1ddedb8f26ca
7efa33f19ec1deacf3225351934a7c05ef46a37e35dca1011a77fce1486f24ec
7f9770f2d2bda749ae4d8a0669c71b0428192e2d8b73cf031006f4a1697617ac
7ff2f8adcacfcdeac7f393d200e842aa7e615be067064de5b8d37192d09ac92d
8247d895072ab59c1923f9e644edc5dbc72e39530268458362e22e357e179163
835f0da40824dcc8d02665867042497faff7ad7acae43b3e349d35f6e474f012
83ff1448a71a5a8feb93d1696e5b645eeebf696a080598cc9b7f62fd92fb1665
8465f252205769729175fa28ba66ed0555d4a6824d37fe5ad180a0deda1ff813
85775bef97a993589d135e5c9fb09b32e66aae654cd5f608365d1906d2c7c7b9
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
89c1b41fe260643302623f450f90ae31546e83c029190ce49097bca678d21596
8b252fb865305597218482f0aac34b86c9eb587900288c8e3b8561da5abbbf7e
8b7f44fd3375aa08a1cad98713670ac78273aa8d0b3915494de7b4222cd8f12e
8bac6e0bb3ec3d989a2e0f984ae6f5863c68d0e393c0209dbe953482290c4270
8c249da9e6f96572c33cd33bf9e95a5a9f4d0a015048206c7053002e34d34a2b
8dae9cc1571c3f90c37a10c8854015bddcc4fc2106653b5a0a86bf29bef33558
905173c5c4a42972ca5449622d03c00ff9c288c835a85a358f47c8f170fe8104
90ea976e7f021e997b9e2c1e193609df8a2ce3398be19bc80ab84a7f46270c56
920188f1ec0ee54ea6717cfd0fe80c8d1d2097196e2f99f347da66c2c3d3445d
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
93eb1f2a1cd8ad8be460ec5b04ebde72557d37cde15583158fab4ea4a03a7bba
9405296f4f8962003dfa2c0aaad3348f0cf9d4fdb0f1708c4fa6a54f1217df60
9426dab81ab7e8fd446184b6afcdec99435449172bf20f6fb1c9c2b75f6eb979
953d0684e4c75acc742f3dcd28cb8fd9c3a063f432fb72c13766e598adae4b09
96f24e1d76c72e67e4ca271a461be61bfc5363ff06a34dc96c290ddf717e45f8
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a191717dd06de465dbb041cd47ee6a04f0f4e6104b2a0087c89b409b54872fa
9c36ee187cefe4e1c71c7adbb2cac4ab5d0c3a43de248fa41ef36d59eb17fdff
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a1bbd6218468058efb385b32219cac7e03eee613f3f4fb092528d2c65de56715
a3b59cf3c15a5896f4224c367d24e647fe14e411b8024dcc87aa37783e0cf110
a5c060d9a604d88188d0f6e62b9bfd78c351c687611d5570cc94099a8e50e84f
a6b0dc6cd2681ddbf2dfd1cea3eea71c7bc20a6126df7e442d26dfc1fef6d384
a7f01be574397d6f922870240ea5a6aba32406be47f25197670c14e7abdbd3c6
aa18e634f45d1a9578e0fe76e7a5ade095d1b4efd36baf690c9b1244102366f7
aa9d4e3162468c549e26e0193fa02d0cb146958c2b9757fa8bc265d55fb90059
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab706c9dae60eb7b3d728dd2a45a450f8ced1135c5686f8136727340179635a1
ad42a1649f7920840d35d28b55f7302bb1700f14ce8484ffb454d3b8fa37d3af
adaf1697cd1cfb22a03a08b1a5f8373d8dcfdb1a7ce9eda5d8a2b315362755a2
ae7564e17248018359e0bb6684505613cfc1e5c0d98c8a97185d2a4d065516a6
af6ab56e9b3003a09b75e74cbff1304c5d0a7e70e07860623a0b17b3a1a9b88a
affd87461f2babd57a2f7aec75e9193e8e71a377e8249a02c95a5f43326e289e
b0817a0d6a87f2d42532035e42b20ea55cfaa5ca1092c761f5fc5e734790bdbf
b0f04e9896f272dd98624c54480bf02c78eeed37bd43dd96f2e33e9548b53332
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3715a47862fd3b0a60fbe349e4e48f98c5589d3ea825baa0e30a4ce488dd69f
b3931b8a613d97a0e7b9e4c4c4ed70584230185f04aeb52a87f712f30a48d8bb
b53cef3ae1fb85e8d51a05610cf840918a11d4ffb20e8acdb5e0790ee3fa1740
b573582db2fab969ab15b18c74182ebb1aca1200eeb157b91b9ae27054cf9ae5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b5c613adf3b5625faf322b663e88fdce0a2f5d6aa838f493062e20bef2d5d492
b7524d20794672f6593c6f94fd1af8207fbd628c11d516809fbcd27b6827044c
b770489074f47e9789d1d7ae70db069e44d29dd55e9e7fdcd0191854c38c175d
b79f0afa0c46584bd10acd4d4f7aeb80b486f3505ae4676be345907ada1fb519
ba6300d935333b4b51c562bc4bbc88ace0ab33a5df142809ef307f3c824b9606
bc48dbec66494a02480c2c01ad92297a5eac84a6a1ca5b3ed57e10b118d54540
bdb16aa91e58c65e619a4a53b321af7df4de48b560a9a94ee0d11ceb9571afa0
c382c5a9d328c19d5e3fca082cef5bfb838c2b1987a58064c8aff1e565b4b731
c3905454bb46cacc1491bb3cd816242ee68f6942fd8e2d24c901a542b8ad9f27
c410525ec68257736a74f105d1752e9208ace916428229e34e28e8f2c057db47
c4105ffe6625b679aaf2eeb343bada58b9410e6d9fd1c989bc6f04096b4493fd
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c537d3eff4e1eb6e66ae76698c323f80f5be4d9a04ffaa528092af6b5f55aa7e
c5702ba1437cdf0f12224d39756360b68a4f61df3a2a0a29014833d2cd117f07
c59b5fb4200dc4cd2681302c313cb76769bcfa12abb702004eb52a79a51a6e36
c85a8e7c2d1d0583578b2afd3a1ce469797bfa5c9d5598cba25f51f839348ec8
cb23590047089f6e05eccf9df7acece9a066b8a78e3d587102b7512bbde4a008
cbef6996631039b10273deac3a78a5e9f7b3b3ebbd9ce0a223343246d4a15114
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5a44bcd1d8876814f36ac092d971294bb6eaa88b34873bc3b8701c4ee81ac7
d16321e2a011fb65804ad9cd4637353039c504e922f8561b39e40f98cb040919
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d2c170a443fcb463380db444497672e06a028f59b57c8647afb2d84764f9cc6a
d350ea638fda9c9c90cf40b88d7b2b16893e702cc84147f3c2abb8b0ef6d562b
d42c94c3a511030d8d69f3f51662d02a1c5bcb2c7cafcd989d5279c1511b8d9d
d5f974c2623d51d49e843378cfa70837080400d3065175962b178a40bbb0255f
d676183f8c6eef240432713b4da7e7a95c97b253b546177eb96b1d9b5e8d7db0
d6c48b3b520e41abe6146bc36595f72d5afc7cb001ae52d17255f26526e5b35b
d7881b3432520bbbc60033c3c2fe7ca9783f78549c57b38a293d6a099a102ac0
d82cded3fc6861d71dbbd9715dbdbefeb0aae77d96ef441c1cb1ddaf5aa8adcd
d8949afa8fc4f20ea9b1b3b573f28ca26d6256e324e1c594cc7a3837f791cc43
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a8894ccd01eeb35ad25407f2956f4be97e08632ae383b1ab2ec31a5bc6295f
db6b80d63b6f426e10a965904e7647e32f9b12e09ab43fc23edb47b77efe0ebc
dcd1c4a0897e129f2ff25d83ee085bd1b892a103f51dddfd975cee05d1235145
e00fb320c35289f10977a6cd0e79c083abf214a4a7d69e9f1fe20b650a9cf2ae
e160655a267af232adec3ff662219b79f592efb2bf4ade368014e2a856039c15
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e2b0174d14fae0f0883533f72850f45bf80ba1ae039aeb1e569651490000f434
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a3daeb79eff861f0d34004141bf81fcd545d2a52748824d5f3692a5fd94377
e5e35e641540d63f6a79870176632d71b8ac7c779ef01dd51c70354443150f10
e9b58d32242eb54c4639a2924cfb9518d69621c6d982a0d0c055af4cfd147abc
ea01c10c48ea826fb7a354347a1599ce72661d7ad479e34132c459bcbc5a074a
ed006d9967fc2454d3804a4c71e1498095275129a0998e3f50afbe6fe7e63b0d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa646d87a5648985968cfc1244520f80010a749fe42a0a549c616746e29cd09
f335c83481cce8ac7f844875d8d734bb169e9bbda182b2b416deb821a3d59dba
f3b2b918cec0592898d231f488b35b41acd35dd1344ada57c2f2a0285811d701
f5d297fb22336630fd42f7a7bb883542ddb70cba5ec6a616ab3e3d415ff5cc33
f77b8f9e17513a3cd6f564eec68f68d579cba053df0f3de835551430abf31ac8
f7f0c9df2730726fd4f3fccf4b90a3314b178f91cd42800803818617fbe3a8c1
f8a71c83692923b567fcfc765b779f079d6eb1c421853fa4a0fc0fc8efcae164
f8d9e6f68597098530a3e130e064c8681b3ae0f305ca12986f81839a8281e730
f946ac360422cd9dabd5c9eb00f58c522c3fcc0989d08e63791b7381075c186a
faa389443b5e8a411dffcdc4a643a98094fd65720e637ed5cbc32a3abe583e4d
fcd5c959e162a9b123c15fa2baaf70038e37b1c1cfece776dfe1b6490f82222c
fd120782190e8ce4efeea35ead0d4e56e7b194b1b2b2bcc63895e2d7949f9fef
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd4775fb3354e7bbb53d0f8e21bcd1ca1576dfc553070ade2c042a11bddb19ca
feed02b6ccb7248e2f3cda5ac3527cdaf93851210c0515111d4c53a2d0e04cca
ff063a80db3769f6ad0e5d435695f3a84a960f5f2148576ccd157fe03a39402a
ffdae95bd9caf6b548290ffa212388223e2c58456966863bcb47008b008e5da1

www.haaretz.com Open in urlscan Pro 151.101.114.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

345 Requests

100 %HTTPS

36 %IPv6

36 Domains

70 Subdomains

55 IPs

7 Countries

4178 kBTransfer

10941 kBSize

9 Cookies

42 Outgoing links

Page URL History

Redirected requests

345 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.haaretz.com Open in urlscan Pro
151.101.114.217 Public Scan

Screenshot
Live screenshot

Full Image

345
Requests

100 %
HTTPS

36 %
IPv6

36
Domains

70
Subdomains

55
IPs

7
Countries

4178 kB
Transfer

10941 kB
Size

9
Cookies

345 HTTP transactions
5 data transactions