www.vesty.co.il Open in urlscan Pro
2.18.235.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vesty.co.il/main
Submission: On March 12 via manual (March 12th 2023, 12:12:03 pm UTC) from IL — Scanned from DE

Summary HTTP 372 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 74 IPs in 12 countries across 54 domains to perform 372 HTTP transactions. The main IP is 2.18.235.16, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il. The Cisco Umbrella rank of the primary domain is 500323.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 9th 2023. Valid for: a year.

This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2.18.235.16 2.18.235.16	16625 (AKAMAI-AS) (AKAMAI-AS)
61	2606:4700::68... 2606:4700::6812:69e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
55	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 1	2606:4700:20:... 2606:4700:20::681a:81b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	65.9.95.51 65.9.95.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
6	52.222.158.11 52.222.158.11	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.95.124 65.9.95.124	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.112 18.66.122.112	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:20:... 2606:4700:20::681a:314	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	88.221.169.78 88.221.169.78	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	65.9.95.95 65.9.95.95	16509 (AMAZON-02) (AMAZON-02)
1	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
7	34.241.105.99 34.241.105.99	16509 (AMAZON-02) (AMAZON-02)
30	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6 8	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4264:d907:27b7:e3c5:ca21	14618 (AMAZON-AES) (AMAZON-AES)
1	18.196.249.120 18.196.249.120	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:212... 2600:9000:2127:f800:11:da61:a100:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1 4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1 6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2 2	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
2	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 1	95.100.75.47 95.100.75.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.239.105.10 85.239.105.10	16097 (HLKOMM 04...) (HLKOMM 04107 Leipzig)
4	2606:4700::68... 2606:4700::6813:b979	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.132.110.241 18.132.110.241	16509 (AMAZON-02) (AMAZON-02)
1 2	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:cc16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	13.41.33.70 13.41.33.70	16509 (AMAZON-02) (AMAZON-02)
372	74

8 2.18.235.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-16.deploy.static.akamaitechnologies.com

www.vesty.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totalmedia2.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ynetnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700::6812:69e (United States)

ASN13335 (CLOUDFLARENET, US)

ynet-pic1.yit.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:81b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.95.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-51.prg50.r.cloudfront.net

cdn.flowplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.158.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-11.cdg52.r.cloudfront.net

tags.dxmdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-124.prg50.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-112.fra60.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:314 (United States)

ASN13335 (CLOUDFLARENET, US)

js.nagich.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ads.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-95.prg50.r.cloudfront.net

cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.241.105.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com

event.dxmdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.84 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4264:d907:27b7:e3c5:ca21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.249.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-249-120.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 138.201.63.165 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:f800:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.dxmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.90.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal900019.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal900022.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (France) 4 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.99.218 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.75.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.239.105.10 (Leipzig, Germany) 1 redirects

ASN16097 (HLKOMM 04107 Leipzig, DE)

trf.greatviews.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)

www.parship.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.110.241 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-110-241.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.228.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

rubicon-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cc16 (United States)

ASN13335 (CLOUDFLARENET, US)

eum.instana.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.41.33.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	533 KB
61	yit.co.il ynet-pic1.yit.co.il — Cisco Umbrella Rank: 60696	2 MB
60	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 936 trc.taboola.com — Cisco Umbrella Rank: 682 vidstat.taboola.com — Cisco Umbrella Rank: 2809 am-trc-events.taboola.com — Cisco Umbrella Rank: 15237 images.taboola.com — Cisco Umbrella Rank: 1840 imprammp.taboola.com — Cisco Umbrella Rank: 14005 am-match.taboola.com — Cisco Umbrella Rank: 13804 am-vid-events.taboola.com — Cisco Umbrella Rank: 13167 pips.taboola.com — Cisco Umbrella Rank: 1596 cds.taboola.com — Cisco Umbrella Rank: 1781	975 KB
35	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 ad.doubleclick.net — Cisco Umbrella Rank: 168 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 131147	277 KB
14	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 32214 hal900019.redintelligence.net — Cisco Umbrella Rank: 280919 hal900022.redintelligence.net — Cisco Umbrella Rank: 327276	128 KB
14	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	298 KB
13	dxmdp.com tags.dxmdp.com — Cisco Umbrella Rank: 55240 event.dxmdp.com — Cisco Umbrella Rank: 57381	132 KB
12	flowplayer.com cdn.flowplayer.com — Cisco Umbrella Rank: 46195	191 KB
9	rubiconproject.com 1 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 526 token.rubiconproject.com — Cisco Umbrella Rank: 531 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 949 pixel.rubiconproject.com — Cisco Umbrella Rank: 317	13 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	8 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	6 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	389 KB
8	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 7398	186 KB
7	google.com 1 redirects ads.google.com — Cisco Umbrella Rank: 23315 adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	medialead.de 6 redirects pv.medialead.de — Cisco Umbrella Rank: 44542 medialead.de — Cisco Umbrella Rank: 44208	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	110 KB
5	nagich.co.il js.nagich.co.il — Cisco Umbrella Rank: 34197	21 KB
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 444 fonts.googleapis.com — Cisco Umbrella Rank: 34	123 KB
5	vesty.co.il www.vesty.co.il — Cisco Umbrella Rank: 500323	64 KB
4	parship.de www.parship.de — Cisco Umbrella Rank: 406657	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2388	20 KB
4	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 781 api.btloader.com — Cisco Umbrella Rank: 882	7 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18328 api.webgains.io — Cisco Umbrella Rank: 46334	32 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	793 B
3	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 25843 cdn.firstimpression.io — Cisco Umbrella Rank: 24840	94 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	175 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886 cloudflareinsights.com — Cisco Umbrella Rank: 864	6 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 959	1 KB
2	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 89227	624 B
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44237	831 B
2	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3401	365 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 82	63 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720 www.google.de — Cisco Umbrella Rank: 6069	939 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 386 dis.criteo.com — Cisco Umbrella Rank: 688	842 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 890	1 KB
2	ynet.co.il totalmedia2.ynet.co.il — Cisco Umbrella Rank: 75500	71 KB
1	instana.io eum.instana.io — Cisco Umbrella Rank: 6683	10 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 43375	3 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 743	75 B
1	dotomi.com rubicon-match.dotomi.com — Cisco Umbrella Rank: 2819	104 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	591 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 36521	2 KB
1	greatviews.de 1 redirects trf.greatviews.de — Cisco Umbrella Rank: 430910	1 KB
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 15428	629 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 107238	931 B
1	dxmcdn.com cf.dxmcdn.com — Cisco Umbrella Rank: 80558	29 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 285	146 B
1	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2572
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 892	44 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1410	1 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 30265	2 KB
1	ynetnews.com www.ynetnews.com — Cisco Umbrella Rank: 384398	986 B
1	yandex.ru yandex.ru — Cisco Umbrella Rank: 1730	84 KB
1	upapi.net 1 redirects mrb.upapi.net — Cisco Umbrella Rank: 58257	545 B
372	54

	Domain	Requested by
61	ynet-pic1.yit.co.il	www.vesty.co.il
38	images.taboola.com
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.vesty.co.il 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.vesty.co.il 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
16	securepubads.g.doubleclick.net	www.vesty.co.il securepubads.g.doubleclick.net www.googletagservices.com
12	cdn.flowplayer.com	www.vesty.co.il
12	cdn.taboola.com	www.vesty.co.il cdn.taboola.com
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	www.googletagservices.com	securepubads.g.doubleclick.net www.vesty.co.il 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
8	yastatic.net	1 redirects yastatic.net
7	event.dxmdp.com	tags.dxmdp.com
6	hal9000.redintelligence.net	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com hal900022.redintelligence.net hal900019.redintelligence.net
6	fonts.gstatic.com	fonts.googleapis.com
6	tags.dxmdp.com	www.vesty.co.il tags.dxmdp.com
5	googleads.g.doubleclick.net	www.vesty.co.il 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com pagead2.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	js.nagich.co.il	www.vesty.co.il js.nagich.co.il
5	www.vesty.co.il	www.vesty.co.il ynet-pic1.yit.co.il
4	www.parship.de	hal900019.redintelligence.net www.parship.de
4	5994599.fls.doubleclick.net	2 redirects www.vesty.co.il
4	pv.medialead.de	4 redirects
4	hal900022.redintelligence.net	1 redirects 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com hal900022.redintelligence.net
4	hal900019.redintelligence.net	1 redirects 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com hal900019.redintelligence.net
4	fonts.googleapis.com	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com hal900022.redintelligence.net hal900019.redintelligence.net
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	token.rubiconproject.com	1 redirects eus.rubiconproject.com
3	match.adsrvr.org	am-match.taboola.com imprammp.taboola.com eus.rubiconproject.com
3	www.google.com	1 redirects tpc.googlesyndication.com
3	trc.taboola.com	cdn.taboola.com
3	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.vesty.co.il
3	www.googletagmanager.com	www.vesty.co.il www.googletagmanager.com adv.office-partner.de
2	api.webgains.io	analytics.webgains.io
2	aax-eu.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	ad-server.eu	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
2	medialead.de	2 redirects
2	pb.media01.eu	hal900022.redintelligence.net hal900019.redintelligence.net
2	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com
2	taboola-supply-partners.tremorhub.com	am-match.taboola.com imprammp.taboola.com
2	encrypted-tbn1.gstatic.com	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
2	encrypted-tbn0.gstatic.com	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
2	encrypted-tbn2.gstatic.com	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
2	www.gstatic.com	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
2	www.youtube.com	www.vesty.co.il www.youtube.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	cdn.firstimpression.io	ecdn.firstimpression.io
2	api.btloader.com	mrb.upapi.net
2	ad-delivery.net	www.vesty.co.il
2	btloader.com	1 redirects www.vesty.co.il
2	totalmedia2.ynet.co.il	www.vesty.co.il
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	eum.instana.io	www.parship.de
1	cdn.track.production.webgains.team	7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	ssbsync.smartadserver.com	eus.rubiconproject.com
1	dis.criteo.com	1 redirects
1	rubicon-match.dotomi.com	eus.rubiconproject.com
1	bh.contextweb.com	1 redirects
1	track.webgains.com	www.vesty.co.il
1	trf.greatviews.de	1 redirects
1	www.awin1.com	1 redirects
1	adv.office-partner.de	hal900019.redintelligence.net
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	cf.dxmcdn.com	tags.dxmdp.com
1	x.bidswitch.net	am-match.taboola.com
1	am-vid-events.taboola.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	am-trc-events.taboola.com
1	vidstat.taboola.com	cdn.taboola.com
1	www.google.de
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.permutive.com	tags.dxmdp.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	ads.google.com	ynet-pic1.yit.co.il
1	www.googleoptimize.com	www.googletagmanager.com
1	widgets.outbrain.com	www.vesty.co.il
1	gum.criteo.com	cdn.taboola.com
1	ad.doubleclick.net	www.vesty.co.il
1	ecdn.firstimpression.io	www.vesty.co.il
1	ecdn.analysis.fi	www.vesty.co.il
1	static.cloudflareinsights.com	www.vesty.co.il
1	www.ynetnews.com	www.vesty.co.il
1	yandex.ru	www.vesty.co.il
1	imasdk.googleapis.com	www.vesty.co.il
1	mrb.upapi.net	1 redirects
372	91

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
www.instagram.com
www.ynet.co.il
www.ynetnews.com
popup.taboola.com
search.onetag.com
tap.freenet.de
www.austria.info
quiz-lounge.com
www.impfen.de
trc.taboola.com
intouch.wunderweib.de
molniya.info
die-sport-seite.de

Subject Issuer	Validity	Valid
qa.vesty.co.il DigiCert TLS RSA SHA256 2020 CA1	`2023-01-09` - `2024-01-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-10` - `2024-01-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.flowplayer.com Amazon RSA 2048 M01	`2023-02-28` - `2023-06-30`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tags.dxmdp.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
analysis.fi Amazon RSA 2048 M01	`2023-02-28` - `2023-12-02`	9 months	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
adwords.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
dxmdp.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
cf.dxmcdn.com Amazon RSA 2048 M02	`2023-03-01` - `2023-05-25`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
www.parship.de R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.instana.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.vesty.co.il/main
Frame ID: F0E5A5004A78F0E4E792D988CE536A08
Requests: 210 HTTP requests in this frame

Frame: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E3A0A3B32BC741B0ED533AECD876029
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstqbd155Jq4r0imwMbSgxGVtwVbwerzxlCcXhXSwSt_8ZKvxB10znsmg33DpcBytb2kTFzr1L3a2NRKb3wJwrn0zPV1eNssiKmJOX5H6m9lWJ91Us_eRtkXRT94Om-sXxQmuJfoDYGo326eoIHrppI7NTFkhS3JOAA4m_YzR0UGTrA7Sw1ySTNh8QuntW2eS-0IGqhA0RhsHqrgRhcHdRh7WFQ7Reg8D1r9KK63t18ti_KVjRajLWA3483MpXa0MH2SvrqnIWJ1PHwOWLOEmh3nxqj-6bhSnifToZZTrQiRO5iCjBRntNVXkWqUqu6dhVZWQkroGEPy-g&sai=AMfl-YTBjWPK0TnLqWf6u56VQ0Ahj4IXq55m8KlnHFtTTqEUT8UDrr6mfDA0p6PZbRBXjRdTcMeeNhO8VYoRjDwAUzQs9sgsbO6fL_zSYW-YQ6H1glduIlZ554NHVO-r-NE3-QYk3CEcq7JOZ8hJZb3G&sig=Cg0ArKJSzCwRphxRI9bNEAE&uach_m=[UACH]&adurl=
Frame ID: 3CE549259EBB9519088394FBC13C9D81
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTNMYbpynP3UACSEIBzQpbCJO4G-Axu1L1QzobmqKn8PuAXUbmzUzhWgT9de9-85s6HCFcCMGP_MbiBj-JBGyA3f2WcBakV4XecXqdrY9rkYRnHGPqEH_jyOhEVYQvqdV7_UVJLPySOp_3j-Gxe8KGFSBnVeJWSUA2XmwK05AJlAKXcM-PFFV7f1yg0_IKRz2piC6R7cPym7lQ5xXn2N9KreTVX_22WwjRPskYB9StqghR35ICu4JQo53Bdj9owewLgme9B-n6ESuTw_SngePZaxC-OrWjFanQqJrSlI5CFomAWFbuS3y2IXT0bzqhjMopldiuueSiG3CyRQ&sai=AMfl-YQYmUxtwggY2YpjSrgjS9C_vXPcfcy7LO5QPmhAc9vKuPZgSiBY5lSFRGN3szo7yk9ugKFSSk1hnb-95MxX28z9O0p6GA_c2S3YAYDp-TSgr3wCItMLLtnfV-_ViRe5tSMBfiKYNfFLVHiUpy6Z&sig=Cg0ArKJSzIlyJQ5GBf3KEAE&uach_m=[UACH]&adurl=
Frame ID: CB902B4A516A0724C9E120CC7E1E5954
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta4X_FQr0dYHr55YoQdOhSxM2L0WoiTuZQcU6LQfzfajBe5MeZbVcONM7byaMvrWKcxmNTX4NLHS7QJKlud0dJSG-n-qyNYAYB0vIfiY0dk3bLyg7b35GwaukJgdq7D4gvafSay5tzIhSFU7umRcgI0Gg9ZIwu3VWGrDWP7rLs5viP_9-4gA7HssOgQU-sCiX0xdATgVYdQvVrH2DfTA4ODgpqDirJ4izrR5Sh0kOfmpMddWzy2L9OstiqlVKe1xDmJydCloNZS92fy0DPO2q7fKsA8oDZA9wSdf-oTqMy9y3XKxxXqkar6QlNd8ai3jfmIF7IYY5rQk5ZeQ&sai=AMfl-YRz1ySXIcvIFffrtOCgsCEIjT7p6Yfn3JMnFAToPt_0JWL6Jgo_JciUdZcEQjSbT-xEDFH6f7063eyU96FfEGKcgbipwmQ2P9tjmxOoRgz6ezPlxj0L_lNXY4Q9u3yWbl02h2GwAePvhIobUHPS&sig=Cg0ArKJSzPCx0T3dzO2VEAE&uach_m=[UACH]&adurl=
Frame ID: 51FC61870559BD25A00533285929D34B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLLXQMh-U43_tCQWyZvB_KK2pd0KdZ5hy5L7hFQW4ONR1EISnuxqjrjDmfAwkz1smGpfl65RSr1_wyoapfVPgsLLACzI7l8aLPO3Rm-qxWgihOsCvT-8LqAau-hjnmunvx-rWTPmKDojYXfb41dCCc33QGgC3CYTZ_mX6XY1LJNReRzJX9PV7EJjbrldLvyiBxgatu9EyAlBwjAxCkv5bdN1dULgjhdHvnDpRcy_f-3fhzy097qp7BhYLi52VVzF_Og4ov4iwjJe1TNT7HSmpvUEMIGiC-WVylZNA1GURZqKn8bn6NQGM4ii-3lGA4DjUJXqO76V1WkYQ-UA&sai=AMfl-YQoZM7gJMtwH-8im7ru_bKmDRzDkoilWIzjv3UP3FxMHv7-l-nyXLSbIufeli-WVJI5r7zzFuTdDiV9E-tIe-b1OAIASn8XcDd1Ay-yhQmXK55cdPjBcbuIbZYpyv7v7cL28tQyP8Dd_18cuTgD&sig=Cg0ArKJSzHqMqLHFgsL_EAE&uach_m=[UACH]&adurl=
Frame ID: C5FAF00C4103CCA4AA67206462EDB7A9
Requests: 6 HTTP requests in this frame

Frame: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EADB4763A05455F61DD08C35835E2C69
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs
Frame ID: E07B4FDF62FDA0F4E4F2D392E3E0B747
Requests: 11 HTTP requests in this frame

Frame: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8E8FBBC2DDE8F18B70D6D9828C586006
Requests: 20 HTTP requests in this frame

Frame: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C016F1DB79DDA554D3B3C5A2F9210D9
Requests: 15 HTTP requests in this frame

Frame: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C7150DB0ADDAE42C43846C7023376A2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNXD3yaBVl8djSy5Rr7iYAb7_-kMHgJxcDN4td5gDkRO2ySwZo6Lzc-YiJmfV7zdSx39BKV6SaqBB6bnFCxpr_Zl-612PV2wFHIn7gf0J9debMKDGdlxk91lXedA_9bmyPInlYL97GYDQm9QIVjgcHg1GCI_u_3l6MkPa9Nnc4JOdfneN6o
Frame ID: 24A0484EDA4485832348853E803E810C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8EEF2BC6D07899606FF14BD31D706757
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNVVxpPWW4F5DIrqcuMbIXu93SqpclQRWI5HEXA0LBsClAn5UzqclDTYp-sm1KzYxKHjUjCtMsQnFqWrTmHGgM0LZYQkmUbVo3SXsCcoFcfQQC7S8qmdxW23rvrYeA_T_2zZHLXy-104x9QADZlP6E1bLB5pYUI_vDu_UU35CDuS-prJze0
Frame ID: 78A47E2ABFC9EC626386BD9F9E526F2B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B34C064E4BD6A44E040B0B47590C06A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E55F51D836641ED7B7EF56C72E013D6
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&cmcv=&pix=undefined&cb=1678623117061&uv=3261&tms=1678623117061&abt=esv_vA!nonrv_vA!nrlc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=5348f50e-4276-4f34-889d-b2656ea957c3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 738627A4C364B791876E05187957BA6D
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 28C8C2A851E7DA93DD64C56E487A941C
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: C61DBA2FD1063187DC9E3E1A5B891C59
Requests: 12 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=7a20f431-4d22-43ae-8981-b126d16e70ae
Frame ID: 292FC471857A1C1DA05A1475C2DCDEF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7358A2CDA9AA944F8168431481FB046F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD845B407F4CC8157FCE95B38C7358E5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Frame ID: DAA2CE738FC21E299F41656E68A2D7AF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js
Frame ID: C7337DCE834CADB4068951D0710E58C2
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=67790300079536904444992012261022&actionid=981741&produktid=&dt_url=
Frame ID: 28427E1481447E33B643AEBFACE1E61A
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834
Frame ID: B77E13EA32E1F165F0885DB74FDADA93
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=67790300079536904444992012261022&a=a8e628f9
Frame ID: 22889A3C0BFB86AC9EFF646256A211F9
Requests: 6 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=86514200082648404445006012261019&actionid=981741&produktid=&dt_url=
Frame ID: 2F05C877F0510C269A12DD69D1953A55
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: CAD53D69EB7A17224116C8B5C25D0891
Requests: 2 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID
Frame ID: C6EFE40A15DF34F2B1B30B70B476B867
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934
Frame ID: D869DC55789BD3968FC4FCCBDBFEEDC3
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
Frame ID: D58CC947A7E5F27D293F40382C363779
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vesty | Новости Израиля | Vesty.co.il | Вести Израиль

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

372
Requests

95 %
HTTPS

50 %
IPv6

54
Domains

91
Subdomains

74
IPs

12
Countries

6376 kB
Transfer

17574 kB
Size

38
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/vestyisrael

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VestyIsrael/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vestyisrael/

Search URL Search Domain Scan URL

URL: https://www.ynet.co.il/home/0,7340,L-8,00.html
Title: Ynet

Search URL Search Domain Scan URL

URL: https://www.ynetnews.com/category/3083
Title: Ynetnews (англ. яз.)

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbnails-wide-nd:Mid%20Home%20Page%20Thumbnails%20ND:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://search.onetag.com/search?q=schuhe+herren&source=taboola&tbc=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCyx1EovfD70NXpzpVy&campaign_id=22926266&site_id=1099209&ad_id=3607396103&t=1&m=0&pa=1&st=b25ldGFnX24yc194bWxiXzI1OTBfcGFfYm9v&n=1&c=1&cc=1&pal=carousel&pap=before&h=1&ts=60&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCyx1EovfD70NXpzpVy#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCyx1EovfD70NXpzpVy
Title: Schuhe herren | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://tap.freenet.de/unterhaltung/promis/pictureshow/was-wurde-aus-carmen-electra-40441408.html?utm_medium=referral&utm_source=ynet-vesty&utm_campaign=taboola&utm_term=20734970&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCx3EwomNbJh_TKjsxy#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCx3EwomNbJh_TKjsxy
Title: freenet.de

Search URL Search Domain Scan URL

URL: https://www.austria.info/de/sommer-in-oesterreich/alpbachtal?utm_source=taboola&utm_campaign=DEU_23_1-CAM-057-02_kam_sommer_beteiligungen_MM-24076&utm_medium=ynet-vesty&utm_content=MM-24076_D&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC-wV0oyIf__fibt7AS#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC-wV0oyIf__fibt7AS
Title: Urlaub in Österreich

Search URL Search Domain Scan URL

URL: https://quiz-lounge.com/Der-Fuehrerscheintest-Wer-hat-Vorfahrt-a57896.html?utm_source=taboola&utm_medium=vesty.co.il&utm_campaign=ynet-vesty&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyD9ulMokoe37prA-rT6AQ#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyD9ulMokoe37prA-rT6AQ
Title: Quiz-Lounge

Search URL Search Domain Scan URL

URL: https://www.austria.info/de/sommer-in-oesterreich/st-johann-in-salzburg?utm_source=taboola&utm_campaign=DEU_23_1-CAM-057-02_kam_sommer_beteiligungen_MM-24089&utm_medium=ynet-vesty&utm_content=MM-24089_B&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC-wV0o6cnK5ejy4_LvAQ#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC-wV0o6cnK5ejy4_LvAQ
Title: Urlaub in Österreich

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbs-feed-01-b-nd:Below%20Homepage%20ND%20|%20Card%202:
Title: sponsored

Search URL Search Domain Scan URL

URL: https://www.impfen.de/impfungen/guertelrose-herpes-zoster/?utm_source=taboola&utm_medium=cpc&utm_campaign=Guertelrose_Z-DAC&utm_content=%C3%9Cber+95%25+der+%C3%BCber+60-J%C3%A4hrigen+tragen+bereits+den+G%C3%BCrtelrose-Erreger+in+sich.&utm_term=ynet-vesty&cc=de_oth_oth_np-de-hzx-wban-220001_73060&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDvylMoiOHfuLytzem6AQ#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDvylMoiOHfuLytzem6AQ
Title: impfen.de

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ynet-vesty/log/3/click?pi=%2Fmain&ri=4beebc62cd54a22996e2f601951cf9c2&sd=v2_39d38ff757b33f814ab412083f2be315_f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b_1678623115_1678623115_CIi3jgYQyYtDGKuT8K3tMCABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b&it=text&ii=~~V1~~4717952141976217212~~N7tyg4EkVHJuicAvWEJ1gv9_bohPyStyxfVl2egS5mT6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_ymZ9TTbFhPGQmI8i_yIcfpExH9arf_F5vJtgIrsQmSqlpNesJCCGyRZ3VAQZ074hvQgBHcXXHc0KPmITpRK9OvyW8supV71URzOaBLb52zp_S0ig87w5lOV3QycS3MEQ&pt=home&li=rbox-h2v&sig=4b4eb118343b29f81d5ddb414a8d19a7ef94f6826f80&redir=https%3A%2F%2Fwww.impfen.de%2Fimpfungen%2Fguertelrose-herpes-zoster%2F%3Futm_source%3Dtaboola%26utm_medium%3Dcpc%26utm_campaign%3DGuertelrose_Z-DAC%26utm_content%3D%25C3%259Cber%2B95%2525%2Bder%2B%25C3%25BCber%2B60-J%25C3%25A4hrigen%2Btragen%2Bbereits%2Bden%2BG%25C3%25BCrtelrose-Erreger%2Bin%2Bsich.%26utm_term%3Dynet-vesty%26cc%3Dde_oth_oth_np-de-hzx-wban-220001_73060%26tblci%3DGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDvylMoiOHfuLytzem6AQ%23tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDvylMoiOHfuLytzem6AQ&vi=1678623115691&p=gskdeshingrixgrtelroseshingrix-sc&r=53&lti=deflated&ppb=COME&cpb=EhIyMDIzMDMxMi05LVJFTEVBU0UY2Kj4LyCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDM2NziAjvyHBUCb4wlIhIoQUNTJ2QNY____________AWMI0DcQiUoYMGRjCO___________wEQ7___________ARgRZGMIqjUQm0cYMmRjCNcWENUfGCNkYwjTMxDQRBg2ZGMIqiEQpi0YB2RjCNIDEOAGGAhkYwiWFBCeHBgYZGMIgy8QkkYYCWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogB9fyj6AGQARyYAdeT8K3tMA&cta=true
Title: Hier klicken

Search URL Search Domain Scan URL

URL: https://intouch.wunderweib.de/michelle-hunziker-von-frueher-bis-heute-so-sehr-hat-sie-sich-veraendert-113494.html?utm_source=taboola&utm_medium=campaign&utm_campaign=21623582&utm_term=3575629047&utm_content=vesty.co.il#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC77UUokJjb6qusg_9w
Title: InTouch

Search URL Search Domain Scan URL

URL: https://molniya.info/jetot-anekdot-o-vovochke-vzorval-internet-takoj-koncovki-nikto-ne-ozhidal/?utm_source=taboola&utm_medium=referral#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDKsUUorLqi0eSojvJp
Title: molniya [16+]

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=exchange-thumbs-feed-nd:Below%20Homepage%20ND%20|%20Card%203:
Title: sponsored

Search URL Search Domain Scan URL

URL: https://intouch.wunderweib.de/curvy-models-plus-size-models-98772.html?utm_source=taboola&utm_medium=campaign&utm_campaign=12489956&utm_term=3571891593&utm_content=vesty.co.il#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC77UUomrWTvvbO9ci1AQ
Title: InTouch

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ynet-vesty/log/3/click?pi=%2Fmain&ri=ee4c1516648fce6a7b65e4dcf4b00c54&sd=v2_39d38ff757b33f814ab412083f2be315_f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b_1678623115_1678623115_CIi3jgYQyYtDGKuT8K3tMCABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b&it=photo&ii=~~V1~~8569219955644757892~~NHeheNGBiBUsi6MqUZ12hgnSYDbHgfKp-AHafQYj0s_6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_ymZ9TTbFhPGQmI8i_yIcfrCsoMxmxIf49AHDJ4DDn9j26DgjD6QSb3OE0E2LVgoyzvuCWmlDWx8K3DzGlEv0983hpieMz507MyZRvn9yaSUUIdg9nBBaLpV63jgzC9eJpInogMnLXIzf74SLDck6Q&pt=home&li=rbox-h2v&sig=5123dd08303d398e8cb3a51f72e1ed166e13ab17f67e&redir=https%3A%2F%2Fintouch.wunderweib.de%2Fcurvy-models-plus-size-models-98772.html%3Futm_source%3Dtaboola%26utm_medium%3Dcampaign%26utm_campaign%3D12489956%26utm_term%3D3571891593%26utm_content%3Dvesty.co.il%23tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyC77UUomrWTvvbO9ci1AQ&vi=1678623115691&p=bauerxcelmediadeutschlandkg-intouch-sc&r=10&lti=deflated&ppb=CDQ&cpb=EhIyMDIzMDMxMi05LVJFTEVBU0UY2Kj4LyCc__________8BKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDM2NziAjvyHBUCb4wlIhIoQUNTJ2QNY____________AWMI0DcQiUoYMGRjCO___________wEQ7___________ARgRZGMIqjUQm0cYMmRjCNcWENUfGCNkYwjTMxDQRBg2ZGMIqiEQpi0YB2RjCNIDEOAGGAhkYwiWFBCeHBgYZGMIgy8QkkYYCWRjCKQnEIM1GC9kYwjh__________8BEOH__________wEYH2R4AYABAogB9fyj6AGQARyYAdeT8K3tMA&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.ynet.co.il/article/hko1yf00ny?utm_source=taboola&utm_medium=exchange&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCmzUEowPuq-tXBv6OeAQ#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCmzUEowPuq-tXBv6OeAQ

Search URL Search Domain Scan URL

URL: https://tap.freenet.de/unterhaltung/witze/die-besten-kinderwitze-40440850.html?utm_medium=referral&utm_source=ynet-vesty&utm_campaign=taboola&utm_term=21112582&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCx3Ewo7KbAiPeOh4ga#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyCx3Ewo7KbAiPeOh4ga
Title: freenet.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=alternating-thumbs-feed-nd:Below%20Homepage%20ND%20|%20Card%205:
Title: sponsored

Search URL Search Domain Scan URL

URL: https://die-sport-seite.de/bei-diesen-11-fotos-aus-dem-fitness-center-werden-sie-ueber-ihr-training-nachdenken/2/?utm_source=t&utm_medium=ynet-vesty&utm_campaign=15312726&utm_content=3103714195&tblci=GiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDQklUopqHOmP_B5NoE#tblciGiDBBulx0w5O5RJ8zlfDsLp33TFsw64P0ZEtFl06OYWQpyDQklUopqHOmP_B5NoE
Title: Sportseite

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
https://btloader.com/tag?w=5732901039636480&upapi=true

Request Chain 22

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 281

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1

Request Chain 282

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA3BjVDHfFRIFIuK.p8sKQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2

Request Chain 283

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECfnBZag62W-pmmHzoWffsE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1

Request Chain 284

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D

Request Chain 285

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1

Request Chain 286

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA3BjVDHfFRIFIuK.p8sKQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2

Request Chain 287

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECfnBZag62W-pmmHzoWffsE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1

Request Chain 288

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D

Request Chain 295

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 326

https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 327

https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D&documentReferer=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.vesty.co.il&random=8021790098480&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D&documentReferer=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.vesty.co.il&random=8021790098480&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 336

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=67790300079536904444992012261022&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=67790300079536904444992012261022&actionid=981741&produktid=&dt_url=

Request Chain 337

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834

Request Chain 339

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67790300079536904444992012261022 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67790300079536904444992012261022 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 341

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=86514200082648404445006012261019&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=86514200082648404445006012261019&actionid=981741&produktid=&dt_url=

Request Chain 343

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=86514200082648404445006012261019&pv=1 HTTP 302
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID

Request Chain 345

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934

Request Chain 347

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86514200082648404445006012261019 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86514200082648404445006012261019 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 349

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 353

https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=DEIWSyP68ibE&ev=1&us_privacy=1---&pid=560687&gdpr=1

Request Chain 354

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=Su3j7pUId8L0rZn9XjrSDg&gdpr=1&us_privacy=1---

Request Chain 355

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=22d58063-7893-461b-8256-dd52c6f9fbcc&gdpr=1&us_privacy=1---

372 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request main Show response
www.vesty.co.il/ 222 KB
48 KB 249ms
43ms Document
text/html 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/main

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

311effebf670aebd57830fd70133ecf2b0d74725e69554d42e91074f739f786c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 48926
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 12:11:54 GMT
Last-Modified: Sun, 12 Mar 2023 12:05:46 GMT
OSV: c8
V-TTL: 59
VX-Cache: HIT
Vary: Accept-Encoding
WAI: 01
X-Frame-Options: SAMEORIGIN
X-me: ${S_HOSTNAME}
X-version: V3
backend-cache-control: s-maxage=900
vg_id: 2

GET
H2 200 vesty.6c9986cf2a6e336e0b20445bb32a956d.css
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 699 KB
163 KB 164ms
46ms Stylesheet
text/css 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.6c9986cf2a6e336e0b20445bb32a956d.css
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01d30752c2a1f873f2030018f4cd7d7835dce6b29f63b509d325bd2992e9dbc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 15:20:54 GMT
server: cloudflare
age: 2404
etag: "9851723e3f50d91:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 7a6bf1420c70361b-FRA
expires: Wed, 12 Apr 2023 12:11:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 238ms
47ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

190244210236bdb383bd7e7b51386bf0dc552c4bb24d4bc37dc436eb929ab1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27412
x-xss-protection: 0
server: sffe
etag: "1508 / 908 of 1000 / last-modified: 1678489550"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 Mar 2023 12:11:54 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ynet-pic1.yit.co.il/Common/Api/Scripts/ 86 KB
36 KB 204ms
87ms Script
application/javascript 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/Api/Scripts/jquery-3.4.1.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Jan 2020 08:04:02 GMT
server: cloudflare
age: 10
etag: "2a839c80b1d5d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
cf-ray: 7a6bf1420c71361b-FRA
expires: Wed, 12 Apr 2023 12:11:54 GMT

GET
H2 200 gpt_script_yns_ynv.js Show response
totalmedia2.ynet.co.il/new_gpt/vesty/ 133 KB
27 KB 289ms
105ms Script
application/x-javascript 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c9901eba322320d37653843ced2b7ef18b27e92f36c7407211d564ab762508a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 11:37:21 GMT
server: AkamaiNetStorage
etag: "426e89a68e4518ad06657e926f8e1b9b:1675239101.242226"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 27319

GET
H2 200 ynv_templates.js Show response
totalmedia2.ynet.co.il/gpt/ynv/ 110 KB
44 KB 237ms
53ms Script
application/x-javascript 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:15:22 GMT
server: AkamaiNetStorage
etag: "0d986196c56347b4af883296acc3ef7f:1549530922"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ynet-vesty/ 865 KB
69 KB 137ms
41ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94be23a50de84dbac18623f017f4985a5efee3d573a17c2fa1a547337a650376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: TWP.TTfrCb1dc0W3vysR5oNLC_dbXQWj
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:54 GMT
x-amz-request-id: H8QV0PH2T9PZC90M
age: 6468
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 70142
x-amz-id-2: KYYQuhr8nokPsLMnlj63dbNtyeR8BU06YCs5iGtvifKHzjplLKSxMHfRcLFUJCr8QLWmWlJHAO/nAtJFy191GQ==
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 10:23:50 GMT
server: AmazonS3
x-timer: S1678623115.863967,VS0,VE1
etag: "6f2e2a51bbcd43f46b8b275523e16981"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 136

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://mrb.upapi.net/code?w=5732901039636480&uponit=true
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
https://btloader.com/tag?w=5732901039636480&upapi=true

15 KB
7 KB

52ms
52ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c47f1d5225e0f3d5aa0e1e4bb22f0228479e31ee5f78123eaef863e1d41538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 12 Mar 2023 11:21:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2979
etag: W/"7b95527116a179c4c0466ecb7165d764"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD1BVuZ%2FTA7hnWKarpBv7O%2FfBQskxieDr1FQAZLaDbd0ltTCG8apJrQS%2FTC8i06I9sEtxEnU%2BAFOZrRIIh4FF1nTr7cI66Cz%2BmHCi9zNgbUQiW95U%2B8nzD52gPjfGAtZ8i%2Bb8FA5kHXobQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7a6bf146797e39df-FRA

Redirect headers

date: Sun, 12 Mar 2023 12:11:55 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2307
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cK7BFrvo%2BcQjVuExsV9RX48a5bZUvxldZnooulASJWlOPr7mSH%2BnpX6sOdl2kUtYOKEHxjiZa1MeMY5Z%2BSF78Nk0dLVGVjtJ9jXaE6uyHQracPfJ6e0joHT8yLFpnJVtOME%2Bs0uRcqpKUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?w=5732901039636480&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 7a6bf146291339df-FRA

GET
H2 200 vendors-widgets.5a75e38506bb012f5b8b.js Show response
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 2 MB
539 KB 47ms
47ms Script
application/javascript 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daaa8665415c17083651c7dca5faa946d3c406ee11458c57a54d6c7867b2f4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 15:20:51 GMT
server: cloudflare
age: 222
etag: "ce2f9c3c3f50d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
cf-ray: 7a6bf145ea1d361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 widgets.e1b0733ea858fe4bc917.js Show response
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 3 MB
660 KB 81ms
64ms Script
application/javascript 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/widgets.e1b0733ea858fe4bc917.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68617b5509c476b6a77d95cc512edec292a27d1b5a534f26c016997669cd2d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 15:20:55 GMT
server: cloudflare
age: 205
etag: "a0d9363f3f50d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
cf-ray: 7a6bf1461a7d361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 flowplayer.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/ 73 KB
24 KB 187ms
44ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/flowplayer.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1588062fbae70d6cbba62fa3fe147b5c56fbb51eb00ee728fac73f2865b2352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: AUW4Efisofnj2j_xQaawfm.RxVHXtwrM
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 03:17:44 GMT
x-amz-cf-pop: PRG50-C1
age: 32652
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:33 GMT
server: AmazonS3
etag: W/"7cff120f4907e3ef51081cfc097e66c6"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: 2Qye1_FlmcSSp72ry9eDEwtNELp8B8GcxHp33NlAH2I6qNvVncIlTw==

GET
H2 200 flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ 46 KB
11 KB 193ms
50ms Stylesheet
text/css 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df1f6b4d9d8ae3b72cc814559a25735a36f017a28ea52cd67496a08837c79b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: wYLNeJxe1yjkvFdluEYIWAQA31jh9_wf
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sat, 11 Mar 2023 20:08:53 GMT
x-amz-cf-pop: PRG50-C1
age: 57828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:47 GMT
server: AmazonS3
etag: W/"b4e8ffbcdb1e47fc4ceb9f5f0b5394a9"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: KF2g3DGnLDCEk1GQlbAh7_3U6D4qGRB7mF_EBHPjEYM6zYByAiMCzA==

GET
H2 200 ads.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 98 KB
28 KB 189ms
46ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/ads.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c2ff867c75cb1fca9865d94294caa7b66268ed0e12f9ffb1f247b8687f38e4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: EjBjsDiktKwjQxa3Bm5mhiYoovq.0A2c
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 01:05:17 GMT
x-amz-cf-pop: PRG50-C1
age: 40185
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:34 GMT
server: AmazonS3
etag: W/"bba7417521a7b34bcfc598bb7c970576"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: Y-Y4XAVSygdGVO8zSx7uYscS-gGKDDxKGmgSZV_suMmqYTd-mCArMg==

GET
H2 200 cuepoints.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 4 KB
2 KB 187ms
44ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/cuepoints.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: bFfg1EPuwsWt7Z2eG.XiFnCtzzs8yfoD
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 03:38:54 GMT
x-amz-cf-pop: PRG50-C1
age: 47492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:37 GMT
server: AmazonS3
etag: W/"bd50097b30cd0caf23b8970fee9bcd6d"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: lOYJgSDboip16tE467GcL3YH0x3QQIGa2zzmIwfPn2RuoOtoH-GenA==

GET
H2 200 google-analytics.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 7 KB
3 KB 194ms
51ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/google-analytics.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fca48bc930949987a5316ee38c06b81bf438bde1e097db8d3349cb38c75a55cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: aHe40UD7sIpF2Xhv26uVj6FiNnW3mJbg
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sat, 11 Mar 2023 17:14:42 GMT
x-amz-cf-pop: PRG50-C1
age: 68290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:40 GMT
server: AmazonS3
etag: W/"b0f8633d6c53703173d3823e767c8e32"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: fIC7m5TztOWHbYB3r8kOHtOokgSXSgRe-TAYdaBVF7JY6iUuMZekHw==

GET
H2 200 keyboard.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 5 KB
2 KB 196ms
53ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/keyboard.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bac018f003188a5eee21e2bfcc2b0d08c52db556dcb8516355e3b20bf008a41f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: vW6A9pnXzR05ptcTptIjqRgaYQHf5ZLp
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 04:04:02 GMT
x-amz-cf-pop: PRG50-C1
age: 29468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:42 GMT
server: AmazonS3
etag: W/"096891672d21d7b0c5b6c14910c0bcf1"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: JTbFDudtbVYaT0gSv767mOlUsl1ajogCy_9KNre89TbliHHjIJXZHQ==

GET
H2 200 share.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 10 KB
4 KB 195ms
52ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/share.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71b8b84cf265c7d6828dc826db550041cbb10e5e128701b892bf063edf366337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 5nD9n6hGs2.R1reK4M68Hc9tHtc36tyg
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 04:30:27 GMT
x-amz-cf-pop: PRG50-C1
age: 28643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:45 GMT
server: AmazonS3
etag: W/"0b0b24cc546cc1bb8eb629ecd7cdb5a2"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: bEY_0FPrsgr1CBW-LOfgYh7iyhgnGKLf-qTN94SzSYy5K5rr0KHzLA==

GET
H2 200 qsel.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 6 KB
3 KB 289ms
147ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/qsel.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dbf959dbde32ec95d48a79c47dfe90a9ab436cf1f749c68d21603050b603221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Jj3hLzIVfl4msIhiaCfaNHPifXk4SNs3
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 01:05:17 GMT
x-amz-cf-pop: PRG50-C1
age: 40247
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:44 GMT
server: AmazonS3
etag: W/"6b0b19e7d13986bf94f0b66e93bbf51a"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: ghUC9oSg9DPk0PXE5CORma1j_CR8ufYGvsD7y6bOjKsqNYXP95yXFw==

GET
H2 200 asel.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 8 KB
3 KB 290ms
147ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/asel.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1710a7d50db056fc7f36508c32c4cc6b7da865cbb1178c07a8827c2896a704c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: alZmgcuU07XpnPFA3tFi5pKOjrtNIood
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sun, 12 Mar 2023 06:57:41 GMT
x-amz-cf-pop: PRG50-C1
age: 47492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:35 GMT
server: AmazonS3
etag: W/"60753211c9293b624d304f10c78dc2b1"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: pTyl33G4uYLXvKaQdyIkl2WOScBJf4bMGU55npjHaCaQ5IojP7Fg1w==

GET
H2 200 hls.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 386 KB
109 KB 245ms
103ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/hls.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 486b99f524c3a3949bd86e3d13c15c940c68c5d5f72487670846e2517dd8a982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: tu9gJVU8yRTGRQ7izd161zrlnOvE6pJT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sat, 11 Mar 2023 17:40:33 GMT
x-amz-cf-pop: PRG50-C1
age: 82741
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:41 GMT
server: AmazonS3
etag: W/"2b6df1ac18948533c80fe1c0e0098e14"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: lX1KJz_cIXETNxEnlpL-Ztz2HSr0ix0lbrr1xggoG5DtVOmsiQ-i7A==

GET
H2 200 float-on-scroll.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 5 KB
2 KB 290ms
148ms Script
application/javascript 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/float-on-scroll.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09202b23ed9c0f142a1c7af341d55ecb08599d05e075aef086fd92d33893a489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: GQ0MH4u3HPabrKla4WEcR6F3W10hAhR1
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
date: Sat, 11 Mar 2023 17:46:00 GMT
x-amz-cf-pop: PRG50-C1
age: 66654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 23 Jan 2023 09:35:39 GMT
server: AmazonS3
etag: W/"f3590477064d552e94bb5a74b8d2bb71"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: VR64Odd6qSBTSI-vdgDGxz6fssdLLWkin9hNujvFqQegnLksWr04_w==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
120 KB 202ms
51ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b2ed87fcdb76cf04bfec4e6ad94a14a2ab6833c474fac140869c53d1c898077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122300
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:54 GMT

GET
H2 404 flowplayer.lang.ru.js
cdn.flowplayer.com/releases/native/translations/ 0
0 291ms
149ms Script
application/xml 65.9.95.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-51.prg50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

283 KB
84 KB

296ms
93ms

Script
text/javascript

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b81a847076b180fb8365b839b00e6d2bfacd04e45862e8094caea6f76d1f4a17

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1678623114919503-14634257432771199177-vla1-2786-vla-l7-balancer-8080-BAL-5326
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 12 Mar 2023 13:11:54 GMT

Redirect headers

date: Sun, 12 Mar 2023 12:11:54 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H2 200 dmp-provider.js Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 192 KB
61 KB 267ms
57ms Script
text/javascript 52.222.158.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: f2ced2b19390b613c55ca0ad8a45eeddc71c0f790ebd238f70c5c68b3b6687c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 14:29:25 GMT
content-encoding: br
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P2
age: 78150
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: lSMhhaeDmClOVfZLs9a738_nhYDaStSYpkLzGPiAsZz_qvkuiz57Xg==

GET
H2 200 1220.png
www.ynetnews.com/Cnt/Images/Weather/ 771 B
986 B 107ms
40ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynetnews.com/Cnt/Images/Weather/1220.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bbec6ad5fcc7993fa87de6e94b777d3c85c133e760873d9360379f9fa0d64a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

backend-cache-control
date: Sun, 12 Mar 2023 12:11:55 GMT
last-modified: Fri, 10 Mar 2023 04:47:44 GMT
etag: "9a826d31d827d41:0"
content-type: image/png
vx-cache: HIT
cache-control: private, max-age=410620
wai: 01
accept-ranges: bytes
content-length: 771
v-ttl: 5245
expires: Fri, 17 Mar 2023 06:15:35 GMT

GET
H2 200 ____.png
ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/ 3 KB
3 KB 82ms
63ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9647129e04fb0087ff7d9aa50a657bbce11fcfcd89f2688cba822d0d7bf1f025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 1085
cf-polished: origFmt=png, origSize=4244
content-disposition: inline; filename="____.webp"
content-length: 3152
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 12:16:18 GMT
server: cloudflare
etag: "5a4db457ed24d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a88361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 vesty_logo.png
ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/08/SkVVgBdcj/ 1 KB
1 KB 82ms
64ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/08/SkVVgBdcj/vesty_logo.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d54e851db62143344146dd02717567e87695725d3e25e18a2feafd3dc6ba5714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 2734
cf-polished: origFmt=png, origSize=1692
content-disposition: inline; filename="vesty_logo.webp"
content-length: 1248
cf-bgj: imgq:85,h2pri
last-modified: Sun, 08 Jan 2023 13:08:35 GMT
server: cloudflare
etag: "269da9506223d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a8b361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H/1.1 200
OK 1220.svg
www.vesty.co.il/images/weather-new-icons/newWeatherSvgs/ 2 KB
1 KB 58ms
43ms Image
image/svg+xml 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/weather-new-icons/newWeatherSvgs/1220.svg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 963674b97a03a0192c7ec22a58976221a35739af7e3207be62452c45bef6c018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 12 Mar 2023 12:11:55 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Jan 2023 06:35:45 GMT
ETag: "dbce765adda4d81:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
VX-Cache: HIT
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
V-TTL: 3654
Content-Length: 718

GET
H2 200 rJfgU5uXRj_0_278_3000_1688_0_x-large.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/22/rJfgU5uXRj/ 43 KB
43 KB 82ms
64ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/22/rJfgU5uXRj/rJfgU5uXRj_0_278_3000_1688_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1a6ad799bccaf6403a6c2dd97d8ba1fe4530d012fe02933db2b71c2d5b42e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4639
cf-polished: qual=85, origFmt=jpeg, origSize=51284
content-disposition: inline; filename="rJfgU5uXRj_0_278_3000_1688_0_x-large.webp"
content-length: 43940
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 08:52:47 GMT
server: cloudflare
etag: "f49ea04c054d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a8d361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 Sk2WxkZP9_0_0_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/05/17/Sk2WxkZP9/ 7 KB
7 KB 82ms
65ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/05/17/Sk2WxkZP9/Sk2WxkZP9_0_0_1280_720_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d131be00e39df9e1633917a6567fe743d19e75e93d716100e454f1e22f1a32aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4798
cf-polished: qual=85, origFmt=jpeg, origSize=7656
content-disposition: inline; filename="Sk2WxkZP9_0_0_1280_720_0_medium.webp"
content-length: 6780
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:50:08 GMT
server: cloudflare
etag: "c89ebb69d054d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a8f361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HkFnLMikh_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/HkFnLMikh/ 11 KB
11 KB 88ms
72ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/HkFnLMikh/HkFnLMikh_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d2b0bd0f24b8fe4f2f67f27ec5b3c2d23bf536b012d0504fdde0ccdc97d5ed0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 1826
cf-polished: qual=85, origFmt=jpeg, origSize=13471
content-disposition: inline; filename="HkFnLMikh_0_0_850_479_0_medium.webp"
content-length: 11244
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 11:38:28 GMT
server: cloudflare
etag: "16d7592ad754d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a91361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HkQy2IQMRs_0_71_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/21/HkQy2IQMRs/ 5 KB
5 KB 80ms
64ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/21/HkQy2IQMRs/HkQy2IQMRs_0_71_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac7d54900bb77dd1ba8ba654a75f6b35151c4cfdcb92fa873c1af40a3005a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 1322
cf-polished: qual=85, origFmt=jpeg, origSize=6821
content-disposition: inline; filename="HkQy2IQMRs_0_71_3000_1688_0_medium.webp"
content-length: 4784
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 11:42:16 GMT
server: cloudflare
etag: "c7344b2d754d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a93361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 9470404_0_0_981_552_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/09/08/9470404/ 8 KB
8 KB 80ms
64ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/09/08/9470404/9470404_0_0_981_552_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dddb4c293a814c34e78a92449aa1f61f82b20d90ee9aadefc3570862981559a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 2352
cf-polished: qual=85, origFmt=jpeg, origSize=8383
content-disposition: inline; filename="9470404_0_0_981_552_0_medium.webp"
content-length: 7966
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 11:31:17 GMT
server: cloudflare
etag: "ea421c29d654d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a95361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SJgrt00jTo_0_0_1000_667_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/16/SJgrt00jTo/ 12 KB
12 KB 81ms
65ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/16/SJgrt00jTo/SJgrt00jTo_0_0_1000_667_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78e5ad92bc0110aaf670bd110d3f5e6703d4b39516d1cf4e1687e00f234b754f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 3968
cf-polished: origSize=12568, status=webp_bigger
content-length: 12244
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 09:58:24 GMT
server: cloudflare
etag: "dedc7b2fc954d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1462a98361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 9046794_0_0_980_552_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/02/05/9046794/ 11 KB
12 KB 88ms
72ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/02/05/9046794/9046794_0_0_980_552_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0399d59a0f0c05c91a1d562fd03a57d725c15f00d8dc7d7a99c4b3ec8a1a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6427
cf-polished: qual=85, origFmt=jpeg, origSize=13491
content-disposition: inline; filename="9046794_0_0_980_552_0_medium.webp"
content-length: 11628
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 08:32:22 GMT
server: cloudflare
etag: "42de632abd54d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ab3361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 rJPWpDLvJ2_0_0_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/rJPWpDLvJ2/ 15 KB
15 KB 88ms
73ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/rJPWpDLvJ2/rJPWpDLvJ2_0_0_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d33531badd230b30c5d752fdb8aeafefb4b836ab9e2427119229167852283b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5942
cf-polished: origSize=16163, status=webp_bigger
content-length: 15620
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 16:44:43 GMT
server: cloudflare
etag: "d07e899d6f53d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ab4361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 9502580_0_0_500_375_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2019/09/23/9502580/ 50 KB
51 KB 87ms
72ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2019/09/23/9502580/9502580_0_0_500_375_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55e7b1493865c23c9523489189405478dabe9f3367fbee9ce4169b5abde16a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4910
cf-polished: degrade=85, origSize=53559, status=webp_bigger
content-length: 51529
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 06:22:14 GMT
server: cloudflare
etag: "3ed66cd2e153d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ab5361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HJzfUVtDVP_0_36_500_282_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2020/09/10/HJzfUVtDVP/ 9 KB
9 KB 90ms
75ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2020/09/10/HJzfUVtDVP/HJzfUVtDVP_0_36_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7359540e95f22f0e3903c0ac4e8f8b4a0d761ccc5564c5cf89e1a775129b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5010
cf-polished: qual=85, origFmt=jpeg, origSize=14134
content-disposition: inline; filename="HJzfUVtDVP_0_36_500_282_0_medium.webp"
content-length: 9326
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 06:20:59 GMT
server: cloudflare
etag: "ec197ba5e153d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ab6361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 Bylyw9kFhs_0_0_640_360_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/Bylyw9kFhs/ 46 KB
46 KB 87ms
73ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/Bylyw9kFhs/Bylyw9kFhs_0_0_640_360_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1011d2a1a683c34ae5a2b970442f1ed2ea975e127de6359b43045b609cfc9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4571
cf-polished: qual=85, origFmt=jpeg, origSize=50928
content-disposition: inline; filename="Bylyw9kFhs_0_0_640_360_0_medium.webp"
content-length: 47354
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Mar 2023 10:02:01 GMT
server: cloudflare
etag: "b2c8a8316e52d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ab7361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SySmT1o1h_0_0_892_510_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/SySmT1o1h/ 4 KB
4 KB 88ms
74ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/SySmT1o1h/SySmT1o1h_0_0_892_510_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733b4be3545dbba132e34214131e9dc49c3b5bea04743e81d201ca4371f48c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 393
cf-polished: qual=85, origFmt=jpeg, origSize=4894
content-disposition: inline; filename="SySmT1o1h_0_0_892_510_0_medium.webp"
content-length: 4094
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 08:02:56 GMT
server: cloudflare
etag: "1462f2db954d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ab8361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 rkgG6Wjk2_0_505_768_432_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/rkgG6Wjk2/ 14 KB
15 KB 89ms
75ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/rkgG6Wjk2/rkgG6Wjk2_0_505_768_432_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abec9a5f2539bdc5f00add55cf15098fdd5eb0b47f1f998b6f39b24ad03206b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6680
cf-polished: origSize=15436, status=webp_bigger
content-length: 14807
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:19:08 GMT
server: cloudflare
etag: "c0272a15cc54d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463aba361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SyBtsCcJn_237_0_823_463_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/SyBtsCcJn/ 6 KB
6 KB 87ms
73ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/SyBtsCcJn/SyBtsCcJn_237_0_823_463_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347b65dc4f86eca9a03d1fb887d09bba41af2d2332d2cfcbbcfbc0cea0e6a92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 31
cf-polished: qual=85, origFmt=jpeg, origSize=6514
content-disposition: inline; filename="SyBtsCcJn_237_0_823_463_0_medium.webp"
content-length: 6284
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:51:58 GMT
server: cloudflare
etag: "26803abd054d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
accept-ranges: bytes
cf-ray: 7a6bf1463abb361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 S1i11JCq13_0_0_1600_900_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/S1i11JCq13/ 11 KB
11 KB 86ms
73ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/S1i11JCq13/S1i11JCq13_0_0_1600_900_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d569bbfd830a8b7238b345277c19a1a83992731ae74a57b9e813c16d6ca055

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 560
cf-polished: origSize=11368, status=webp_bigger
content-length: 11024
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:19:08 GMT
server: cloudflare
etag: "b48dc15cc54d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463abc361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 By8ILS70s_0_233_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/22/By8ILS70s/ 7 KB
7 KB 87ms
73ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/22/By8ILS70s/By8ILS70s_0_233_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b068a1e4d320d1d506f3c90f33b9306881ca0bd116ded78c71a2aedc9d15e5e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5790
cf-polished: qual=85, origFmt=jpeg, origSize=7587
content-disposition: inline; filename="By8ILS70s_0_233_3000_1688_0_medium.webp"
content-length: 6668
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 08:47:46 GMT
server: cloudflare
etag: "acb4451bf54d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463abd361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 BycwhXc1h_0_241_1280_721_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/BycwhXc1h/ 6 KB
7 KB 87ms
74ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/BycwhXc1h/BycwhXc1h_0_241_1280_721_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2515d51d838d0f76458065d99d68209a70ea5407034ad23b33bf42f0de86ed9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 560
cf-polished: qual=85, origFmt=jpeg, origSize=7072
content-disposition: inline; filename="BycwhXc1h_0_241_1280_721_0_medium.webp"
content-length: 6592
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 11:40:44 GMT
server: cloudflare
etag: "7c58e57ad754d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463abe361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 BJfV2Y6Ok2_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/BJfV2Y6Ok2/ 85 KB
85 KB 88ms
76ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/BJfV2Y6Ok2/BJfV2Y6Ok2_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a2a3c7d6cc027c04838059485983bdd2e606e3e7735a8331f4bdf880b21e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 787
cf-polished: origFmt=png, origSize=127288
content-disposition: inline; filename="BJfV2Y6Ok2_0_0_850_479_0_medium.webp"
content-length: 86954
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 08:18:52 GMT
server: cloudflare
etag: "a6371248bb54d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463abf361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SJgvBKU8k2_0_0_1001_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/SJgvBKU8k2/ 7 KB
8 KB 86ms
74ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/SJgvBKU8k2/SJgvBKU8k2_0_0_1001_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a291c75d0dbae743aa948cbab10042c9bfe5265de90d91a8c6fd7a92f30e2783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 3601
cf-polished: qual=85, origFmt=jpeg, origSize=9646
content-disposition: inline; filename="SJgvBKU8k2_0_0_1001_563_0_medium.webp"
content-length: 7538
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 06:50:39 GMT
server: cloudflare
etag: "b66d30f5ae54d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ac1361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 BJRoJfZEo_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/10/22/BJRoJfZEo/ 10 KB
10 KB 88ms
76ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/10/22/BJRoJfZEo/BJRoJfZEo_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a34e381faa7996a9dc025fa934f64d94e18690bfcef4983b9f09f96228985d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5205
cf-polished: qual=85, origFmt=jpeg, origSize=11969
content-disposition: inline; filename="BJRoJfZEo_0_0_850_479_0_medium.webp"
content-length: 10546
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 05:24:42 GMT
server: cloudflare
etag: "a6f3faf2a254d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ac2361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 ryxeDzc4xi_0_0_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/06/ryxeDzc4xi/ 12 KB
12 KB 88ms
76ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/06/ryxeDzc4xi/ryxeDzc4xi_0_0_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 648b09ff48416521e500b635803cae6030d4761f334c335178461aeb93071eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4619
cf-polished: qual=85, origFmt=jpeg, origSize=13037
content-disposition: inline; filename="ryxeDzc4xi_0_0_3000_1688_0_medium.webp"
content-length: 12076
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:51:58 GMT
server: cloudflare
etag: "38dd3eabd054d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ac3361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 rJd1GbWaos_0_176_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/24/rJd1GbWaos/ 9 KB
9 KB 88ms
77ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/24/rJd1GbWaos/rJd1GbWaos_0_176_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa3cd433cbbc175ad17db52b955c36cc467f2529d0bfbe69ed7482a6f93da246

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6427
cf-polished: qual=85, origFmt=jpeg, origSize=11314
content-disposition: inline; filename="rJd1GbWaos_0_176_3000_1688_0_medium.webp"
content-length: 9476
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 16:04:23 GMT
server: cloudflare
etag: "e85cc4253354d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ac5361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 7903186_0_0_961_540_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2017/07/12/7903186/ 10 KB
10 KB 88ms
76ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2017/07/12/7903186/7903186_0_0_961_540_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 515792b5f8eece1facb8452b78d4a4b75d44a3c0199ff73a66541733a6917439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4429
cf-polished: origSize=10720, status=webp_bigger
content-length: 10551
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 08:00:01 GMT
server: cloudflare
etag: "46c6817bef53d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ac6361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 H1GJXFDckn_1_0_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/H1GJXFDckn/ 9 KB
9 KB 86ms
74ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/H1GJXFDckn/H1GJXFDckn_1_0_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10993116ca5b2187405775500b2c55ab168c53b31fadf1ade4afa7678367e6e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 2628
cf-polished: qual=85, origFmt=jpeg, origSize=10300
content-disposition: inline; filename="H1GJXFDckn_1_0_3000_1688_0_medium.webp"
content-length: 9438
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:27:16 GMT
server: cloudflare
etag: "dee68d37cd54d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ac8361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 ry7BB6C9j_0_0_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/13/ry7BB6C9j/ 7 KB
7 KB 86ms
75ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/13/ry7BB6C9j/ry7BB6C9j_0_0_1000_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f5a96bb59b6a4085c64fe2fc9149aac2d3d7752b7f5eab1a2706ca55a76ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 339
cf-polished: qual=85, origFmt=jpeg, origSize=10507
content-disposition: inline; filename="ry7BB6C9j_0_0_1000_563_0_medium.webp"
content-length: 7260
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 06:24:42 GMT
server: cloudflare
etag: "a63ac02ae253d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463acc361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 8726588_0_35_500_282_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2018/08/20/8726588/ 17 KB
17 KB 86ms
75ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2018/08/20/8726588/8726588_0_35_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7697dc0aafddef0adc276e9764a16ba6328028637a33b6ecd616081328cad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 339
cf-polished: qual=85, origFmt=jpeg, origSize=22822
content-disposition: inline; filename="8726588_0_35_500_282_0_medium.webp"
content-length: 17084
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 09:22:38 GMT
server: cloudflare
etag: "92f2d25fb53d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463acd361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SyuA11QDy2_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/SyuA11QDy2/ 18 KB
18 KB 86ms
75ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/SyuA11QDy2/SyuA11QDy2_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71feaaa730cbf44d232252367f5f36bedceb58c359a3edc400ca3cae69a55bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 2405
cf-polished: degrade=85, origSize=19646, status=webp_bigger
content-length: 18528
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:57:07 GMT
server: cloudflare
etag: "14579463d154d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463acf361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HJdH1OoCs_0_134_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/28/HJdH1OoCs/ 9 KB
10 KB 87ms
76ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/28/HJdH1OoCs/HJdH1OoCs_0_134_1280_720_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95387dc692d85f3b88df0a6526d58a41b36f2149b209f969ac28a5be3787e9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 2913
cf-polished: qual=85, origFmt=jpeg, origSize=9765
content-disposition: inline; filename="HJdH1OoCs_0_134_1280_720_0_medium.webp"
content-length: 9538
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 17:05:50 GMT
server: cloudflare
etag: "30fbf7907253d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ad0361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 S1X8Lhm0s_0_0_980_551_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/22/S1X8Lhm0s/ 10 KB
10 KB 95ms
85ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/22/S1X8Lhm0s/S1X8Lhm0s_0_0_980_551_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df49ccbe6dc250c850b3986ae5a8b0be2dde5d1254205a58e0133fd8c4b7b0ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5889
cf-polished: qual=85, origFmt=jpeg, origSize=14042
content-disposition: inline; filename="S1X8Lhm0s_0_0_980_551_0_medium.webp"
content-length: 10028
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Feb 2023 15:36:05 GMT
server: cloudflare
etag: "f8599e60d346d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1463ad4361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 BJrdlMOyAo_0_0_640_360_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/19/BJrdlMOyAo/ 26 KB
26 KB 105ms
95ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/19/BJrdlMOyAo/BJrdlMOyAo_0_0_640_360_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e28d71eb706599808b27197ff7cb8a4e14637b91218c7fa56a52561b631a4b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5402
cf-polished: qual=85, origFmt=jpeg, origSize=35598
content-disposition: inline; filename="BJrdlMOyAo_0_0_640_360_0_medium.webp"
content-length: 26766
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Feb 2023 13:44:28 GMT
server: cloudflare
etag: "f2f497c8c346d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b17361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 Hy5p01135i_0_0_1333_750_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/11/Hy5p01135i/ 11 KB
11 KB 107ms
97ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/11/Hy5p01135i/Hy5p01135i_0_0_1333_750_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7964f60f291f39693ad8a62f9a6bf2cc70b53b94298244a9ee246321fda4f782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5889
cf-polished: qual=85, origFmt=jpeg, origSize=14781
content-disposition: inline; filename="Hy5p01135i_0_0_1333_750_0_medium.webp"
content-length: 11370
cf-bgj: imgq:85,h2pri
last-modified: Wed, 11 Jan 2023 10:27:35 GMT
server: cloudflare
etag: "9e706052a725d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b1a361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 ryRFlMnqs_0_0_1333_750_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/11/ryRFlMnqs/ 9 KB
10 KB 105ms
94ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/11/ryRFlMnqs/ryRFlMnqs_0_0_1333_750_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d78874d120616374d4eee37ed27d975e01a90c4a924dd452c1dbc6bd851efbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5402
cf-polished: qual=85, origFmt=jpeg, origSize=12123
content-disposition: inline; filename="ryRFlMnqs_0_0_1333_750_0_medium.webp"
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Feb 2023 13:44:28 GMT
server: cloudflare
etag: "987580c8c346d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b1b361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 rJkEP3Guw_2_209_979_552_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2020/10/25/rJkEP3Guw/ 7 KB
7 KB 105ms
95ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2020/10/25/rJkEP3Guw/rJkEP3Guw_2_209_979_552_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28b962d9727e38c61648727c841439ab808e3ea59857f5f365da0f9576ffcf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 5889
cf-polished: qual=85, origFmt=jpeg, origSize=10245
content-disposition: inline; filename="rJkEP3Guw_2_209_979_552_0_medium.webp"
content-length: 7364
cf-bgj: imgq:85,h2pri
last-modified: Wed, 11 Jan 2023 09:38:21 GMT
server: cloudflare
etag: "56ef8971a025d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b1c361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 8821564_0_0_500_282_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2018/10/14/8821564/ 22 KB
22 KB 105ms
95ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2018/10/14/8821564/8821564_0_0_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e2d4d1bc63cc26feb19491b1b8bd5ca77f133e99c5e44a1f23fc68b05ae966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 339
cf-polished: qual=85, origFmt=jpeg, origSize=23944
content-disposition: inline; filename="8821564_0_0_500_282_0_medium.webp"
content-length: 22152
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 16:44:08 GMT
server: cloudflare
etag: "bcc97b886f53d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b1d361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HJZv1Mvxo_0_105_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/08/HJZv1Mvxo/ 8 KB
8 KB 105ms
95ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/08/HJZv1Mvxo/HJZv1Mvxo_0_105_1000_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0caa5435ac919e2053610a41d874a462581ecfad98efff858d14679bdff73365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 1197
cf-polished: qual=85, origFmt=jpeg, origSize=8358
content-disposition: inline; filename="HJZv1Mvxo_0_105_1000_563_0_medium.webp"
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 07:19:38 GMT
server: cloudflare
etag: "f81b8cac2053d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b1f361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SJlDJDSPk3_0_268_768_432_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/SJlDJDSPk3/ 16 KB
16 KB 106ms
96ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/SJlDJDSPk3/SJlDJDSPk3_0_268_768_432_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7325719a58773c527d337457bf7df125e1ba8a814c4c65eaa5b67c822764ab99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 203
cf-polished: origSize=17429, status=webp_bigger
content-length: 16717
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 05:50:27 GMT
server: cloudflare
etag: "84ee4f371453d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b20361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 Bygzxcc9kh_0_241_1280_721_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/Bygzxcc9kh/ 14 KB
14 KB 108ms
98ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/12/Bygzxcc9kh/Bygzxcc9kh_0_241_1280_721_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31402025c967b9b44011f44c00a337fb4dd94ad242cb9a46198ddc2835fff54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4544
cf-polished: origSize=14280, status=webp_bigger
content-length: 13907
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 07:01:45 GMT
server: cloudflare
etag: "58c9d681b054d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b22361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 rJYvksty3_0_82_1280_721_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/rJYvksty3/ 13 KB
14 KB 106ms
96ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/rJYvksty3/rJYvksty3_0_82_1280_721_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a5dcd17162fb1bfa7898f1b7cf33bc5282ac65f0b47544141f1111e1e748b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 203
cf-polished: origSize=14103, status=webp_bigger
content-length: 13741
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 05:26:54 GMT
server: cloudflare
etag: "94dec341a354d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b24361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HkQQbgtJn_0_62_1600_901_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/HkQQbgtJn/ 11 KB
11 KB 105ms
96ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/HkQQbgtJn/HkQQbgtJn_0_62_1600_901_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a79e00667ba542a44cd68ddd7cf15f6c2d713986badfc453ef6cb025cad4e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 2913
cf-polished: origSize=11679, status=webp_bigger
content-length: 11568
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 06:39:23 GMT
server: cloudflare
etag: "1e6cbc37e453d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b25361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 ryraxEIkh_0_28_699_393_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/ryraxEIkh/ 50 KB
51 KB 114ms
105ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/ryraxEIkh/ryraxEIkh_0_28_699_393_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3594c1675bd6a285cfc9a5b6e6bb0994d6ad9625b22004555f6db53db394149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6379
cf-polished: origSize=53491, status=webp_bigger
content-length: 51690
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Mar 2023 12:14:01 GMT
server: cloudflare
etag: "6c97f7a18052d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b27361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 Hy15trw1h_0_4_507_286_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/Hy15trw1h/ 35 KB
35 KB 115ms
106ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/Hy15trw1h/Hy15trw1h_0_4_507_286_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ed13a8680748afb45c0b7d2059d5d8d0fc991e88ab0192e12a5985a648092a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6379
cf-polished: origSize=37425, status=webp_bigger
content-length: 35701
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Mar 2023 14:11:35 GMT
server: cloudflare
etag: "8af3e1e9152d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b28361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 7792289_0_483_1850_1042_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2017/05/20/7792289/ 10 KB
10 KB 106ms
97ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2017/05/20/7792289/7792289_0_483_1850_1042_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b3b462960f190262ff7a1951dd0b58dcfcaab6e17cac647f2ef0ba6513f019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6379
cf-polished: origSize=10200, status=webp_bigger
content-length: 9950
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 11:54:58 GMT
server: cloudflare
etag: "1e73b44d1054d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b29361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 SJPJxfM12_0_1037_2000_1125_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/05/SJPJxfM12/ 11 KB
12 KB 111ms
102ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/05/SJPJxfM12/SJPJxfM12_0_1037_2000_1125_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eda86674f16adb5ab26df7d80aa10f2ce6199bbc2a2bf0906b624ff4cf2dc5cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4906
cf-polished: qual=85, origFmt=jpeg, origSize=14041
content-disposition: inline; filename="SJPJxfM12_0_1037_2000_1125_0_medium.webp"
content-length: 11766
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 06:24:42 GMT
server: cloudflare
etag: "7ac4992ae253d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b2a361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 r111eezFR9_0_53_500_282_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/08/16/r111eezFR9/ 18 KB
18 KB 105ms
96ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/08/16/r111eezFR9/r111eezFR9_0_53_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2fc43ae96329367881d25b42c9a8025bb86a93c5194d1de0bd8d5fb8c69236d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 339
cf-polished: qual=85, origFmt=jpeg, origSize=21548
content-disposition: inline; filename="r111eezFR9_0_53_500_282_0_medium.webp"
content-length: 18118
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 08:00:01 GMT
server: cloudflare
etag: "f0f06b7bef53d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b2c361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 4807969_0_0_1300_867_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2013/08/18/4807969/ 10 KB
11 KB 106ms
97ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2013/08/18/4807969/4807969_0_0_1300_867_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 913e622305737166561489738e6df69f154ef445f708334cc1ca2a57761f23c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4849
cf-polished: qual=85, origFmt=jpeg, origSize=12952
content-disposition: inline; filename="4807969_0_0_1300_867_0_medium.webp"
content-length: 10682
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 07:37:39 GMT
server: cloudflare
etag: "dcfe625bec53d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b2d361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 H198j7Qjo_2_145_796_448_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/H198j7Qjo/ 8 KB
8 KB 106ms
98ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/16/H198j7Qjo/H198j7Qjo_2_145_796_448_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02c2c341d9003f8fbba98ca1e4db52d48aa5ccb0afbece816a7e131bd29b88c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4906
cf-polished: qual=85, origFmt=jpeg, origSize=8121
content-disposition: inline; filename="H198j7Qjo_2_145_796_448_0_medium.webp"
content-length: 7760
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 05:26:37 GMT
server: cloudflare
etag: "3c2aad37a354d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b2f361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 H1cdAEPk2_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/H1cdAEPk2/ 7 KB
8 KB 106ms
98ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/09/H1cdAEPk2/H1cdAEPk2_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d597c43ce3195958528dfd9487c305cc3e1d54b66019fffad1a6a701ff2db716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4906
cf-polished: qual=85, origFmt=jpeg, origSize=9763
content-disposition: inline; filename="H1cdAEPk2_0_0_850_479_0_medium.webp"
content-length: 7612
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 18:47:16 GMT
server: cloudflare
etag: "90f65dbc8053d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b31361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 rkQGJJGGJn_0_19_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/05/rkQGJJGGJn/ 24 KB
24 KB 107ms
99ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/05/rkQGJJGGJn/rkQGJJGGJn_0_19_1000_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29a426e3f203b67b66e9ebed93781e5950a7fd98a0b09cc8e858f9ad77c5e019

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4544
cf-polished: qual=85, origFmt=jpeg, origSize=25074
content-disposition: inline; filename="rkQGJJGGJn_0_19_1000_563_0_medium.webp"
content-length: 24670
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 05:48:00 GMT
server: cloudflare
etag: "3e4a5bdf1353d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b34361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HJbRyA1f0s_0_0_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/21/HJbRyA1f0s/ 16 KB
16 KB 110ms
102ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/21/HJbRyA1f0s/HJbRyA1f0s_0_0_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d8d5f39cacef88a3e9c2aeeb5cacfcf513c8be0a14ae2c1006668bed121b352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 393
cf-polished: origSize=17061, status=webp_bigger
content-length: 16549
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 10:03:34 GMT
server: cloudflare
etag: "10590e8c954d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b36361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 BJj8FstWj_0_14_2874_1617_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/22/BJj8FstWj/ 7 KB
7 KB 113ms
105ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/22/BJj8FstWj/BJj8FstWj_0_14_2874_1617_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e43de8ac3f0ca712d7299430fcbd4a9ecc6af555c40ca76580fcf0d96541d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 741
cf-polished: qual=85, origFmt=jpeg, origSize=9333
content-disposition: inline; filename="BJj8FstWj_0_14_2874_1617_0_medium.webp"
content-length: 6820
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 04:53:54 GMT
server: cloudflare
etag: "ceef0a59e54d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b38361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 HyGAEinAi_111_210_2808_1581_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/01/HyGAEinAi/ 13 KB
14 KB 113ms
106ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/01/HyGAEinAi/HyGAEinAi_111_210_2808_1581_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1fbba805fe17e588bafe47a622c8b9e5ed5957c55eeea08659d4f99186246a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 164
cf-polished: origSize=14126, status=webp_bigger
content-length: 13759
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Mar 2023 09:36:46 GMT
server: cloudflare
etag: "a41746fffc53d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b3b361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 Sk00POi6ej_0_0_1356_763_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/13/Sk00POi6ej/ 11 KB
11 KB 109ms
101ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/13/Sk00POi6ej/Sk00POi6ej_0_0_1356_763_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fee42c00e734bfb6194e66912a31b6cfb7aab74ddcce563d920219ea12fc5bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 203
cf-polished: origSize=11396, status=webp_bigger
content-length: 11167
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Mar 2023 06:24:45 GMT
server: cloudflare
etag: "686bac11953d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b3c361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 ryxfizb913_0_0_751_423_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/ryxfizb913/ 10 KB
10 KB 113ms
106ms Image
image/jpeg 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/11/ryxfizb913/ryxfizb913_0_0_751_423_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef66beed0ea5c471fa927974b38df8441064fa6334ba0574847a2093e89e1388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4905
cf-polished: origSize=10508, status=webp_bigger
content-length: 10338
cf-bgj: imgq:85,h2pri
last-modified: Sun, 12 Mar 2023 04:53:55 GMT
server: cloudflare
etag: "528a9a69e54d91:0"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1465b3e361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 7873025_0_0_2348_1321_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2017/06/27/7873025/ 8 KB
8 KB 109ms
102ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2017/06/27/7873025/7873025_0_0_2348_1321_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55a0024ea31151632842888498ec8447deb62e2c4180c9b2f8056df18c61e21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 6378
cf-polished: qual=85, origFmt=jpeg, origSize=9707
content-disposition: inline; filename="7873025_0_0_2348_1321_0_medium.webp"
content-length: 7768
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Mar 2023 07:34:41 GMT
server: cloudflare
etag: "fa61359c5952d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1466b3f361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 one1430540_7_0_479_269_0_medium.jpg
ynet-pic1.yit.co.il/picserver5/crop_images/2022/06/04/one1430540/ 12 KB
12 KB 113ms
105ms Image
image/webp 2606:4700::6812:69e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/crop_images/2022/06/04/one1430540/one1430540_7_0_479_269_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:69e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76ab40faf1f3200e071c44d8ea5f3ae03704ce5bdb3087fc616cdbd870fd9c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
age: 4126
cf-polished: qual=85, origFmt=jpeg, origSize=12748
content-disposition: inline; filename="one1430540_7_0_479_269_0_medium.webp"
content-length: 11970
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:42:08 GMT
server: cloudflare
etag: "2ee3d8b88051d91:0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a6bf1466b41361b-FRA
expires: Wed, 12 Apr 2023 12:11:55 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 17 KB
6 KB 184ms
90ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a6bf146af5135ff-FRA

GET
H2 200 pubads_impl_2023030701.js Show response
securepubads.g.doubleclick.net/gpt/ 394 KB
133 KB 48ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136160
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 10 Mar 2024 21:43:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 155 B
124 B 156ms
74ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92fb0a36fa469dbdfac80736ae937bb7979da6d682064e19ed615062b772e431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
57 KB 148ms
51ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0622cb7019c42f0293d54be0fa188d3fca6af90b8efdb5bd07340a5734b156d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 58304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Mar 2023 12:11:55 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 142ms
44ms Script
application/javascript 65.9.95.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-124.prg50.r.cloudfront.net
Software: Apache/2.4.54 (Debian) /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:02:44 GMT
content-encoding: gzip
via: 1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 551
x-cache: Hit from cloudfront
content-length: 1696
last-modified: Fri, 24 Feb 2023 13:19:37 GMT
server: Apache/2.4.54 (Debian)
etag: "1090-5f571fb226c40-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: j3kmxyheNNCAb1vkBrR9rnoZdf-UJw7fRGT-mTSYOg8kqjYwwHh9-A==

GET
H/1.1 200
OK fi_client.js Show response
ecdn.firstimpression.io/ 350 KB
92 KB 168ms
55ms Script
application/javascript 18.66.122.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-112.fra60.r.cloudfront.net

Software

Apache/2.4.54 (Debian) / PHP/8.2.0

Resource Hash

2a14d89b849f9404d4b04b8fda990e75bd6c00bfcf07bb3ee00236621a302623

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 11:41:58 GMT
Content-Encoding: br
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 1797
X-Powered-By: PHP/8.2.0
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 0
Last-Modified: Sun,12 Mar 2023 11:41:58 UTC
Server: Apache/2.4.54 (Debian)
ETag: W/"b0bb21081314ad1dd5ac3241141986e9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
X-Amz-Cf-Id: H7qlDyYRgpsqxJvycL_RpjVw5pt0JUamnbTGk_qRioMiC-urxXIQtg==

GET
H2 200 impl.20230312-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 735 KB
153 KB 51ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: dd8c5e2827cef7d43206d71f88d228de02316b8f754b13e0757ebbfdf1fcd8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: bvQoE1_dTJS4U_rTqqHJ2D7oSnVGCtzT
content-encoding: br
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:55 GMT
x-amz-request-id: MN9C0AP19MQD3H0V
age: 7011
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 156661
x-amz-id-2: YBoNdA805ogmE4ZowO7lofIlFc70E2Ry+SKqd5iNuEgcNYChez05NX+1rWeoZg10Q5bv1nNaz9w=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 10:14:17 GMT
server: AmazonS3-br
x-timer: S1678623115.224169,VS0,VE0
etag: "57db686500dfc57ca3293892620afb9f"
vary: Accept-Encoding
content-type: application/javascript
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 33060

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/735032/ 14 KB
5 KB 125ms
119ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/1c0942547d39e10f5f56.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b02f26cd50ee99e88dc04fcf64d3d02e024f8ce49447e9aad3962438e62b5709

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4802
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "12ca686052b5d9d4a849f168941c9fe1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Mar 2053 18:46:02 GMT

GET
H2 200 2bc51aa1c79e2ebf9aa3.js Show response
yastatic.net/partner-code-bundles/735032/ 112 KB
24 KB 158ms
152ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/2bc51aa1c79e2ebf9aa3.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

30491c6b81dad3b6bb4e8576dbfba06cdee3e80ccd39663af5426d10501b5f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24270
last-modified: Thu, 09 Mar 2023 18:41:16 GMT
server: nginx/1.17.9
etag: "4846118fbd8205816361ca4b74b97572"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Mar 2053 18:46:02 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 182ms
176ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Mar 2053 18:45:36 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 88ms
88ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: ed8acdf06252503c
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Mar 2024 17:58:48 GMT

GET
H2 200 07cea2bf8567304efc16.js Show response
yastatic.net/partner-code-bundles/735032/ 23 KB
8 KB 188ms
183ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/07cea2bf8567304efc16.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2e4188515828c942a5eb2f047a2246cdf68a7aeea374009dde58629fe0c9beed

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7926
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "d6056820a626b7a179ef8875790bec2f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Mar 2053 18:46:02 GMT

GET
H2 200 2ec9a88e40a26b53acde.js Show response
yastatic.net/partner-code-bundles/735032/ 7 KB
3 KB 192ms
186ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/2ec9a88e40a26b53acde.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

273746bfb4f9aab48bc043b02f453ae18fedad76a5244fdf2c24fe631fd5d46a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2065
last-modified: Thu, 09 Mar 2023 18:41:16 GMT
server: nginx/1.17.9
etag: "30153dd7e842c8d0099df963a3543f22"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Mar 2053 18:46:02 GMT

GET
H2 200 0da1c504dc46c7b712e3.js Show response
yastatic.net/partner-code-bundles/735032/ 576 KB
110 KB 192ms
186ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/735032/0da1c504dc46c7b712e3.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

24302da202d5f76b541e8be13ca84e5f59d04ca28b78280d8c62cc88e5e9a42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 111813
last-modified: Thu, 09 Mar 2023 18:41:15 GMT
server: nginx/1.17.9
etag: "254228a3a3d9bec76527c77b680d3534"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 11 Mar 2053 18:46:02 GMT

GET
DATA 200
OK truncated
/ 616 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 276 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 702 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 639 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 637 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 397e1fa6b641266ac6537f43be08647287bafc72dff55f1b04d58e464e5c3b74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 364 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 543bee066850ffda34784bf04f96f06246a16f0a57d64a504fe459177e79056e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 accessibility.js Show response
js.nagich.co.il/core/4.2.2/ 40 KB
14 KB 199ms
49ms Script
application/javascript 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788447
x-powered-by: ASP.NET
last-modified: Mon, 27 Dec 2021 12:02:00 GMT
server: cloudflare
etag: W/"0eca68d19fbd71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDC8FaYjRbczRVoqtgFIhQiLZffX0pfzWLyTzhBboGI0fa8iQw7TSAokw%2FZm9wWxYU%2B8m5V7s88s6zh0RtmkRJb8%2BfvGU5qu%2BscDW0Bh2rbEijVEsifruh%2BCuhKiK8Hs%2FfYRWrn4M7QQhwtIiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 7a6bf1475e2935eb-FRA

GET
H2 200 px.gif
ad-delivery.net/ 43 B
342 B 201ms
81ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510936
x-guploader-uploadid: ADPycduLWNAVLP7lSA06qC3bZEZWvCCRwTnuWdmg9njFC-QkZIaGqkLIkmU8rzp5dTUOQ1ip5ho9-BpRvIE79eWA-8YEMKzxyT3o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXtu%2FjNUVGCz8LzYFP6cH6rHfTSVz7ETYr3naRWbKv%2B33YZEYcL%2FZUMJTr7I4ZabkNLP01vmeC7USiru8rsf9r92EnREs%2FcFphiNuoUM8f0fVH%2F7A8YtKXHpxr93iYPLM4YKEoxJ3NM8v0EA6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7a6bf147fced90af-FRA
expires: Mon, 06 Mar 2023 15:12:50 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 171ms
41ms Image
image/x-icon 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 14:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Mar 2023 14:50:04 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
964 B 165ms
47ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8585131878457322
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 510936
x-guploader-uploadid: ADPycduLWNAVLP7lSA06qC3bZEZWvCCRwTnuWdmg9njFC-QkZIaGqkLIkmU8rzp5dTUOQ1ip5ho9-BpRvIE79eWA-8YEMKzxyT3o
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBv2jxnD3RKVYp6yUfOJpuRtW4Gq4KLMw%2FnGLLbZOHZwf47Vhry2f5Jx%2FR1kcL9c33ddoIm1wBxMBeUEPnsovF9efmgivSnO7YCdH57%2BAnDjcPb9KRhtd%2B4SisXhgcFblsO6W61GtAlWqaqByg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7a6bf147fcee90af-FRA
expires: Mon, 06 Mar 2023 15:12:50 GMT

GET
H2 200 card-interference-detector.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 294ms
283ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9e17381d4cc5f10bbc1d09f22fbf22f7854763510eedb2ba694093410214ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: NtV4G12sU0lI_A3VxCUbJkGaIKdVIfPL
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:55 GMT
x-amz-request-id: SQGGS2DQHSC1V4H6
age: 3071
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: x/ZgD5p/3rUbou2a6YOZ/tLRd40vbbN2BRnd1ad2NLVlHborISW1eArLrLDft2z9eii3Ua72AS4=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:20:44 GMT
server: AmazonS3
x-timer: S1678623116.660405,VS0,VE0
etag: "0f9b706474b509b4bc43738b40af823b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4502

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 152ms
46ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:54 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 396954
expires: 60

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 147ms
40ms Image
image/svg+xml 88.221.169.78
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-78.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 12:11:55 GMT
date: Sun, 12 Mar 2023 12:11:55 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 112 KB
44 KB 169ms
48ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KXPKGJR

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5eff99580f3e3cb06d768951911708189dbdbe28a36efc95d58ec2a669032d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Mar 2023 12:11:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 11:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3142
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Mar 2023 13:19:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 50ms
48ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2fbcc3825dc269f53d8c9d11dce673e6ea969dd2b8790d806880fb273d9ffe2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78803
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Mar 2023 12:11:55 GMT

HEAD
H2 403 /
ads.google.com/ 0
0 216ms
107ms Fetch
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.google.com/
Requested by: Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/widgets.e1b0733ea858fe4bc917.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1 200
OK 1220.png
www.vesty.co.il/Cnt/Images/Weather/ 771 B
1 KB 40ms
40ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/Cnt/Images/Weather/1220.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bbec6ad5fcc7993fa87de6e94b777d3c85c133e760873d9360379f9fa0d64a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 12 Mar 2023 12:11:55 GMT
Last-Modified: Fri, 24 Feb 2023 03:48:28 GMT
ETag: "9a826d31d827d41:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 771
V-TTL: 0

GET
H2 200 5B3OZHWAV Show response
www.vesty.co.il/iphone/json/api/auto_ticker/ 33 KB
7 KB 45ms
45ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/auto_ticker/5B3OZHWAV

Requested by

Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d0aad3f5180a9737ea5e2fbc115c9b5c32836d1ac333afaca11311a22527409

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

backend-cache-control
x-me: ${S_HOSTNAME}
x-version: V3
content-encoding: gzip
date: Sun, 12 Mar 2023 12:11:55 GMT
vx-cache: HIT
wai: 01
v-ttl: 35
content-length: 6818
last-modified: Sun, 12 Mar 2023 12:09:57 GMT
osv: c8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
vg_id: 2
accept-ranges: bytes

GET
H2 200 5B3OZHWAV Show response
www.vesty.co.il/iphone/json/api/auto_ticker/ 33 KB
7 KB 63ms
63ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/auto_ticker/5B3OZHWAV

Requested by

Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d0aad3f5180a9737ea5e2fbc115c9b5c32836d1ac333afaca11311a22527409

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

backend-cache-control
x-me: ${S_HOSTNAME}
x-version: V3
content-encoding: gzip
date: Sun, 12 Mar 2023 12:11:55 GMT
vx-cache: HIT
wai: 01
v-ttl: 35
content-length: 6818
last-modified: Sun, 12 Mar 2023 12:09:57 GMT
osv: c8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
vg_id: 2
accept-ranges: bytes

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 173ms
48ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 154ms
49ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 443 KB
77 KB 727ms
727ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=7957725723493&correlator=1836392086551369&eid=31072019%2C31072028%2C31072884%2C31072886&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fifs&iu_parts=6870%2Cvesty%2Cdesktop%2Cinterstitial.adx%2Ctop%2Ccentral%2Cbox.1%2Cbox.2%2Cbox.3%2Cbox.4%2Cbig.strip.1%2Cbig.strip.2%2Cskyscraper.left%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2C%2F0%2F1%2F2%2F6%2F5%2C%2F0%2F1%2F2%2F7%2F5%2C%2F0%2F1%2F2%2F8%2F5%2C%2F0%2F1%2F2%2F9%2F5%2C%2F0%2F1%2F2%2F10%2F5%2C%2F0%2F1%2F2%2F11%2F5%2C%2F0%2F1%2F2%2F12%2F5%2C%2F0%2F1%2F2%2F13%2F5&prev_iu_szs=1x1%2C1x1%7C1x2%7C970x90%7C970x250%7C1000x200%7C970x130%7C970x350%7C970x100%7C1192x250%7C1192x350%7C1192x90%7C1192x100%7C1192x130%2C300x250%2C320x50%7C300x250%2C300x232%2C300x232%2C1240x125%7C970x90%2C1240x125%7C970x90%2C160x600%7C160x601%7C1x1%2C160x600%7C160x601%7C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=2106902652%2C4127172794%2C886418757%2C2427552119%2C341758666%2C2204950338%2C3616679890%2C645496518%2C273824712%2C2495267343&didk=3322118780~3142012961~1729980458~1729980461~1729980460~1729980463~3382549577~3382549576~3692076097~876052599&sfv=1-0-40&ists=512&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&cust_params=ynfi%3D0%26dckw%3D0%26ngch%3D0%26yrca%3D0%26dcTag%3D%26ynch%3D50.Vesti-1.Home%26dcPath%3D50.Vesti-1.Home%26dccg%3Dmain%26ynvc%3D0%26yncd%3D50%26callType%3DGPT%26dcsch%3Dnull%26dccw%3Dhigh_res%26dcsw%3D1600%26dcunigpt%3Dview1%26charset%3DUTF-8&sc=1&cookie_enabled=1&abxe=1&dt=1678623115676&lmt=1678622746&dlt=1678623114430&idt=968&adxs=-9%2C315%2C810%2C1120%2C810%2C1120%2C180%2C180%2C0%2C1440&adys=-9%2C5%2C656%2C656%2C921%2C921%2C2818%2C3309%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C0%7C0%7C1%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain&frm=20&vis=1&psz=0x-1%7C1240x10%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1240x-1%7C1240x-1%7C1600x3846%7C1600x3846&msz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1240x-1%7C1240x-1%7C160x-1%7C160x-1&fws=2%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=255671840.1678623116&ga_sid=1678623116&ga_hid=565580990&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

186e39368ccbccde547cd17de318de6440b569ec8bec5f4c3bc934bec4cbab4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79039
x-xss-protection: 0
google-lineitem-id: -2,6244109243,6191108860,6246296123,6190901432,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138425302719,138418905271,138426213175,138419756253,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E3A 6 KB
3 KB 175ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:55 GMT
expires: Mon, 11 Mar 2024 12:11:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023030701.js Show response
securepubads.g.doubleclick.net/gpt/ 33 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023030701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0608692433a30f00e2f46a6bdaf8963100faa4e0b96657cf7dbb59afc14bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 11:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 433729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12347
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 06 Mar 2024 11:43:06 GMT

GET
H2 200 json Show response
trc.taboola.com/ynet-vesty/trc/3/ 114 KB
33 KB 675ms
665ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/trc/3/json?tim=12%3A11%3A55.696&lti=deflated&data=%7B%22id%22%3A393%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1678616627098%2C%22vi%22%3A1678623115691%2C%22cv%22%3A%2220230312-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22vpi%22%3A%22%2Fmain%22%2C%22e%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3846%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-wide-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Home%20Page%20Thumbnails%20ND%22%2C%22orig_uip%22%3A%22Mid%20Home%20Page%20Thumbnails%20ND%22%2C%22cd%22%3A2201%2C%22mw%22%3A1240%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbs-feed-01%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20ND%22%2C%22orig_uip%22%3A%22Below%20Homepage%20ND%22%2C%22cd%22%3A3801%2C%22mw%22%3A1240%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20ND%3Dthumbs-feed-01%3Aabp%3D0%2C%2CMid%20Home%20Page%20Thumbnails%20ND%3Dthumbnails-wide-nd%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: eac0590b081beed79429908062e5f44b7bab0c05855f0888f3de472692ff7919

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 626
date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn-etou8220028-HHN
server: nginx
x-timer: S1678623116.724473,VS0,VE626
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 style.css Show response
js.nagich.co.il/style/ 15 KB
4 KB 48ms
48ms Fetch
text/css 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/style/style.css
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788515
x-powered-by: ASP.NET
last-modified: Wed, 15 Dec 2021 11:05:22 GMT
server: cloudflare
etag: W/"04554a7a3f1d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQUFS42kqqlns%2B0%2FXBDDok8DnZF9GYRTo4Sva1unvhzvYyWV4xiJEHwig3q1dZYGCYcAl%2ByUAoUsOBET605zc0Wp15sxrNifeusby%2BuZfvqt9JCi%2B11rC51LdjbTK5oDSctxPWkO9idxGrUmVg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 7a6bf149790935eb-FRA

GET
H2 200 btncolor.css Show response
js.nagich.co.il/style/ 103 B
424 B 49ms
49ms Fetch
text/css 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/style/btncolor.css
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788498
x-powered-by: ASP.NET
last-modified: Mon, 11 Feb 2019 10:07:59 GMT
server: cloudflare
etag: W/"e97d81aaf1c1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otsfClvDi8TbFVYAkXC0%2BavfLn8wQCA0MCPk0VFSJ6%2BByfes8HFEmFv%2FGBftDtDPrTIlBND2IrZDhWNvB7YkmswQX8uhdQb7IUQNRCetG9s7gjyTt8MR7xhZv22Kjsbq5HjmqHMoHglPpvPLnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 7a6bf149790b35eb-FRA

GET
H2 200 ru.json Show response
js.nagich.co.il/assets/locale/ 2 KB
976 B 106ms
106ms Fetch
application/json 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/assets/locale/ru.json
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Jun 2021 15:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ef1e2c9fc61d71:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bk1w7H8I2st6qwB5goYLiePpnKiptd6L%2BSA1UkRJQ%2FLVWxaN6eZRWu2ZgbtqVC6A3fanghLoJrKW64xzbPR2PlwIOTZldd%2BuJygKq8P7B1RifASq21GP6B4eCF2qv5JvUgThi86Z1mBOMBneA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 7a6bf149790c35eb-FRA

GET
H2 200 pdf.js Show response
js.nagich.co.il/assets/scripts/ 7 KB
2 KB 50ms
50ms Fetch
application/javascript 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/assets/scripts/pdf.js
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 788503
x-powered-by: ASP.NET
last-modified: Sun, 23 Feb 2020 12:50:59 GMT
server: cloudflare
etag: W/"80fb6ce547ead51:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtYMachbu1UNrs3ymg9QwukucjXkVCWrcW4Y9li85bYhPevE3AzA66wJop4sJqSLn0FFyLB4D%2FTGq6BPYBXn9VIpowkiUneSxPHH89wgu37H1bbAQIKX4oAMzkIrgVjdYSgHvU8A%2FnTBAbW4Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 7a6bf149790d35eb-FRA

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 248ms
152ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:55 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 249ms
152ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=PeGYwNQc&w=5732901039636480&o=6244355308257280&cv=2.1.08-9-gbce3fb9&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain&sid=T4r6WdXL&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 12:11:55 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H/1.1 200
OK spc_fi.php Show response
cdn.firstimpression.io/delivery/ 2 KB
2 KB 191ms
83ms XHR
application/json 65.9.95.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7787&url=%2Fmain&charset=UTF-8&ch=12&ref=www.vesty.co.il&viewerId=null&referer=&_firid=72923539
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-95.prg50.r.cloudfront.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 9520156f99a3bb679097e5850de9fd0813130dcfa9af8943c154cc229445827c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:55 GMT
Content-Encoding: gzip
Via: 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Miss from cloudfront
P3P: CP="CUR ADM OUR NOR STA NID"
Connection: keep-alive
Content-Length: 937
Pragma: no-cache
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.vesty.co.il
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: rdOJ6FGQTA9FgES6W_MwZlAm_i03u8Xnxx1fGLajCgNFbOs2UqknlQ==
Expires: 0

GET
H2 403 fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js
cdn.permutive.com/ 0
0 153ms
45ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js?d=2023-03-12
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 PRE Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 0
321 B 53ms
50ms Fetch
text/javascript 52.222.158.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/javascript

Response headers

date: Sun, 12 Mar 2023 04:28:18 GMT
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P2
age: 27817
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: _vvmK-SFIJuxdz50mlI3N9I7jZuZBQ0bOe6HJM2FhkwAsQ0YJ-y9Vg==

GET
H2 200 POST Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 0
320 B 51ms
50ms Fetch
text/javascript 52.222.158.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/javascript

Response headers

date: Sat, 11 Mar 2023 14:34:22 GMT
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P2
age: 77853
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: iZs2GMDswXaQmHzkFkoxtUy0j_M3MuH_I4qZhg9wS9CLHWH20K_B0A==

OPTIONS
H2 200 PRE
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 0
0 150ms
49ms Preflight 52.222.158.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
age: 27811
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 12 Mar 2023 04:28:24 GMT
server: nginx/1.20.0
vary: Origin
via: 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront)
x-amz-cf-id: ku1KTHSnFupDed7DQWAe0NZTeRYNr0KsjchRncKBeefaucRbrePJuA==
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront

OPTIONS
H2 200 POST
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 0
0 151ms
51ms Preflight 52.222.158.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
age: 77605
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sat, 11 Mar 2023 14:38:30 GMT
server: nginx/1.20.0
vary: Origin
via: 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront)
x-amz-cf-id: wl3K1VuONZ1ZbetKy0TvvwEDlFqew0NshgwwlrF9UMQZuye4nPSQ8g==
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 162ms
48ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5536870-20&cid=255671840.1678623116&jid=111998546&gjid=443611798&_gid=1506253885.1678623116&_u=YChAgEABQAAAAEAAI~&z=2033757131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=565580990&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain%3Fprof%3D50.Vesti-1.Home&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20Vesty.co.il%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgEABQAAAAAAAI~&jid=111998546&gjid=443611798&cid=255671840.1678623116&uid=0&tid=UA-5536870-20&_gid=1506253885.1678623116&gtm=45He3360n71NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2023%2F03%2F13%2013%3A11%3A56&cd12=Home%20Page&cd14=50.Vesti-1.Home&z=441803706

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 23:16:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46510
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 1077ms
986ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=45je3360&_p=565580990&cid=255671840.1678623116&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678623115&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20Vesty.co.il%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK collect
cdn.firstimpression.io/tracking/ 2 B
580 B 613ms
612ms Ping
text/plain 65.9.95.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/tracking/collect?b=1
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-95.prg50.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Sun, 12 Mar 2023 12:11:56 GMT
Access-Control-Request-Method: *
Via: 1.1 d19bc25644fc0cb24d9e1c2cb87755ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Access-Control-Allow-Methods: OPTIONS, GET, POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.vesty.co.il
X-Cache: Miss from cloudfront
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2
X-Amz-Cf-Id: qxsTZwEhlapDdl2L-PlMhWU93KnCKJ8-aoDonVw3pCcA7Q675ZqoyQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 184ms
87ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07e2d2f2c26b92a40a960d3c0aa3d68f29fa69de99a7feecf7c401864d205316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11113
x-xss-protection: 0

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 81ms
80ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type: application/json

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vesty.co.il
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a6bf14bb9a83687-FRA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 133ms
41ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 86400
cf-ray: 7a6bf14b794d3687-FRA
content-encoding: gzip
content-type: text/plain
date: Sun, 12 Mar 2023 12:11:56 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=565580990&t=timing&_s=2&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain%3Fprof%3D50.Vesti-1.Home&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20Vesty.co.il%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1786&pdt=125&dns=124&rrt=0&srt=43&tcp=81&dit=1083&clt=1469&_gst=1293&_gbt=1700&_u=YChAgEABQAAAAEAAI~&jid=&gjid=&cid=255671840.1678623116&uid=0&tid=UA-5536870-20&_gid=1506253885.1678623116&gtm=45He3360n71NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2023%2F03%2F13%2013%3A11%3A56&cd12=Home%20Page&cd14=50.Vesti-1.Home&z=1252967119

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 04:12:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28743
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dmp-main.js Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 206 KB
63 KB 54ms
54ms Script
text/javascript 52.222.158.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 7605e17a9b4092eb5ffe7685416246022382078ba38a3b3287691a361fa109e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 14:29:25 GMT
content-encoding: br
via: 1.1 aaa5fbd869d655f42986dd16509f667e.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P2
age: 78151
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: Ia2kNbyOgCPuOM8mWkmq47cIz0vKZ1FIZgIHoawzMy5-Y04EFDuFqQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 151ms
63ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5536870-20&cid=255671840.1678623116&jid=111998546&_u=YChAgEABQAAAAEAAI~&z=385933544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 182ms
88ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5536870-20&cid=255671840.1678623116&jid=111998546&_u=YChAgEABQAAAAEAAI~&z=385933544

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 state Show response
event.dxmdp.com/rest/api/v1/ 0
0 185ms
59ms Script
application/json 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/state
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 532ms
430ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 168ms
55ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ff34e07601a0355e61d4c433e99559889f5da4c73e6601d3182745c9222d98d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 12 Mar 2023 12:11:56 GMT

OPTIONS
H2 200 events
event.dxmdp.com/rest/api/v1/ Frame 0
0 169ms
58ms Preflight 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 sync
event.dxmdp.com/rest/api/v1/ Frame 0
0 166ms
55ms Preflight 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 events Show response
event.dxmdp.com/rest/api/v1/ 6 KB
6 KB 69ms
68ms Fetch
application/json 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/events
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 43fd3d3ca6f2a177c59759388e8663d0e534e27b2ed9ee986232d1c7099a4a07

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Sun, 12 Mar 2023 12:11:56 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 sync Show response
event.dxmdp.com/rest/api/v1/ 13 B
326 B 56ms
55ms Fetch
application/json 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Sun, 12 Mar 2023 12:11:56 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/21246a91/www-widgetapi.vflset/ 184 KB
62 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21246a91/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b8fb1678ebce94e32f755c4e1680fec756fb90413959b8fb6e930562a3ae1cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:21:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3040
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62983
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 01:18:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Mar 2024 11:21:16 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.9/ 111 KB
31 KB 56ms
49ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 612412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 30995
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 05 Mar 2023 10:04:45 GMT
server: AmazonS3
x-timer: S1678623116.416561,VS0,VE0
etag: "c04a240008c67910556582d1bf159ad7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: utN2JKuPev4tHiXsTjHXgqDmGqRRKS2mk1zVlEbitf46s57YMmFCig==
x-cache-hits: 121378

GET
H2 200 feed-card-placeholder.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 48ms
48ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38dc3287865914d7f3dffff585adc332654397dbf3f4007c992e2f16e31179da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: spy6R_ACRVO49I_oZMWK6nMX766dEyNB
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: T5TB5XS83JE4MBMF
age: 3065
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: OQLDuO7re3GTH88tKeIyKzGdMgL85JqKVloF3sMEFbRugf8tO4JQwCFKaN+b++o7iZKsofBBrMQ=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:20:52 GMT
server: AmazonS3
x-timer: S1678623116.416552,VS0,VE1
etag: "bae5b3729c18de6187e2e07b7d79dfcb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 12341

GET
H2 200 feed-footer-overlay.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 11 KB
3 KB 49ms
48ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-footer-overlay.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05976a36acca0a209e34abc6d55978803fc6cbcf278d66553e782c34e599cfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: z.lJXqs.GORZaIsLMVKTteemJ6mVV6i4
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: 10VEXS9HEY8R3J82
age: 3063
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2930
x-amz-id-2: sz70GqpC2LkmApTSorSowbd5r811Fm/4fHPaXFuyIQpjsYug3WC2FiI+763jsTLaDwDkxI5sM/Q=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:20:53 GMT
server: AmazonS3
x-timer: S1678623116.416552,VS0,VE0
etag: "f5f34f596d8e813c7349abc439023a11"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 214

GET
H2 200 userx.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 45ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbb32305de8274641325e91aca39e774d543b11d194bcffed68059b82f8db04f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: z9Kfp_5jX5Q4HjLa7z6oRUeyDPOwenuY
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: D1VX38WGT4Y7YWJR
age: 3039
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: +Ch1547C1bdnt7d/+dYkpLs6tgusVP2Fr46gv1H4ygIVhLk1tiboIOJOIlxv0vcB5vMTd7xzGko=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:21:17 GMT
server: AmazonS3
x-timer: S1678623116.427544,VS0,VE0
etag: "9b56c21c8c2bdc5c04d03ccdb3e12536"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2434

GET
H2 200 distance-from-article.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 45ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a5d4412b1a4e07b6fd3664927a265c09a2a06544ca160193082e4fc7ddac12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Lg59Jt__Ot0.H9Sbzt8Jq8NJnDCxe.y1
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: AY7QADBN73Y0JP9Q
age: 3069
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1012
x-amz-id-2: 14q6qXWNjy3M8QNZsCCtvbX3q7+Q2VzpSwVHUCMHA8xpm3E/+zyQSxa23jRvrpGO/5pd2uA1L5Q=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:20:47 GMT
server: AmazonS3
x-timer: S1678623116.427516,VS0,VE0
etag: "1a7577903d3ddf36da0d7efdf9d71c60"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3722

GET
H2 200 article-detection.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 45ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4622b8ccc7d122b291403e2592ca6d43e9b0411c0338e65526a9b4c09949998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: GkNkEnzZwRESCiIRY0UsHRk08ZEAz4Y5
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: B7WHY2W5E8FJWEGS
age: 3075
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1235
x-amz-id-2: OY+Br3WIyLduHzGoPGIpCeleXCTIJ4tn6Fvr+nLLGTU0R2zmv71wbrBwNtofICq2Wk5y15o92k0=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:20:42 GMT
server: AmazonS3
x-timer: S1678623116.427493,VS0,VE0
etag: "5926375b6b0315ecdc0f6ad93fb3b037"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3714

GET
H2 200 cta-component.20230312-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 42ms
41ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20230312-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc0b289cf3afa792240c96bacd597d314c861bddf73f7639217b82d2ad1ed48e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: MUHuhVGH83gqfrYtq9zdNy3LKVw3ewtU
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: Q58CNGPCZG31FDAY
age: 3070
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4738
x-amz-id-2: 51Z4CwZnv2cils6WhbBMYK1HZDo9oBAy1JrzLXAizbo++pSGrpMu9rEdE1uvVTp0qByE6h/3cGo=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Sun, 12 Mar 2023 11:20:46 GMT
server: AmazonS3
x-timer: S1678623116.429404,VS0,VE0
etag: "a3595f227af12e76b5ac9a3506c94055"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11205

POST
H2 204 abtests
trc.taboola.com/ynet-vesty/log/3/ 0
267 B 64ms
63ms Ping
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1678623116419%7D&tim=12%3A11%3A56.419&id=2835&llvl=2&ri=0d5ade72fce76a4af648791b50d8685a&sd=v2_39d38ff757b33f814ab412083f2be315_f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b_1678623115_1678623115_CIi3jgYQyYtDGKuT8K3tMCABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b&pi=/main&wi=893850554882200731&pt=home&vi=1678623115691&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220028-HHN
server: nginx
x-timer: S1678623116.453092,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/ynet-vesty/log/3/ 0
231 B 146ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/ynet-vesty/log/3/abtests?route=AM:AM:V&lti=deflated&ri=0d5ade72fce76a4af648791b50d8685a&sd=v2_39d38ff757b33f814ab412083f2be315_f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b_1678623115_1678623115_CIi3jgYQyYtDGKuT8K3tMCABKAEwODib4wlAhIoQSNTJ2QNQ____________AVgAYABo6t-6o5P9iuX9AXAA&ui=f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b&pi=/main&wi=893850554882200731&pt=home&vi=1678623115691&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1678623116407%7D&tim=12%3A11%3A56.407&id=3827&llvl=2&cv=20230312-9-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 56ms
56ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:56 GMT
x-amz-request-id: ZSYWDV613EWRQFZR
age: 1
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: zyoRYlp0DUQi7rOxqotjsUGVeDg2jXVIKZFqFlMrZ3FOAGkPB6oHKoLVv4lN564LBGSA15CQpCE=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1678623116.453059,VS0,VE2
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 31
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CE5 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstqbd155Jq4r0imwMbSgxGVtwVbwerzxlCcXhXSwSt_8ZKvxB10znsmg33DpcBytb2kTFzr1L3a2NRKb3wJwrn0zPV1eNssiKmJOX5H6m9lWJ91Us_eRtkXRT94Om-sXxQmuJfoDYGo326eoIHrppI7NTFkhS3JOAA4m_YzR0UGTrA7Sw1ySTNh8QuntW2eS-0IGqhA0RhsHqrgRhcHdRh7WFQ7Reg8D1r9KK63t18ti_KVjRajLWA3483MpXa0MH2SvrqnIWJ1PHwOWLOEmh3nxqj-6bhSnifToZZTrQiRO5iCjBRntNVXkWqUqu6dhVZWQkroGEPy-g&sai=AMfl-YTBjWPK0TnLqWf6u56VQ0Ahj4IXq55m8KlnHFtTTqEUT8UDrr6mfDA0p6PZbRBXjRdTcMeeNhO8VYoRjDwAUzQs9sgsbO6fL_zSYW-YQ6H1glduIlZ554NHVO-r-NE3-QYk3CEcq7JOZ8hJZb3G&sig=Cg0ArKJSzCwRphxRI9bNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 3CE5 3 KB
2 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CE5 158 KB
49 KB 193ms
60ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 7195864682265393326
tpc.googlesyndication.com/simgad/ Frame 3CE5 63 KB
63 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7195864682265393326

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b470d290bca13bb0ad69eb7b71eaa230a779c90dcb31e634cf48fd128b7ea51d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:00:23 GMT
x-content-type-options: nosniff
age: 18693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64493
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 11:00:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Mar 2024 07:00:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB90 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTNMYbpynP3UACSEIBzQpbCJO4G-Axu1L1QzobmqKn8PuAXUbmzUzhWgT9de9-85s6HCFcCMGP_MbiBj-JBGyA3f2WcBakV4XecXqdrY9rkYRnHGPqEH_jyOhEVYQvqdV7_UVJLPySOp_3j-Gxe8KGFSBnVeJWSUA2XmwK05AJlAKXcM-PFFV7f1yg0_IKRz2piC6R7cPym7lQ5xXn2N9KreTVX_22WwjRPskYB9StqghR35ICu4JQo53Bdj9owewLgme9B-n6ESuTw_SngePZaxC-OrWjFanQqJrSlI5CFomAWFbuS3y2IXT0bzqhjMopldiuueSiG3CyRQ&sai=AMfl-YQYmUxtwggY2YpjSrgjS9C_vXPcfcy7LO5QPmhAc9vKuPZgSiBY5lSFRGN3szo7yk9ugKFSSk1hnb-95MxX28z9O0p6GA_c2S3YAYDp-TSgr3wCItMLLtnfV-_ViRe5tSMBfiKYNfFLVHiUpy6Z&sig=Cg0ArKJSzIlyJQ5GBf3KEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame CB90 3 KB
1 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB90 158 KB
49 KB 257ms
134ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 4024207414444256527
tpc.googlesyndication.com/simgad/ Frame CB90 48 KB
48 KB 104ms
103ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4024207414444256527

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98cd8802460671a365e51bd1dfaa8862015955a200daa786ab5a2a1c83303550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 00:34:51 GMT
x-content-type-options: nosniff
age: 214625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49369
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 10:00:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 00:34:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51FC 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta4X_FQr0dYHr55YoQdOhSxM2L0WoiTuZQcU6LQfzfajBe5MeZbVcONM7byaMvrWKcxmNTX4NLHS7QJKlud0dJSG-n-qyNYAYB0vIfiY0dk3bLyg7b35GwaukJgdq7D4gvafSay5tzIhSFU7umRcgI0Gg9ZIwu3VWGrDWP7rLs5viP_9-4gA7HssOgQU-sCiX0xdATgVYdQvVrH2DfTA4ODgpqDirJ4izrR5Sh0kOfmpMddWzy2L9OstiqlVKe1xDmJydCloNZS92fy0DPO2q7fKsA8oDZA9wSdf-oTqMy9y3XKxxXqkar6QlNd8ai3jfmIF7IYY5rQk5ZeQ&sai=AMfl-YRz1ySXIcvIFffrtOCgsCEIjT7p6Yfn3JMnFAToPt_0JWL6Jgo_JciUdZcEQjSbT-xEDFH6f7063eyU96FfEGKcgbipwmQ2P9tjmxOoRgz6ezPlxj0L_lNXY4Q9u3yWbl02h2GwAePvhIobUHPS&sig=Cg0ArKJSzPCx0T3dzO2VEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 51FC 3 KB
1 KB 119ms
113ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 51FC 158 KB
49 KB 223ms
114ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 9545056739906246413
tpc.googlesyndication.com/simgad/ Frame 51FC 58 KB
58 KB 117ms
114ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9545056739906246413

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800a31d5d041534c0f05c0c6fb18a16eefc33519d43b9428717aa129a3cc4752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 09:34:25 GMT
x-content-type-options: nosniff
age: 9451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59397
x-xss-protection: 0
last-modified: Sun, 05 Feb 2023 10:12:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Mar 2024 09:34:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5FA 0
0 85ms
83ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLLXQMh-U43_tCQWyZvB_KK2pd0KdZ5hy5L7hFQW4ONR1EISnuxqjrjDmfAwkz1smGpfl65RSr1_wyoapfVPgsLLACzI7l8aLPO3Rm-qxWgihOsCvT-8LqAau-hjnmunvx-rWTPmKDojYXfb41dCCc33QGgC3CYTZ_mX6XY1LJNReRzJX9PV7EJjbrldLvyiBxgatu9EyAlBwjAxCkv5bdN1dULgjhdHvnDpRcy_f-3fhzy097qp7BhYLi52VVzF_Og4ov4iwjJe1TNT7HSmpvUEMIGiC-WVylZNA1GURZqKn8bn6NQGM4ii-3lGA4DjUJXqO76V1WkYQ-UA&sai=AMfl-YQoZM7gJMtwH-8im7ru_bKmDRzDkoilWIzjv3UP3FxMHv7-l-nyXLSbIufeli-WVJI5r7zzFuTdDiV9E-tIe-b1OAIASn8XcDd1Ay-yhQmXK55cdPjBcbuIbZYpyv7v7cL28tQyP8Dd_18cuTgD&sig=Cg0ArKJSzHqMqLHFgsL_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame C5FA 3 KB
1 KB 132ms
130ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C5FA 158 KB
49 KB 266ms
166ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 13150739955191351252
tpc.googlesyndication.com/simgad/ Frame C5FA 49 KB
49 KB 132ms
131ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13150739955191351252

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e8d69ed6d508a5a3b55538a4dd8352a81a6e60d0f11dc992c5e91843fe139a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 02:57:31 GMT
x-content-type-options: nosniff
age: 378865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50244
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 10:21:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 02:57:31 GMT

GET
H2 200 container.html Show response
7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EADB 6 KB
3 KB 45ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:55 GMT
expires: Mon, 11 Mar 2024 12:11:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame E07B 222 KB
61 KB 188ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 497012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame E07B 15 KB
5 KB 259ms
112ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 497012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame E07B 94 KB
28 KB 263ms
116ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 497012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame E07B 5 KB
2 KB 277ms
131ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 497012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame E07B 40 KB
13 KB 279ms
134ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 06 Mar 2023 18:08:24 GMT
age: 497012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 05 Mar 2024 18:08:24 GMT

GET
DATA 200
OK truncated
/ Frame E07B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2bf89e54067db75ba8f027a57e08367c041f2634a2fc5cc7eafeefb3407268f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8E8F 6 KB
3 KB 44ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:55 GMT
expires: Mon, 11 Mar 2024 12:11:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6361034940524349111
tpc.googlesyndication.com/daca_images/simgad/ Frame E07B 39 KB
39 KB 118ms
115ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6361034940524349111

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

244810c329c4a6cec74aa1321649dfc7d7b9a26c9ff27bff005461c69966605b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:35:00 GMT
x-content-type-options: nosniff
age: 185816
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40061
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 10:38:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 08:35:00 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E07B 3 KB
3 KB 116ms
114ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 01:00:24 GMT
x-content-type-options: nosniff
server: cafe
age: 40292
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
expires: Mon, 13 Mar 2023 01:00:24 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E07B 344 B
449 B 130ms
128ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 20:05:12 GMT
x-content-type-options: nosniff
server: cafe
age: 58004
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sun, 12 Mar 2023 20:05:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E07B 0
0 89ms
87ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVAdJi8ENZMDuMrWRjuwPk4WcqAP_uueZb9eUxbqaEd7ZHhABIJn7oCtglYKAgLQHoAHr1ejyKMgBAuACAKgDAcgDCKoEkAJP0Ku91YfVm-lzHdE0mvjEPON86vFyvl_Xmjlcu2U1tpXQbAFw0nSxim8c9YEQUMjHpBTQ_FfKQps9NHY3Zi3Lkd-PCeKljPdK_gDqAfBW955YLk4KVSEwUFSMmOuJTrOTePRQTvjTYLNPBgjxOpN872_k5dxTkXONozfrksXaexhUBTn1LYsQpzRfaEFd79OoLG7gc7e5nwUtKpJi4sk4AfABwgfCP61kkgCyP4GGSWVMmP2Q5qG2RSZNkWCK1z6vfyxdKEq6Xxy_THRmU9tfeKJGE1v9PThVAMhYKXoACzA0P0pOPRrZakL0OwTzW-4B-yVq9H6_pG94hTa99V_6BiVtORgPFngu9DSCSVmeR8AEr4CH1p8E4AQBkgUECAQYAZIFBAgFGASgBgKAB4y549EDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgZoE0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItNDIwNzY1Nzk3MTEyNjkzMBi5sw0&sigh=4q-EwniN9CE&uach_m=[UACH]&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 container.html Show response
7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C01 6 KB
3 KB 41ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:55 GMT
expires: Mon, 11 Mar 2024 12:11:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C71 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:55 GMT
expires: Mon, 11 Mar 2024 12:11:55 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3CE5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36d2e9e031cd04d2122e43f3172ee2f451714cd1d0831bccfd805eb0852b621e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CB90 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bf4ebf5da9e89e0f93265b2068a9843aaa93c627e5bfab37564d85ba6562b51

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 51FC 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76b169d3169387eae4a7fce5b1c27b26022455d25f2b20f8592e054f3e1eacf4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C5FA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ff0afdf6b5ce60efc846f88bc88e2e19e7f3bfb15865d9361c972231de284e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 BJKJAgxjj_0_123_1063_598_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/14/BJKJAgxjj/ 17 KB
18 KB 64ms
43ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/14/BJKJAgxjj/BJKJAgxjj_0_123_1063_598_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b4524b22ee5f7e0f719a731cfc2b36f9709cf69be079f3b251347d12eebe344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/14/BJKJAgxjj/BJKJAgxjj_0_123_1063_598_0_large.jpg
age: 109295
edge-cache-tag: 624556012670033479087061875787207475343,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624556012670033479087061875787207475343,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 552
req-referer: https://www.vesty.co.il/
content-length: 17082
x-request-id: c6516af011506e9733b9f56f0d87f7f1
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000056-IAD, cache-iad-kiad7000174-IAD, cache-bur-kbur8200082-BUR, cache-iad-kjyo7100103-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 11 Mar 2023 05:47:00 GMT
server: nginx
x-timer: S1678623117.646282,VS0,VE2
etag: "d033a2444602a040870887056ff6f8c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 H1jfxSU1n_0_0_1000_563_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/H1jfxSU1n/ 33 KB
34 KB 67ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/H1jfxSU1n/H1jfxSU1n_0_0_1000_563_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8066f3032f328de26f28d61237d6a5a1c7cb181a70bd93ea71ba1a34d127435d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/H1jfxSU1n/H1jfxSU1n_0_0_1000_563_0_large.jpg
age: 273380
edge-cache-tag: 556303468899025167912654498982942963702,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 556303468899025167912654498982942963702,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 562
req-referer: https://www.vesty.co.il/
content-length: 34242
x-request-id: fb32bc1682d1d56cd41c3f4ce279165a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100052-IAD, cache-iad-kcgs7200038-IAD, cache-bur-kbur8200122-BUR, cache-iad-kcgs7200081-IAD, cache-hhn-etou8220028-HHN
last-modified: Thu, 09 Mar 2023 08:15:28 GMT
server: nginx
x-timer: S1678623117.647032,VS0,VE1
etag: "0965fdab8caf3cf60c0dc6a3000e2e93"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 6c452776218368fe2dc4db298e421c93.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
42 KB 68ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c452776218368fe2dc4db298e421c93.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6897e63fd1d20948f67d3ad677f87386e3d8edf3a3c5bd45c75c19bc9bf74d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c452776218368fe2dc4db298e421c93.jpg
age: 477587
edge-cache-tag: 336254153275683835860512236355822591184,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 336254153275683835860512236355822591184,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 162
req-referer: https://www.japantimes.co.jp/
content-length: 41736
x-request-id: 501110d20405313d4d374a739ba39c84
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200099-IAD, cache-bur-kbur8200169-BUR, cache-iad-kiad7000083-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 01 Mar 2023 13:12:19 GMT
server: nginx
x-timer: S1678623117.646671,VS0,VE2
etag: "e240079e35b728c2b8dbc8fda0920b33"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0, 1

GET
H2 200 1876bdacfa827147d3c97aaa19f2457c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
4 KB 79ms
59ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0610623ba1a30857f5e9a2e1eca4998aef758edfa6c7e21f6e17c98d8957c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
age: 5354803
edge-cache-tag: 384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 81
expiration: expiry-date="Tue, 31 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.saechsische.de/
content-length: 3704
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100177-IAD, cache-bur-kbur8200160-BUR, cache-iad-kjyo7100026-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 31 Dec 2022 15:37:01 GMT
server: nginx
x-timer: S1678623117.646828,VS0,VE2
etag: "f4ad3f4c1c1af79f0ed44cdd7e94fd5f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 102, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 48ms
44ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7726fd721a0bc57c7a1fa948f21a7633cf51772a7f0d29dc15fd9097d9ce0513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 3956337
edge-cache-tag: 413171760462916128786953021986728628513,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 220
expiration: expiry-date="Fri, 24 Feb 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.5min.at/
content-length: 14488
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000129-IAD, cache-iad-kiad7000072-IAD, cache-bur-kbur8200108-BUR, cache-iad-kjyo7100112-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 24 Jan 2023 10:50:17 GMT
server: nginx
x-timer: S1678623117.709695,VS0,VE2
etag: "98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 109, 1

GET
H2 200 354a153c62dc78df948cc03e2b50f60a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 55ms
50ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/354a153c62dc78df948cc03e2b50f60a.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 974ff0bb3d9d0ddc9177adc3476a5bc655c1b24e38a9ba27f781a3d9a533bbb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/354a153c62dc78df948cc03e2b50f60a.png
age: 3532980
edge-cache-tag: 418240838448372678176251729206200855582,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 418240838448372678176251729206200855582,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
fastly-restarts: 1
content-length: 15610
x-request-id: a07597896a5795e1a93d52d88311c011
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kjyo7100036-IAD, cache-iad-kjyo7100036-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 03 Jan 2023 17:51:17 GMT
server: cloudinary
x-timer: S1678623117.710726,VS0,VE4
etag: "718441ef0308d6cdf81ea7347cde70c0"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 143, 1

GET
H2 200 ce62cdd1637eea6ce6d7b5030eeebe2b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 50ms
49ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce62cdd1637eea6ce6d7b5030eeebe2b.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 315a0911ea473c0a872ad26fb14907c1b76eecde302c3f646a33f2b6b996d4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce62cdd1637eea6ce6d7b5030eeebe2b.jpeg
age: 993623
edge-cache-tag: 539296037196432950454530049420905489369,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539296037196432950454530049420905489369,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 247
expiration: expiry-date="Fri, 17 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nasdaq.com/
content-length: 15466
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200139-IAD, cache-iad-kjyo7100178-IAD, cache-lga21966-LGA, cache-iad-kcgs7200034-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 14 Feb 2023 09:41:15 GMT
server: nginx
x-timer: S1678623117.710162,VS0,VE3
etag: "23627b427fbb16ffc0351e4b0d3c9cb9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 ed5a8c35b728a45a871e9ba8c8ae9dae.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
20 KB 46ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed5a8c35b728a45a871e9ba8c8ae9dae.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d931654bc346b6e836b4644266c0d4670e4865f82673af0221048c6e6abb2d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed5a8c35b728a45a871e9ba8c8ae9dae.jpg
age: 2296628
edge-cache-tag: 341807567282485810221409549239784864402,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 341807567282485810221409549239784864402,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 155
expiration: expiry-date="Tue, 28 Feb 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ynet.co.il/
content-length: 20086
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200040-IAD, cache-iad-kiad7000043-IAD, cache-lga21932-LGA, cache-iad-kcgs7200085-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 28 Jan 2023 17:47:29 GMT
server: nginx
x-timer: S1678623117.710671,VS0,VE1
etag: "7ae6a291ce2a98b82f45f0db382aabe9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1527, 1

GET
H2 200 HyKBwr1Bs_0_244_3000_1688_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/11/02/HyKBwr1Bs/ 16 KB
17 KB 43ms
42ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/11/02/HyKBwr1Bs/HyKBwr1Bs_0_244_3000_1688_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b4f93c736508c87de89aeb1ea0d92d3227713d5dac90a93f34f38ba9255d97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/11/02/HyKBwr1Bs/HyKBwr1Bs_0_244_3000_1688_0_large.jpg
age: 621015
edge-cache-tag: 464789196384037758366390267500440877666,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 464789196384037758366390267500440877666,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 474
req-referer: https://m.vesty.co.il/
content-length: 16032
x-request-id: 4bc8131ce280e57d13c28892a5b0f6ec
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kiad7000074-IAD, cache-lga21942-LGA, cache-iad-kcgs7200054-IAD, cache-hhn-etou8220028-HHN
last-modified: Sun, 05 Mar 2023 07:36:36 GMT
server: nginx
x-timer: S1678623117.710173,VS0,VE0
etag: "651e397245a8097c813383fbfb027bd3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 3

GET
H2 200 B1NSXVtnj_0_78_1280_720_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/B1NSXVtnj/ 31 KB
32 KB 41ms
41ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/B1NSXVtnj/B1NSXVtnj_0_78_1280_720_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec9b9eda1473038ef4956f8f0e2035bdc00081e08fb65ada2057d9637fa82b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/B1NSXVtnj/B1NSXVtnj_0_78_1280_720_0_large.jpg
age: 321231
edge-cache-tag: 620444717821799835831364453387258010285,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 620444717821799835831364453387258010285,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 510
req-referer: https://www.vesty.co.il/
content-length: 31502
x-request-id: 9887b8d834d49a15978502020bbea366
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100176-IAD, cache-iad-kcgs7200118-IAD, cache-chi-kigq8000084-CHI, cache-iad-kcgs7200076-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 08 Mar 2023 18:57:37 GMT
server: nginx
x-timer: S1678623117.752797,VS0,VE0
etag: "8d413869ae04f9eec322c6a124f23d0e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 collage-kinderwitze.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1650983059736/content/gallery/freenet/unterhaltung/wi... 15 KB
16 KB 51ms
50ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1650983059736/content/gallery/freenet/unterhaltung/witze/2022/04/25/collage-kinderwitze.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d4a7569c3bbab7ef407fbcaf065055c8e6ec9a6ab505636ffdf9ffdff523bde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1650983059736/content/gallery/freenet/unterhaltung/witze/2022/04/25/collage-kinderwitze.jpg
age: 3474848
edge-cache-tag: 606797021207318003192608683425898339943,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 606797021207318003192608683425898339943,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 987
req-referer: https://www.nrwz.de/
content-length: 15350
x-request-id: 0446d84d5214f3a5eee11e83a12d4c48
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100107-IAD, cache-bur-kbur8200059-BUR, cache-iad-kjyo7100173-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 31 Jan 2023 06:57:49 GMT
server: nginx
x-timer: S1678623117.755748,VS0,VE8
etag: "a5f94c9aac37198e19570e475b38279c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 11, 1

GET
H2 200 HJ8pfnWkw_0_712_4032_2268_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2020/07/07/HJ8pfnWkw/ 38 KB
39 KB 42ms
42ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2020/07/07/HJ8pfnWkw/HJ8pfnWkw_0_712_4032_2268_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 479a1e54ef2ea9909a5194cab4c9e3f00c2b9219b9d6c453bfd59490fafc7ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2020/07/07/HJ8pfnWkw/HJ8pfnWkw_0_712_4032_2268_0_large.jpg
age: 962192
edge-cache-tag: 410698754459000781841472742476979685853,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 410698754459000781841472742476979685853,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 87
req-referer: https://www.vesty.co.il/main/article/ryhdbrusj?utm_source=telegram&utm_medium=referral&utm_campaign=bitly
content-length: 39318
x-request-id: 5963c6fe689207478f96022e5e50e6c2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200053-IAD, cache-iad-kjyo7100104-IAD, cache-sna10726-LGB, cache-iad-kcgs7200030-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 01 Mar 2023 08:52:59 GMT
server: nginx
x-timer: S1678623117.756787,VS0,VE2
etag: "b58662bee385ab379dcc2dce97b40ea5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 1

GET
H2 200 c66670de4926d10bbdfd049c71555fa7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
24 KB 43ms
43ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c66670de4926d10bbdfd049c71555fa7.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3d594cf90108912af059afba3d7146c424d5040723764643cb19550f1ff1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c66670de4926d10bbdfd049c71555fa7.jpeg
age: 5601061
edge-cache-tag: 527114009379620393652758805390184209368,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 527114009379620393652758805390184209368,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 133
req-referer: https://www.rallye-magazin.de/
content-length: 24358
x-request-id: 94db5b778b60f1a3225eac64e4755461
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000085-IAD, cache-iad-kjyo7100023-IAD, cache-bur-kbur8200088-BUR, cache-iad-kjyo7100098-IAD, cache-hhn-etou8220028-HHN
last-modified: Mon, 19 Dec 2022 20:01:19 GMT
server: nginx
x-timer: S1678623117.760075,VS0,VE0
etag: "aacd7a3bef6665500c5ad490cb3a717b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 22, 8295

GET
H2 200 2ac8522f8747e5f08d2114307a551b58.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 47ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ac8522f8747e5f08d2114307a551b58.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c8232dea0264696ca1534cb5ccb8dbb455965586f5eac6ce9071fba480e81e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ac8522f8747e5f08d2114307a551b58.jpeg
age: 413939
edge-cache-tag: 386894635509480960477377969209426848645,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag: 386894635509480960477377969209426848645,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1134
req-referer: https://www.vesty.co.il/
content-length: 3192
x-request-id: 3af9fb306d86a0312221b344c84e68d2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200140-IAD, cache-iad-kiad7000030-IAD, cache-lga21921-LGA, cache-iad-kjyo7100062-IAD, cache-hhn-etou8220028-HHN
last-modified: Thu, 09 Feb 2023 12:15:24 GMT
server: nginx
x-timer: S1678623117.768188,VS0,VE6
etag: "e3b6b0b401e76d3dbff9874cd0108cf8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 1

GET
H2 200 e16f09c53bee1e2bc58a362882b70a1e.jpg
images.taboola.com/taboola/image/fetch/h_135,w_240,c_fill,g_xy_center,x_1355,y_689/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 50ms
49ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_135,w_240,c_fill,g_xy_center,x_1355,y_689/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e16f09c53bee1e2bc58a362882b70a1e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c202a6b938d7d148395310ee84652594a7805d1ead88215b0b3b369edce3d0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_135,w_240,c_fill,g_xy_center,x_1355,y_689/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e16f09c53bee1e2bc58a362882b70a1e.jpg
age: 3975558
edge-cache-tag: 422629802938984782540274969156887624408,512352068810349385554458407125906134447,29ecf9b93bbf306179626feeda1fab70
cache-tag: 422629802938984782540274969156887624408,512352068810349385554458407125906134447,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 213
expiration: expiry-date="Sun, 29 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ynet.co.il/
content-length: 4372
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200132-IAD, cache-iad-kcgs7200171-IAD, cache-bur-kbur8200160-BUR, cache-iad-kcgs7200041-IAD, cache-hhn-etou8220028-HHN
last-modified: Thu, 29 Dec 2022 08:22:29 GMT
server: nginx
x-timer: S1678623117.801205,VS0,VE3
etag: "ccd65b27fdf497deaafadc30de93646e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 5, 1

GET
H2 200 SJExQDdy3_0_104_799_450_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/SJExQDdy3/ 4 KB
5 KB 74ms
74ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/SJExQDdy3/SJExQDdy3_0_104_799_450_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a2506cda1e225983623e588ed4aa947210642dc6951d237adfc608f6c82d310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/SJExQDdy3/SJExQDdy3_0_104_799_450_0_large.jpg
age: 182589
edge-cache-tag: 441486093321831569411618580053604570466,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
cache-tag: 441486093321831569411618580053604570466,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 289
req-referer: https://www.vesty.co.il/
content-length: 4580
x-request-id: 5e5b9cb991793dbdb3aff50db9d51036
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000140-IAD, cache-sna10726-LGB, cache-iad-kjyo7100141-IAD, cache-hhn-etou8220028-HHN
last-modified: Fri, 10 Mar 2023 09:28:06 GMT
server: nginx
x-timer: S1678623117.813966,VS0,VE9
etag: "a60f6d99ed94d862daee70c5d94feb4b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 5a1e30004b50c8d7a2d53960d9e01767.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 73ms
72ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a1e30004b50c8d7a2d53960d9e01767.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfc49cd1a72ca692c404422e9e0c6797459657e93634ff09bd71503f0ad4ae07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a1e30004b50c8d7a2d53960d9e01767.jpg
age: 443751
edge-cache-tag: 603101138924994746875499844187695643666,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603101138924994746875499844187695643666,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 270
req-referer: https://www.ynet.co.il/
content-length: 9534
x-request-id: b8dbf894b6c14621b9579469775e9edd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kjyo7100120-IAD, cache-lga21927-LGA, cache-iad-kiad7000143-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 01 Mar 2023 12:41:34 GMT
server: nginx
x-timer: S1678623117.817488,VS0,VE4
etag: "a5c0a20fd5040f565f339ebf3dca5020"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 5a84e65a5a5780fb9e85ee5b6717005d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 792ms
792ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a84e65a5a5780fb9e85ee5b6717005d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ccb63ae51248d13238aecb1b6bd1b45e07432f108b57e636faa05bc79a792a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 735
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a84e65a5a5780fb9e85ee5b6717005d.png
age: 0
edge-cache-tag: 540720832381734058336557644495314571612,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag: 540720832381734058336557644495314571612,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 572
req-referer: https://www.vesty.co.il/
content-length: 5488
x-request-id: 4022d1c083cb25dde81d48929dc2d329
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000134-IAD, cache-iad-kiad7000032-IAD, cache-bur-kbur8200092-BUR, cache-iad-kcgs7200168-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 25 Feb 2023 23:08:10 GMT
server: nginx
x-timer: S1678623117.821701,VS0,VE735
etag: "69f92658751bb36ef79f2fba552e945f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 200 SyguHOhQ11j_0_7_1000_563_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/18/SyguHOhQ11j/ 8 KB
8 KB 65ms
64ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/18/SyguHOhQ11j/SyguHOhQ11j_0_7_1000_563_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ae071e63b88e6c852bfa05651fda24652949d5ae6b244d2df58c313546df5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/18/SyguHOhQ11j/SyguHOhQ11j_0_7_1000_563_0_large.jpg
age: 1139444
edge-cache-tag: 609668837402123591375190430997183407279,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609668837402123591375190430997183407279,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 400
req-referer: https://www.vesty.co.il/
content-length: 7748
x-request-id: 7bcc4183fe6c256f22a06007048448e7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100104-IAD, cache-lga21945-LGA, cache-iad-kjyo7100141-IAD, cache-hhn-etou8220028-HHN
last-modified: Mon, 27 Feb 2023 07:37:45 GMT
server: nginx
x-timer: S1678623117.837527,VS0,VE2
etag: "baa1e799563aa6715919878b70c19355"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 24A0 624 B
577 B 193ms
78ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNXD3yaBVl8djSy5Rr7iYAb7_-kMHgJxcDN4td5gDkRO2ySwZo6Lzc-YiJmfV7zdSx39BKV6SaqBB6bnFCxpr_Zl-612PV2wFHIn7gf0J9debMKDGdlxk91lXedA_9bmyPInlYL97GYDQm9QIVjgcHg1GCI_u_3l6MkPa9Nnc4JOdfneN6o

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8EEF 78 KB
27 KB 288ms
207ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8EEF 3 KB
1 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8EEF 20 KB
8 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EEF 158 KB
49 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 42 B
63 B 153ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DS9-JdK7Kxy1LW72HwkTobSkikF87ojP4fgaSf0WhPS0ez1r4JG7XFY4DKHs-RpvfeBzvxb5m0GBNWb-UxkJhlHP4bhQx8ITWmcpRZpdt1L-EW2uM

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 0
20 B 154ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2381010842241338946&x=1&ct=77

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 78A4 624 B
285 B 190ms
78ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNVVxpPWW4F5DIrqcuMbIXu93SqpclQRWI5HEXA0LBsClAn5UzqclDTYp-sm1KzYxKHjUjCtMsQnFqWrTmHGgM0LZYQkmUbVo3SXsCcoFcfQQC7S8qmdxW23rvrYeA_T_2zZHLXy-104x9QADZlP6E1bLB5pYUI_vDu_UU35CDuS-prJze0

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8E8F 78 KB
27 KB 189ms
113ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 42 B
63 B 149ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjlEPEbcxvfHiJ4oPdalgZgwnvpABhJUU8sxCrAyjgJoEtUEPepWNfeyiLAG2z6CJJy3R-KwiuIIiqtXM5kfBIh139_hXulypwCGDocVA1aK57iDE

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 0
20 B 149ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1209912474091735472&x=1&ct=77

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8E8F 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8E8F 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E8F 158 KB
49 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8C01 2 KB
944 B 150ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 11:57:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8C01 2 KB
765 B 42ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8C01 0
0 88ms
85ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrerAi8ENZMLuMrWRjuwPk4WcqAOT3_y6b9qhoOrSEK7G6I-oMBABIJn7oCtglYKAgLQHoAHV_omnAsgBCeACAKgDAcgDywSqBJECT9Cyj8Egd8V0n8x4NeOcEsejPmnAe0Cq-IUY520GEwcdgz45w3l_vUTj5KssJngh9sBy_XVe8ZMNp6F4OM7DtlKeDjGkIoihSwUdFcvuSFrpXs9leEyO7ccRK5CZCAku35g0EybYgkngsaUr9Mt3tf5lhXy_c6xRkqN9smjkTsYPbKGZ03QS4kQD_UYGit4Q5vKBAHEeTXSVi0oo-XjMJ6X-ci9MSVJ0D7ZPr1WK2hQxYLhFR30BAVnZYSAX-ckl0fjNGPOqaFSfRvlspHtt934eMAz9PScXCQtZOWCXVovbscKxKn9bzCTd-bdExA67G-z77PFZaYlsVhcZo28W25og3L912nvA1WoiXvVfFSsAwASC3Kj8hATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQyfkG0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItNDIwNzY1Nzk3MTEyNjkzMBi5sw0&sigh=oEWQkeY7BRs&uach_m=[UACH]&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&template_id=494
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 8C01 22 KB
9 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8C01 3 KB
1 KB 59ms
56ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 8C01 20 KB
8 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C01 158 KB
49 KB 83ms
81ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 8C01 34 KB
14 KB 149ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 20:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 20:32:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7C71 2 KB
608 B 79ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 10:25:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 7C71 2 KB
765 B 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7C71 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6PCki8ENZMPuMrWRjuwPk4WcqAOT3_y6b9qhoOrSEK7G6I-oMBABIJn7oCtglYKAgLQHoAHV_omnAsgBCeACAKgDAcgDywSqBJECT9AQZSJhkA89WHLX6_FuGsvCf_QFl_yJi3VSwBuwizDieBwSQ3wMQf97fUGyPKY9-krTTZ6d9RcwIW9fzC6-fCJLSB5qUKJ8wKGwdsy_ysqdvG1HXvclPPo_3D7SZcSwTWk057c_QnKtGAmIygfWNB5FUexjvuOJ4fdvFQ-fOHn8ZHLSlMxy6jMS4wOwA2w1mYQdGhwfLYT6xhdTe2PRxt7lahaARTbyam97WIt9Bt0xdEkETm1_CDuAUwlNeYDt0DItoMqH_-E4tTlfYDCJXajKq08bv3vbJu9RCKkPHpqEMFhD6x07hzULg59mjIWnxAGGWNofLten9i1c4RkM6QIqm9vJ2TDKriQOUJwWE9N3wASC3Kj8hATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHzrD02AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQv6cI0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwvQFQGAFwGyFx4KHAgAEhRwdWItNDIwNzY1Nzk3MTEyNjkzMBi5sw0&sigh=8XGqPb1EAWc&uach_m=[UACH]&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&template_id=494
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 7C71 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 7C71 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 11:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 11:09:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 7C71 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:39:25 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C71 158 KB
49 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 7C71 34 KB
14 KB 94ms
50ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 20:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 20:32:15 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 8C01 33 KB
34 KB 162ms
41ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRNGodLaHsp1vjOgwLIJb9P_7_hxbAMqwbAr3aAU-4McSb0HQNGJTpj_pljSQ&usqp=CAI

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab2fc2a0b1f69351176de37e0fd0dfa58d26651e7148e817c74a4406bd84a0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:50:53 GMT
x-content-type-options: nosniff
age: 231663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33884
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 14:24:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 19:50:53 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 8C01 21 KB
21 KB 156ms
40ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTBCxzTlgoxEdLwEFr91-5pEStnlepRCxgpf8bC9oL2RPG_Vn47GGk9_5D9oIE&usqp=CAI

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4af9473b8596150d66b8319829d1440d97be876c21dfcc0dfa347571f5ee33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:14:37 GMT
x-content-type-options: nosniff
age: 248239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21465
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 12:26:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 15:14:37 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 8C01 34 KB
34 KB 147ms
42ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR6-CQJxkRKZF3jjvo_IT8BkXSMihBQ3UuTS894xFOVETw1mRKrHtQExeqhqHE&usqp=CAI

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1a7e00e11523b6be00e8c6d54728f59e5a12d1d035b31295be10bbe844e900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:56:51 GMT
x-content-type-options: nosniff
age: 234905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34548
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 10:01:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 18:56:51 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7C71 33 KB
33 KB 205ms
85ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRNGodLaHsp1vjOgwLIJb9P_7_hxbAMqwbAr3aAU-4McSb0HQNGJTpj_pljSQ&usqp=CAI

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab2fc2a0b1f69351176de37e0fd0dfa58d26651e7148e817c74a4406bd84a0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:50:53 GMT
x-content-type-options: nosniff
age: 231663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33884
x-xss-protection: 0
last-modified: Sat, 24 Sep 2022 14:24:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 19:50:53 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7C71 21 KB
21 KB 191ms
77ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTBCxzTlgoxEdLwEFr91-5pEStnlepRCxgpf8bC9oL2RPG_Vn47GGk9_5D9oIE&usqp=CAI

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4af9473b8596150d66b8319829d1440d97be876c21dfcc0dfa347571f5ee33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 15:14:37 GMT
x-content-type-options: nosniff
age: 248239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21465
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 12:26:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 15:14:37 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7C71 34 KB
34 KB 193ms
89ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR6-CQJxkRKZF3jjvo_IT8BkXSMihBQ3UuTS894xFOVETw1mRKrHtQExeqhqHE&usqp=CAI

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1a7e00e11523b6be00e8c6d54728f59e5a12d1d035b31295be10bbe844e900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 18:56:51 GMT
x-content-type-options: nosniff
age: 234905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34548
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 10:01:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 08 Mar 2024 18:56:51 GMT

GET
H2 200 sync Show response
event.dxmdp.com/rest/api/v1/ 23 B
342 B 56ms
55ms Fetch
application/json 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync?audids=xcYmesNs
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 6644b38612adab7c985316a135aa23e3accb658eb27bd7d9239b18b6109f74ad

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Sun, 12 Mar 2023 12:11:56 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

OPTIONS
H2 200 sync
event.dxmdp.com/rest/api/v1/ Frame 0
0 68ms
57ms Preflight 34.241.105.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync?audids=xcYmesNs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.105.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-105-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 BJKJAgxjj_0_123_1063_598_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/14/BJKJAgxjj/ 17 KB
17 KB 44ms
40ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/14/BJKJAgxjj/BJKJAgxjj_0_123_1063_598_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b4524b22ee5f7e0f719a731cfc2b36f9709cf69be079f3b251347d12eebe344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/01/14/BJKJAgxjj/BJKJAgxjj_0_123_1063_598_0_large.jpg
age: 109295
edge-cache-tag: 624556012670033479087061875787207475343,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 624556012670033479087061875787207475343,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 552
req-referer: https://www.vesty.co.il/
content-length: 17082
x-request-id: c6516af011506e9733b9f56f0d87f7f1
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000056-IAD, cache-iad-kiad7000174-IAD, cache-bur-kbur8200082-BUR, cache-iad-kjyo7100103-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 11 Mar 2023 05:47:00 GMT
server: nginx
x-timer: S1678623117.854166,VS0,VE0
etag: "d033a2444602a040870887056ff6f8c3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/H1jfxSU1n/H1jfxSU1n_0_0_1000_563_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8066f3032f328de26f28d61237d6a5a1c7cb181a70bd93ea71ba1a34d127435d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/08/H1jfxSU1n/H1jfxSU1n_0_0_1000_563_0_large.jpg
age: 273380
edge-cache-tag: 556303468899025167912654498982942963702,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 556303468899025167912654498982942963702,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 562
req-referer: https://www.vesty.co.il/
content-length: 34242
x-request-id: fb32bc1682d1d56cd41c3f4ce279165a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100052-IAD, cache-iad-kcgs7200038-IAD, cache-bur-kbur8200122-BUR, cache-iad-kcgs7200081-IAD, cache-hhn-etou8220028-HHN
last-modified: Thu, 09 Mar 2023 08:15:28 GMT
server: nginx
x-timer: S1678623117.855477,VS0,VE0
etag: "0965fdab8caf3cf60c0dc6a3000e2e93"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c452776218368fe2dc4db298e421c93.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6897e63fd1d20948f67d3ad677f87386e3d8edf3a3c5bd45c75c19bc9bf74d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c452776218368fe2dc4db298e421c93.jpg
age: 477587
edge-cache-tag: 336254153275683835860512236355822591184,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 336254153275683835860512236355822591184,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 162
req-referer: https://www.japantimes.co.jp/
content-length: 41736
x-request-id: 501110d20405313d4d374a739ba39c84
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200128-IAD, cache-iad-kcgs7200099-IAD, cache-bur-kbur8200169-BUR, cache-iad-kiad7000083-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 01 Mar 2023 13:12:19 GMT
server: nginx
x-timer: S1678623117.909086,VS0,VE0
etag: "e240079e35b728c2b8dbc8fda0920b33"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0610623ba1a30857f5e9a2e1eca4998aef758edfa6c7e21f6e17c98d8957c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1876bdacfa827147d3c97aaa19f2457c.jpg
age: 5354803
edge-cache-tag: 384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 384355357410086004916290335446626268801,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 81
expiration: expiry-date="Tue, 31 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.saechsische.de/
content-length: 3704
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100177-IAD, cache-bur-kbur8200160-BUR, cache-iad-kjyo7100026-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 31 Dec 2022 15:37:01 GMT
server: nginx
x-timer: S1678623117.909041,VS0,VE0
etag: "f4ad3f4c1c1af79f0ed44cdd7e94fd5f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 102, 2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CE5 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgNzfV8SG98W7kHfbS6p5ON6Zu9uJt-TrefuwZw14ZQhLx7wI-hfePKf65lJklUS6B8vkL8Saiz02Fi1M5JaHhUhcgJh8p9jYyloPpVutF4B74t67GSD0Cn171V48GsylNR1ksOe5DKRSFsnSQlZ9AHt6DSFwya4DioNfLbsqt3G80syrR0ISgjUkvs7ksipvXulI4tajIpDV24rAAj0khjkU-uQiqRujDP20emV6Pi3X6nGBJQNpMaSvj5KCxqnSh2Gtjn-Wx-gery8WEZeSVECSo8_Zn2DxqhSLHaIABt0Pg7cKNVTH0XyyCONMFxEphekQTIPQ-3BXI_w&sai=AMfl-YRC5b4GW7_5XWuivu06iG0FawlfrQoOE0TM9Gopbq6qHhXnsaPIfch0qPgg9BfmYq1vdOOHeQfi9Cw5VG9ba3cZwgwBiwcKXwor_RSZGWliYgCNvl7RJBXGTO3BfChCmhBqYN8I5shDzFzXIRFp&sig=Cg0ArKJSzMeL6XfcI3ShEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B34 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3606
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 11:11:50 GMT
expires: Mon, 11 Mar 2024 11:11:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E55 783 B
970 B 153ms
152ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27cdf776f81d7f52148bd17be1494ef7b9af5f132db2125a94df52cd1679a4dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cp9ChSCDPsBA7uOE2J5O7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-cp9ChSCDPsBA7uOE2J5O7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:57 GMT
expires: Sun, 12 Mar 2023 12:11:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7726fd721a0bc57c7a1fa948f21a7633cf51772a7f0d29dc15fd9097d9ce0513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 3956337
edge-cache-tag: 413171760462916128786953021986728628513,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 220
expiration: expiry-date="Fri, 24 Feb 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.5min.at/
content-length: 14488
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000129-IAD, cache-iad-kiad7000072-IAD, cache-bur-kbur8200108-BUR, cache-iad-kjyo7100112-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 24 Jan 2023 10:50:17 GMT
server: nginx
x-timer: S1678623117.947947,VS0,VE0
etag: "98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 109, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/354a153c62dc78df948cc03e2b50f60a.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 974ff0bb3d9d0ddc9177adc3476a5bc655c1b24e38a9ba27f781a3d9a533bbb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/354a153c62dc78df948cc03e2b50f60a.png
age: 3532980
edge-cache-tag: 418240838448372678176251729206200855582,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 418240838448372678176251729206200855582,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
fastly-restarts: 1
content-length: 15610
x-request-id: a07597896a5795e1a93d52d88311c011
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kjyo7100036-IAD, cache-iad-kjyo7100036-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 03 Jan 2023 17:51:17 GMT
server: cloudinary
x-timer: S1678623117.947929,VS0,VE0
etag: "718441ef0308d6cdf81ea7347cde70c0"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 143, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce62cdd1637eea6ce6d7b5030eeebe2b.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 315a0911ea473c0a872ad26fb14907c1b76eecde302c3f646a33f2b6b996d4e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ce62cdd1637eea6ce6d7b5030eeebe2b.jpeg
age: 993623
edge-cache-tag: 539296037196432950454530049420905489369,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539296037196432950454530049420905489369,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 247
expiration: expiry-date="Fri, 17 Mar 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nasdaq.com/
content-length: 15466
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200139-IAD, cache-iad-kjyo7100178-IAD, cache-lga21966-LGA, cache-iad-kcgs7200034-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 14 Feb 2023 09:41:15 GMT
server: nginx
x-timer: S1678623117.947906,VS0,VE0
etag: "23627b427fbb16ffc0351e4b0d3c9cb9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed5a8c35b728a45a871e9ba8c8ae9dae.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d931654bc346b6e836b4644266c0d4670e4865f82673af0221048c6e6abb2d27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed5a8c35b728a45a871e9ba8c8ae9dae.jpg
age: 2296628
edge-cache-tag: 341807567282485810221409549239784864402,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 341807567282485810221409549239784864402,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 155
expiration: expiry-date="Tue, 28 Feb 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ynet.co.il/
content-length: 20086
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200040-IAD, cache-iad-kiad7000043-IAD, cache-lga21932-LGA, cache-iad-kcgs7200085-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 28 Jan 2023 17:47:29 GMT
server: nginx
x-timer: S1678623117.953404,VS0,VE0
etag: "7ae6a291ce2a98b82f45f0db382aabe9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1527, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/11/02/HyKBwr1Bs/HyKBwr1Bs_0_244_3000_1688_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b4f93c736508c87de89aeb1ea0d92d3227713d5dac90a93f34f38ba9255d97c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/11/02/HyKBwr1Bs/HyKBwr1Bs_0_244_3000_1688_0_large.jpg
age: 621016
edge-cache-tag: 464789196384037758366390267500440877666,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 464789196384037758366390267500440877666,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 474
req-referer: https://m.vesty.co.il/
content-length: 16032
x-request-id: 4bc8131ce280e57d13c28892a5b0f6ec
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100057-IAD, cache-iad-kiad7000074-IAD, cache-lga21942-LGA, cache-iad-kcgs7200054-IAD, cache-hhn-etou8220028-HHN
last-modified: Sun, 05 Mar 2023 07:36:36 GMT
server: nginx
x-timer: S1678623117.954937,VS0,VE0
etag: "651e397245a8097c813383fbfb027bd3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 4

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 51FC 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssv_purASUchtoD7ijkAFmiPmBWigDdLqoQrTqM27I3Wbsdpea9YeDfg9sw4FmaxTRRrom-Gsi3_ZpkdCnQYok9QR4NVZmrpWjqalt5DL0u1ZSY2QB6QAmQUnVuG3iNa0Z354LAiNj0j0ZmEZmoqbubskbCPaUh_VOe0ntzampcBBll-fDxXBNLZcfhq8y79zyfep87t8ujnBV8vltVNehV0jGZcbuX4_SzREsRvxVavVBYiXfezv_BgW3igYazrYpdv_FuCHFIkZ8BiTkcYi6pL53wTScSdu3ElXYLhkHB-gYP2N4vmrkTl-mrI8cepE3LySt5K5M8ir1ARF30&sai=AMfl-YT3u82kRLYv5VVpTidL1UI7tbDKKbiWq0fCJnqmo91a7RdGHY7bxcnSKOX8xqHtq7NYGIBi7htjjQLfLk372EtQuNeHJf0O7guyszg1paQhxdB1WnEmR2mdDZQuc6ZIQpRxCEyHLTVCAY8qWrEu&sig=Cg0ArKJSzMCMlAZOrokKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

GET
H2 200 B1NSXVtnj_0_78_1280_720_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/B1NSXVtnj/ 31 KB
31 KB 40ms
40ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/B1NSXVtnj/B1NSXVtnj_0_78_1280_720_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ec9b9eda1473038ef4956f8f0e2035bdc00081e08fb65ada2057d9637fa82b92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/02/02/B1NSXVtnj/B1NSXVtnj_0_78_1280_720_0_large.jpg
age: 321231
edge-cache-tag: 620444717821799835831364453387258010285,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
cache-tag: 620444717821799835831364453387258010285,377215341905243169283200138401510287004,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 510
req-referer: https://www.vesty.co.il/
content-length: 31502
x-request-id: 9887b8d834d49a15978502020bbea366
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100176-IAD, cache-iad-kcgs7200118-IAD, cache-chi-kigq8000084-CHI, cache-iad-kcgs7200076-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 08 Mar 2023 18:57:37 GMT
server: nginx
x-timer: S1678623117.991932,VS0,VE0
etag: "8d413869ae04f9eec322c6a124f23d0e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1650983059736/content/gallery/freenet/unterhaltung/witze/2022/04/25/collage-kinderwitze.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d4a7569c3bbab7ef407fbcaf065055c8e6ec9a6ab505636ffdf9ffdff523bde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1650983059736/content/gallery/freenet/unterhaltung/witze/2022/04/25/collage-kinderwitze.jpg
age: 3474848
edge-cache-tag: 606797021207318003192608683425898339943,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 606797021207318003192608683425898339943,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 987
req-referer: https://www.nrwz.de/
content-length: 15350
x-request-id: 0446d84d5214f3a5eee11e83a12d4c48
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200020-IAD, cache-iad-kjyo7100107-IAD, cache-bur-kbur8200059-BUR, cache-iad-kjyo7100173-IAD, cache-hhn-etou8220028-HHN
last-modified: Tue, 31 Jan 2023 06:57:49 GMT
server: nginx
x-timer: S1678623117.994179,VS0,VE0
etag: "a5f94c9aac37198e19570e475b38279c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 11, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2020/07/07/HJ8pfnWkw/HJ8pfnWkw_0_712_4032_2268_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 479a1e54ef2ea9909a5194cab4c9e3f00c2b9219b9d6c453bfd59490fafc7ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:56 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2020/07/07/HJ8pfnWkw/HJ8pfnWkw_0_712_4032_2268_0_large.jpg
age: 962192
edge-cache-tag: 410698754459000781841472742476979685853,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 410698754459000781841472742476979685853,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 87
req-referer: https://www.vesty.co.il/main/article/ryhdbrusj?utm_source=telegram&utm_medium=referral&utm_campaign=bitly
content-length: 39318
x-request-id: 5963c6fe689207478f96022e5e50e6c2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200053-IAD, cache-iad-kjyo7100104-IAD, cache-sna10726-LGB, cache-iad-kcgs7200030-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 01 Mar 2023 08:52:59 GMT
server: nginx
x-timer: S1678623117.994245,VS0,VE0
etag: "b58662bee385ab379dcc2dce97b40ea5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c66670de4926d10bbdfd049c71555fa7.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3d594cf90108912af059afba3d7146c424d5040723764643cb19550f1ff1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c66670de4926d10bbdfd049c71555fa7.jpeg
age: 5601061
edge-cache-tag: 527114009379620393652758805390184209368,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
cache-tag: 527114009379620393652758805390184209368,350619564615369038224034608363896712309,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 133
req-referer: https://www.rallye-magazin.de/
content-length: 24358
x-request-id: 94db5b778b60f1a3225eac64e4755461
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000085-IAD, cache-iad-kjyo7100023-IAD, cache-bur-kbur8200088-BUR, cache-iad-kjyo7100098-IAD, cache-hhn-etou8220028-HHN
last-modified: Mon, 19 Dec 2022 20:01:19 GMT
server: nginx
x-timer: S1678623117.002666,VS0,VE0
etag: "aacd7a3bef6665500c5ad490cb3a717b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 22, 8296

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB90 0
0 79ms
79ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7WApDAVhtVlixdADKHr4hJoxe6m_FwN9pnmWqQ6slp1V9XoEjL36AVQPTWe6OkQ6VTc5456o8baYXgj9O3zxHO_JCP6zoPFWRRKhh7EG46Kv3tmQOqRUioGRcs-0cXClQVQ78Y--fS5i-3O-Db1QyG8Zlb-3GAMiSPdJ61ZHmhzKtmNYefQ0nTx0Ewgn1NnGF_DPIqDKT8FHSG6ZRavR7SvxwpT-JNkZBX_RYKUgYUVT4je4DBs1sG-iSIm4xb8qgnQ9-snsY3Rnf-CsV8opGBtF2NrJfMwiCr8XUuOKcALjezaV2do9j8R_bB5RRJ-YISLZzv-aPqXOECJRM&sai=AMfl-YSh2sMwrK9_-MlYcxHXu_zcHjvyZtGZZhT-B8l6XAP31lq2jg1e0QX0FT_6M43GQveh35XB1bixDwBodCtcmFZUYaN1LvKvc_YyV1jNForaYAKfvuo1rBhQa-83H6GDFXCk30t8pwWydNqfQiJm&sig=Cg0ArKJSzNQvH7YUAA2oEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:56 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ac8522f8747e5f08d2114307a551b58.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c8232dea0264696ca1534cb5ccb8dbb455965586f5eac6ce9071fba480e81e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2ac8522f8747e5f08d2114307a551b58.jpeg
age: 413939
edge-cache-tag: 386894635509480960477377969209426848645,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag: 386894635509480960477377969209426848645,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1134
req-referer: https://www.vesty.co.il/
content-length: 3192
x-request-id: 3af9fb306d86a0312221b344c84e68d2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200140-IAD, cache-iad-kiad7000030-IAD, cache-lga21921-LGA, cache-iad-kjyo7100062-IAD, cache-hhn-etou8220028-HHN
last-modified: Thu, 09 Feb 2023 12:15:24 GMT
server: nginx
x-timer: S1678623117.002674,VS0,VE0
etag: "e3b6b0b401e76d3dbff9874cd0108cf8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 2

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C5FA 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYVZ3MRujtnukVmzaH6cbVSSOPDvziGD4oAiXg89rFK0vKlMT1dG-iXUBqv-1XCqIgGbUQpFZjNFREuhWyIrBNXzogXsx9gxHwaYCEUei5ofE2yjRVNHg1kZR2xWRa8J-BKjWMOgAwQcl4eDBY6laqy3qVuerq7zs_-ErEVp3SHlguJWxUIPN6ePiN65cidVTUXUiluzzh7cK9_KHDWVi44BUDb19Zi4HrNeskKGenjK5e1enpHTuj2js-ZMBRi8EIjSbSE09IdRfK2IfLxiMwQR1iCVEjKZMF9F6LKyUVsXqINaIfT7YgRf0KNc_mAXWgk9xzk1n2MQYKkqay&sai=AMfl-YRTp5LSh1v2PM-Epdp2suONeaS_cR7JWXBGj1VXoNo2tHs532TcdnEoWOT9E8y6j97_zbNgx7TkpTk98udN5azNnFijaOAEvR0Q8L-pK-DhjCFYF5IjkYKzs7usUDTKM6CjDqzpHFcudZj2Mezg&sig=Cg0ArKJSzDQ-PY4L-KksEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 12:11:57 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_135,w_240,c_fill,g_xy_center,x_1355,y_689/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e16f09c53bee1e2bc58a362882b70a1e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c202a6b938d7d148395310ee84652594a7805d1ead88215b0b3b369edce3d0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_135,w_240,c_fill,g_xy_center,x_1355,y_689/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e16f09c53bee1e2bc58a362882b70a1e.jpg
age: 3975558
edge-cache-tag: 422629802938984782540274969156887624408,512352068810349385554458407125906134447,29ecf9b93bbf306179626feeda1fab70
cache-tag: 422629802938984782540274969156887624408,512352068810349385554458407125906134447,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 213
expiration: expiry-date="Sun, 29 Jan 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ynet.co.il/
content-length: 4372
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200132-IAD, cache-iad-kcgs7200171-IAD, cache-bur-kbur8200160-BUR, cache-iad-kcgs7200041-IAD, cache-hhn-etou8220028-HHN
last-modified: Thu, 29 Dec 2022 08:22:29 GMT
server: nginx
x-timer: S1678623117.036624,VS0,VE0
etag: "ccd65b27fdf497deaafadc30de93646e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 5, 2

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 24A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1

43 B
632 B

42ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNXD3yaBVl8djSy5Rr7iYAb7_-kMHgJxcDN4td5gDkRO2ySwZo6Lzc-YiJmfV7zdSx39BKV6SaqBB6bnFCxpr_Zl-612PV2wFHIn7gf0J9debMKDGdlxk91lXedA_9bmyPInlYL97GYDQm9QIVjgcHg1GCI_u_3l6MkPa9Nnc4JOdfneN6o
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 24A0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA3BjVDHfFRIFIuK.p8sKQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNXD3yaBVl8djSy5Rr7iYAb7_-kMHgJxcDN4td5gDkRO2ySwZo6Lzc-YiJmfV7zdSx39BKV6SaqBB6bnFCxpr_Zl-612PV2wFHIn7gf0J9debMKDGdlxk91lXedA_9bmyPInlYL97GYDQm9QIVjgcHg1GCI_u_3l6MkPa9Nnc4JOdfneN6o
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 24A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECfnBZag62W-pmmHzoWffsE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1

43 B
1 KB

41ms
40ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiq5LvGATAB&v=APEucNXD3yaBVl8djSy5Rr7iYAb7_-kMHgJxcDN4td5gDkRO2ySwZo6Lzc-YiJmfV7zdSx39BKV6SaqBB6bnFCxpr_Zl-612PV2wFHIn7gf0J9debMKDGdlxk91lXedA_9bmyPInlYL97GYDQm9QIVjgcHg1GCI_u_3l6MkPa9Nnc4JOdfneN6o

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
AN-X-Request-Uuid: b772e816-7b3a-4058-a0cb-c33a8ff71386
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
AN-X-Request-Uuid: eda42a0c-f2cf-421b-abc0-78b40541bfb0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 24A0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D

170 B
232 B

53ms
52ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 12 Mar 2023 12:11:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b5f7d3b8-f181-4c51-88ff-eee6c5759e41
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 78A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1

43 B
766 B

43ms
42ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNVVxpPWW4F5DIrqcuMbIXu93SqpclQRWI5HEXA0LBsClAn5UzqclDTYp-sm1KzYxKHjUjCtMsQnFqWrTmHGgM0LZYQkmUbVo3SXsCcoFcfQQC7S8qmdxW23rvrYeA_T_2zZHLXy-104x9QADZlP6E1bLB5pYUI_vDu_UU35CDuS-prJze0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 78A4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZA3BjVDHfFRIFIuK.p8sKQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNVVxpPWW4F5DIrqcuMbIXu93SqpclQRWI5HEXA0LBsClAn5UzqclDTYp-sm1KzYxKHjUjCtMsQnFqWrTmHGgM0LZYQkmUbVo3SXsCcoFcfQQC7S8qmdxW23rvrYeA_T_2zZHLXy-104x9QADZlP6E1bLB5pYUI_vDu_UU35CDuS-prJze0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPGdQkEy32a1igmfiDYnKfI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 78A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECfnBZag62W-pmmHzoWffsE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1

43 B
1 KB

61ms
61ms

Image
image/gif

37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjW7bvGATAB&v=APEucNVVxpPWW4F5DIrqcuMbIXu93SqpclQRWI5HEXA0LBsClAn5UzqclDTYp-sm1KzYxKHjUjCtMsQnFqWrTmHGgM0LZYQkmUbVo3SXsCcoFcfQQC7S8qmdxW23rvrYeA_T_2zZHLXy-104x9QADZlP6E1bLB5pYUI_vDu_UU35CDuS-prJze0

Protocol

HTTP/1.1

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
AN-X-Request-Uuid: f60dbbc1-88c0-42a0-a06c-bf9c45913f74
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
AN-X-Request-Uuid: bd67ae1c-5d71-4d54-8db8-08bb16c5b28e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECfnBZag62W-pmmHzoWffsE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78A4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D

170 B
243 B

51ms
50ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 12 Mar 2023 12:11:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.102; 80.255.7.102; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: aaa4afd7-e8c5-43cc-92bb-69d81477429c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMzMzE5MjcyMzI1MTkyOTA4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/SJExQDdy3/SJExQDdy3_0_104_799_450_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a2506cda1e225983623e588ed4aa947210642dc6951d237adfc608f6c82d310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2023/03/10/SJExQDdy3/SJExQDdy3_0_104_799_450_0_large.jpg
age: 182589
edge-cache-tag: 441486093321831569411618580053604570466,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
cache-tag: 441486093321831569411618580053604570466,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 289
req-referer: https://www.vesty.co.il/
content-length: 4580
x-request-id: 5e5b9cb991793dbdb3aff50db9d51036
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kiad7000140-IAD, cache-sna10726-LGB, cache-iad-kjyo7100141-IAD, cache-hhn-etou8220028-HHN
last-modified: Fri, 10 Mar 2023 09:28:06 GMT
server: nginx
x-timer: S1678623117.054068,VS0,VE0
etag: "a60f6d99ed94d862daee70c5d94feb4b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a1e30004b50c8d7a2d53960d9e01767.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dfc49cd1a72ca692c404422e9e0c6797459657e93634ff09bd71503f0ad4ae07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a1e30004b50c8d7a2d53960d9e01767.jpg
age: 443751
edge-cache-tag: 603101138924994746875499844187695643666,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603101138924994746875499844187695643666,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 270
req-referer: https://www.ynet.co.il/
content-length: 9534
x-request-id: b8dbf894b6c14621b9579469775e9edd
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200107-IAD, cache-iad-kjyo7100120-IAD, cache-lga21927-LGA, cache-iad-kiad7000143-IAD, cache-hhn-etou8220028-HHN
last-modified: Wed, 01 Mar 2023 12:41:34 GMT
server: nginx
x-timer: S1678623117.054047,VS0,VE0
etag: "a5c0a20fd5040f565f339ebf3dca5020"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/18/SyguHOhQ11j/SyguHOhQ11j_0_7_1000_563_0_large.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ae071e63b88e6c852bfa05651fda24652949d5ae6b244d2df58c313546df5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2022/09/18/SyguHOhQ11j/SyguHOhQ11j_0_7_1000_563_0_large.jpg
age: 1139444
edge-cache-tag: 609668837402123591375190430997183407279,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609668837402123591375190430997183407279,526441669587151756695374654263781131589,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 400
req-referer: https://www.vesty.co.il/
content-length: 7748
x-request-id: 7bcc4183fe6c256f22a06007048448e7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kjyo7100104-IAD, cache-lga21945-LGA, cache-iad-kjyo7100141-IAD, cache-hhn-etou8220028-HHN
last-modified: Mon, 27 Feb 2023 07:37:45 GMT
server: nginx
x-timer: S1678623117.054600,VS0,VE0
etag: "baa1e799563aa6715919878b70c19355"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 7386 719 B
564 B 133ms
49ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&cmcv=&pix=undefined&cb=1678623117061&uv=3261&tms=1678623117061&abt=esv_vA!nonrv_vA!nrlc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=5348f50e-4276-4f34-889d-b2656ea957c3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fbf08c4d01639c653424ded1023e1d5f1f5010cdaa29d192d10090c9479715d4

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sun, 12 Mar 2023 12:11:57 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn-etou8220028-HHN
x-timer: S1678623117.170496,VS0,VE9

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 28C8 564 B
649 B 82ms
44ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4b0acb5b956e0838f74b55d4693710c5f2f5fb43d6ad98609eb2882ad7df92eb

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 12 Mar 2023 12:11:57 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 135ms
43ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&cmcv=&pix=31589837&cb=1678623117061&uv=3261&tms=1678623117061&abt=esv_vA!nonrv_vA!nrlc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1678623114173.4!ts:1678623117061&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:57 GMT
content-length: 0
server: nginx

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E07B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

49ms
48ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3286216932891&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3286216932891&version=m202301230201&ct=77&x=1&cor=1209912474091735600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E8F 15 KB
11 KB 83ms
81ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxnzfcYo0Rw_O6jTyCRxVn-AZ_R4Cj77CyZI57VPPxpjEyNedFiH8FaOV1YSq1pmbpFRLzFi-LOnQ-4JSI4gUGBqvZNOL4QvuDyvQo-slFhCTGVyQjiNEn5hpFu-S769bBTz6yyOZDinxHb2Blr3oALXPGh6Ka9yYrIx97p5rc3ITN6co&cry=1&dbm_d=AKAmf-B66VYvB3e1vZvJ07N4yDWxeIqyKJI3VxBWqvay0bXJrVCaSDyROoK_rxOHQCli2lQPrW7q2ZNCmYvvuFpzkZo7cSwxK7Bf2KhAyDjSyjUHNy-TOPAndRD3iEnKFNmNsYppPlC-vm28SjRPHdyvSt6-0FUMy1eg96J90HbyJOp_Tz9kLSfCcC9m6XG_U7RocQ-e15yFra6XZ687hT2BjbfmbxTPiK18Fhe3nqq3k5nf4zTqN8brrzwugZZzG099sNrxSMq5vY1Wsi-TxfITkLwqPcfyYoZ-S40Q1pFD0ObheKqLKl1274neXNsOwlZtc-hjAxhB2o-k3mAFLjSMk8QomM-0C2y0l4vER3qpPsurbtkaUP-zTDRF93vWYoeSOZn9-oV2rJ9l00Ma2-x9xwbcRUEOLwZ3vF9rbiolrohZra2AcCnf0aaCAerE1PUgbf0gj0_oZcEALRKdjsS-9iZlViPe_lJZpFrn5_MCgJQUOU_lWvkvhAli26lDkM48dyJV-3Z5ZxI1AGTttTzTdqOrsZ4e9PZetTDEUCu9kJsBf_mQVHaDnxBJL8BDMYO-kObCV-6XMBy5Kthd9rU1RyP8N9V0S2CqHGINFDvRMkN1hi0_LR2Zh4R16XLrddrj1oPMeThuprig5SZ0Y4uBd9gZUbYVf_EaZp1h1vI_hcw_f9s5jN1RBXOPhtwAeiUKZ3EAfU7PzLMCVXnP04MDflJjheyzffNJ4n0JVdH9MnSJGGUAEQjmIvObWAFjUM4QyI0JS6KXCCNJPobEewXvFsv5an0dBppuLUXykDIP2NDd2okICAW8NK8gHz1OhXQOBm76wYZ-Gd_N7sC8zwishOjeNNM7No9o4dUiBF6NCVqxxc9nSE_nIFBXRh5U1GK43vcsT72wofnYvMJPw88DCi7zdVMhwf-3Q7Fr1oAEnZ_jt6rF6x0AGrKGtHLdAFZpia2DWt_VX9LMs6BuO8EALS2fLCulF7j6AyE92PxzMfS9Uy7PxtnKOgtmo53kiagPsTXLnvfykp4ZXzpAV38-yLtCBxh4UZVmkCXsn6SK7PxdcpQirdUYgHMkDUw69NqHX4Ra7EFKGaT0mIzTqeX0qPF2x5F96wYrJSTsOyWmgw5c5DtZfDvEmV6XYGPNcQwRc0Ey4VBW1Tnad-nKmADJEnraVu9lTXEYXWFSrpe_GkYFeo97ST0JpNomibF7qzdFQy72if1B6GvzYmwZpLUuYH1AFnYbm8ovUTr7wT_XI7bDyS0A36katiUim_Lwz74lByijnojVN5y3bK7wQ-bJsjUhd8KWd9mXF39si39v2kX9ZuETkFAun8HSZXPsXVei_3IISa9HK57L-mptbyNiSrIm9IO0MCXMw1iliaSNVHNKblzAM5qNsKpKNXamLnm9gfL37eY3UiPB6e3dqJVkb8TSJXCwgwKhWNadZlH8OAcmhkaRdmyC1H_jhT4QEdxKRhhERehWb1jguvaKA-K1rIjg_wtqGNCpzinMDa-c5GReQrjrt83cCzAlHPBI1Qo9uWHqm5dng6J2sy8tFaabVUiFpFlvaAL2FgRG6IyBo1stzmh0TlDNp3zS_smdMoKZcervvyuOfcUy5Qu5OFCC19utZtFmnX4xk9qgi4xdMizhpnEWM9uWk1TSDOqc_XBuIkqHksZolZTEfIIhvFh1v-UR1qy9ZESLHY1_mzWmLFPLlEP90w545sNiIA7bi_Pc5Tmwhr5cgDugVI3OzpKiOuTgQEr3wNe-JoHkLKf1TzmEZSK1lHVHObA6VvUfZ9fr_EQXssXUhoozLo0N1qXs4S5wo6zU5QrWwndHnzdALrk2spwTG3pRAfdFzYLLEMyDKU8E2tusqW2CedmhuuO_gLkDJjbAD4AvCsI-MmuTMJwuK_U7sy8dvFzmhhCgq93khOyjkAvjf39SCIJvZ2RER8QgYvOL05a8PbXUhbalf06TALFVmz96hvv0oBi-vuMoO3wEIgOMb6HWLUJmGZL9sqoj9krU1Olokrpt0Cy_t9KGt-6KyUGKxB5vwAufnfha-k2fL2f9gs0y1-fWICopHDp7A5nHwyO7byKSzMj6IsNaoOKlJsbpFbbXbVBmUPAt91hLUrU5a-JI5i3mbrPi2hnBvTsTm8OQPeiJWOwvuJAfkmUCN436iOlZ4epNOskNWTGPGK7JspeY5rm428hBCEqtCW07Q5AVAVsrKYNi7mKidli1wn9x1bKiCWqnHaJbIkc6X-6ao3RJMXeWv4GoCiCzTdn7apD0rxvXLXK9lceox4eqYL0xydECBTlmBMqZVnT9e6bbCiqq_oYqT9iIL5QiIxfVMn0S0dtm0OnkcCnR7a7pq3sraXTN3yIQlK_2xELLmwaFqmTNqkA8_8eM3b8YnMkNBHg4H4zyNKu0d1kfzAZ9HM6kX092iAlOt4gFwDN6nCWD7OicSW_e91uaZwWo5OnGT_Ml0XwBektpAbhF-3QI8x8-kaOPkaJEUZOLrgYF8awCzk-0GFkn3iEFDmZ9e8f7gcOnWmPfMgktgDJ3e7U5ggwm6JjDpVhz5ABpqwwEqAV1cYts_EyFe7i9aJRFOyG1HQRCFnddEpY8iIkMgIONuG0CjVFvsut_E-r2CHhP7lyn689Nv3WemuFT5s_QMfX0oEDw9tPLnhPI0_iN0b7orEwjU4hqcndnz0xgmY0_t8OdKG3XHK24aFau0NN-A0bQnay5ONq0KzODjSSYP3ycFyTSI4cf9u-ex9Ei-uiqUj279MMTwoM7ApIu9hGo-C-8g0IV5cZfNqAk4BgHkJyOuIFDmQAZt6avl9OJIFOvCHjyqi4MMRdXuB5tHQxwbVKNBcLZpyjcEK8HLiP3Pdp8Y-ZCJ6KZD_zzWBdIl6kwzOt0v3UOcdpT81qhvSXBIbKJM-6zdsuxTyjI86iQyAuEZ7EhIE_d7MoPDRIMhy-B5yU4niRuowEsP1zVpzd9nHn7YT_odqIHNr0_-Jk_wDdGY_fTmcEfGipwmMbYL5spmeOJPTdJFp28npytsj_iFyyHk5hfJcWf2qsFGQ1WEhDKMYmgg9q3D8JKgeS5p3jI7EMG3_vPCNvowc4RQbavuMnUDx3x-RMXTfDI1hbWp6TUzbBTvWw78jKZ_N8Oou54c_K7nJYPjUKh3mssOL115Kg4ZAdczonnF5S1lNmwCuatN347MgAD27sM-CfWXDZBrMvncSi5R4cxm7jUB2VOqcZceR_DnhzK0z-MFhZPxyJfXzn0FfDnoE1aed6jtzbQantsLCgHmeaTQTWLpgAyIeiJL1enVwb8gDdZZt_Uh6hoSunMPAgNCoiNnSv-sC3Q_uQMvSf1qRPgzUgY1O4xL9CeHhQ06Ecsh1my4mrgmMVxDGv-UlDHnTH6CP3wjiMG06e6YN-r8jos1TyR31pqeBapoXWxk6oMjLl0ZdanqnQVZImf5leeSrpOq0swRwqurLH9UoVQ4qe16_LmIX-o2Y60iM-rojf6AxO5oooBosPxG0FoaY94FljyMwAngWp6J4yfh1VADh9cifsjUgYikKV5Y_byJRVnfPhcHUQPRVarMpr8rEGWqWeg0guSQNHrbbvkNea7rheet3Wh0KAiZr9_3_7QvLsKvJu46ZNqduHeau0dlEpH4mT9rJq4oWGm4Sc4QBvv2V1MJEH5KkFva9Ug4FOg8kkGjbAlAZbG6HdfsuDlgGA1FOUoKtwvg50wOLhv0iZsO-PL18KUSyvM7SW3nEwvHz-Sr4MAL1jscL1GIBUhIj1cncibG_TUfXYtGUMM0oGF1bjld5SN7qeAmzm7JK-K8AFD6ee5ZqWLJp0pUIYvKxwBKf0uAdAbNOyMoFekLXy0R8mHrdGI8WfCWsKuu2PQQLPTO4WJmEbP3Lz9-iTihQ2eTsvttjtp9x2CC4XXVvloXAIsBVJJad2jhZXfYXjkuwQIrNaTrUYJt3qEFeqHx99joF3WhFiMoLHL5jcpKiwDcdL6bJR-2D2aI4SidCa2HnT43UT1UrXMG8Kv-C8&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=1209912474091735600&adk=3944675600&idt=214&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb30c23b6a4e2853813ce875d67505320aa4a3983eaa4ecb6978492abf733313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8C01 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4190fd13bd1c650624071fdcc2ca777c6a5f3e2ded079d499f9bd293077012b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8782937513944&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8782937513944&version=m202301230201&ct=77&x=1&cor=2381010842241339000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8EEF 15 KB
11 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0D6o487y3sIEJnpG4sdPne5tLk8TwyfSGCIsmuLyFLMPiB6WS3EBedK4XgX8FF714hbRmsK-0oc5TWb3leynLQ6Biv1XkhdQlBjSJAwg6FyB3E_UV8hmWImz_YXpHuQ8OYAB6XRZ58YZHEoI0sCV1DOTFxknRZuW5LanBx9H1Oui0Ve8&cry=1&dbm_d=AKAmf-BmmC21wfkjj6rgW7Z-DMi6j_ljWxeb3QuuTcX8jeQ7G1S0J70KAbZ7jPY9V1F4yWKXW7HlwmR94iwFtpkvnbBWU-MYcTewlPp23yILZpS1F5-qEOT5LOIzYZAKCgRdYwSAoQee8nr2t7-cTPOpIkPa9qLy7aSM7XeOIkkw5aWMvzDcKyeqay6E7cSAvUYo4dOIPsWZySSlRZSDjjlncJ-yWcuVQaISnk8XQmTMRWybK2VD2wEImBAbn6cDg1CxUKHJfL5C5qvlpZmD1wXAgW7fEOA0QZUYUUelE51VcIBGko4XWPwRXgpjuJbuKyFsR5rEWcpuwFF-wjvT1wzVgO8V75nz1PVER-c3JuWEqQQSDSCsyJit8mtFdRUpRWBSrUBulrHn54kiqFRbi6R6zNN462652hdNd7v3Oq6E_oQo5dWJmeiK2V8QHxXem-ZKzNt2aQWHmZEzy_wB5FMfAbkjPv2DfPgRNt21rPNLH4x1Hcu7wgMleRyOhWh6rd870TInhwUMDx47UXa_sgOZWrbg-CiWZOdK8V1i-_N8ielnpqzp3G_a6YD8lkNYR1Qaam9I8lCQvJJa6_sbBSW_Z_h4t-ag9yHqnwFaNcIT4FcXEbmZXCNVexv4Fmwzj6ePQTdmhqufizwn3ceaSDU9ubFiK84EO2r-fHn4tKsImN-CZy8AxcQFjDQXI2ZUsXGcOg-_OaHJv17qGtiY1v1tRZz6vgqiK_lR2rAPmhnyGIC85P65PQ3ePTgDMa3newUEQY4LUuF37QCtoO4vmtvhOvkcO3cJ8rQ49EMg6CmeESd5BGjHcmmn06yghpNoatba3w6QBhp2ngvJ_-1earqvPW92vJDzWdIPpjqCdS5e-bm7TkjsFherm64XxqED7YiwtZihFvgzOHQj4vlYL4Y2xnkiAX_TPfBRAr7_KzAftQd-gmIcT8I9bd6Bk3nQpsGvi82HcmdywG-nukcAYT0yRa_sSJEpy8d2ReA_3fBqPhPXH-kxkdB5u5sQasdjmg_JjL_v2mHdKkipa7u-RV27_5CvQ1do4en3yw4Zz0RZb_09mpOYfak-TpUP-iwGFYG4XmKAUcY0ZmxtbjGLvFrQ3b0FHUaWmziL2waEA30tNJqzmPrH4Kd5_B8spUk7OPURCa7SnY3akaPeN8ghNgxhvF4vHydRY_a-28v9Lwwr_K-Xv-ZeWRHJvbbONVtQFkucONEdgWPBczbWXdXAGIGE2kUZGL1T0iEJ3Swo88KKc6SJVAZGL1dGNc7jUGaqVeLBCTGeSqc91kuXPGDw72btbpJKUmrDwsitvg6O6df4B4NOQlO2Vonk7wlms6BmOkPS1i5mchpzcfxzi6cPZ7ZH3ozz1QkhGPxzTuWYD_oU05XApGg6EjHSUJufCzmzZLR6e9C8Eq1kABUYQ-ugq6bgkydMIv6TRTf5clZ3QCQovYp4tLCMJFa7OM7fsNEfdEoXvvJ0L3zLQJilPeCKkOB4MOtVLPOvMI22gUsdVGfx1wc8jUS3wrebMupOw7BwErXG3afJMV4II3QVZuaJfSbA6JNJONLIC0qQKKjf9KdGUmuwNEa793L-qjJAHXhgQi-9Q5OLcG-hzWz9MK9u5MZQKJ9i0TGk5zOyyn_0uCfXoRVr1Ie2QMGIVzN-nSxtDX6p7b4jp-TbkJzunJY-cSNBesL7sI4wNL5d_SEsxeHjm-4M9Nunvcxt8iYYP8SDkeOffFbmP4n_LhZYLwyOt66T9gPhk0NHvYL_tZehpXOe0PPXfpMNqwJ2hYiBHMGX8gEoWOjy1Dlq9PBfyIR4_bfvKC0Cdb3Ln61MLA6hSyBy-JHraA5dr1r8kkohEnu1n5A3GeQpkbZnTuz_1bzO2Zjeg_tq5LFSkwW40SprPg7RZPMQnBbCajzN6e9vbNBpGfwQ2rdmlqn8_UVEwTZ0j5bDWpBO9ojJnqr0gEESiz1SDkSLt33VmzD3sSRHJRpLmxpsw8OgM_cI6ljnJLN1yMAy6JUa-FBpj1nO8geVND0mHE0rLMEdY9GVpqB8XKL4yVaMgj26aThQKLh5Zka2XSmsfqwqY9wHL27AAUTtiDdS1XzM8c2p1zsIRmYkEXGQN26sBI71FU4vmiFoRUIJdOeG77RpckTsPs-W3oRd0H0aJAOt3Pzr1PnszovavBjbJQsLv3NL7Bx4IsdSRDZn93pS8JrulAUrPKivIvIaHzsA1fVybyvAQqQEkDMZo8HNw3Zqd9UYBMYnNmLKw9FD2tQ2T9uuKxXpSqe7QVIZkjUyNmqBFRhFX7nBfj3AQO_qcJkXeYd8n2v_o-KjayNPlA_S7avNhu5F5MRxFIW_xK5zllIYj-UZRfugf2ygNJAOvmHJa59J2L6IjwFsjNBg-ohOxgV_81rvdRTGwKV16nc7exBLyoeTrx7D1Bb8eMSpnWy6DXZAAVIcod1IEWgETCgSl2rRgQlS0lzVSI2BOHDDevcWyepwlDlDjiHpMMsMRpxTxM1X9GfYyesCrV5plO6px3cr4Ml62phcFdpYeqzv5xBwo0YeyIiNWExDFrWn_XmVlmFeLoik8BVKEalItmuzCJDIGbcjbpRJ2pHB346eASribtk7PAhXxv55mHENyOlGJY8CvZ9xSi59CIH6nSCLpt02bqN8lOYIAzeIvjp7tgmZbdjycUhdLS33dqup6FAGh3vANdjml1bISfOUPIpGumsyxmtebevkaLWfr_IkFluBzv8P_dkJhc8XCsQJOMMYu0JirDC2jxJtGba90VL0_pLekTiSW48_sYtFBxOmnbY2w9KiIEiFp5VxKSZPfr1uLCilNqE2aQli-z3hEehe51B9AymKku0yuDSGpm3foGgpqcBknOMO3UuefPbl_rT_my3pBdLla7pUOIsXg6n8VqcwUmc9AmJNFaMkJ-Zlk-W6BnX6SvnUNImKMkF0K8K3i9xk50yJAvmfKxVyLF1PIBiQ3A4SbfNV2EPs4du1L2rD8q0WTTU1SpJ2EGQBRBbBrRhlU0yJ0f39UL2z1N_2aylYY_Jv18JD5I_Udi4c6n6hrQjujAiVeFp-7OlwlJRvDns2sTK2pod0hdhDIel79diJazK6A6iPuWqaGYFqn4w26hypOVO_D3GNY8zc7flwibV0GEonGWoSd4LsRaXwSpQGxcVAB_mocYRnu9sb7SIqiGgcpt_ukAab7hARWS7yOb7y14lJSFxX6FJSWvuyr2rxTuoElTwsEnCvRJANtLbEnqPCvbuaud8ty6rxuaPcjHI1f1GJZdDN3lsLkv1mnQXsQkBKNPTbJDH_3Mv-fnfiR3Df10mtZncTquXq-H4YFcdmHRGfTT9CeXbKyVp6MOdxia4JaA-9RH2R7zATSlIbhjSyEBDxPli6Qm5UR5rGkLHQQi9ue1jptz6M_JI99gUWjeqAY3xFBjZMFSaF0GEpPjnFPnxzwQa5627fO2tbaypE76YFsSD0mvwYyHOpv1lUXdc37YWZpzEr700lLS383I1Oh3DV6hL7Y1xT6g4BOQYwFfhGAEzaIna6eBxuuCzD62wFCRyAJ2bkqBTIkeudxGg9-eTH1sk8pDu-C-nOZBYY9eMHW92G1Yjql1xvLS5f33CKMAU2g7wLnb3n7aP6vb0h9-RGFdVgSrmj4BY6Q3JEcM651TrJINNAH5TN6Mt5AKWzH4s9D4pZu2tjqOm0wgGSXvtjUXMim48QFOjNAJbOX6kysNWaE5jpBO1b3BJnkBSBZiwW1oX7yWu2Hk82dZzRjz5pcEtDWeqPTQwexLwDCB-EF2ryNmOMshv4TKhuFqRPRJ_SzHJZreYcRoa3Cegseq-CW9OOthAKzsPJI5qJndTkB2HyYMq94ACZowzX65n_481WEkSzSebYtnmo8GOczx1w_ERF-8y7iA04L4wfOSXF_jTU0YonMFSwleninhW2LMbt_8X3FgOtRE8IyoDb5xhrUJK0NBKnesI0rCZxHcMp1nCtJfxT9Tna-ByjMB0vndgqKSSxqst8-rLYJN83to8&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=2381010842241339000&adk=1877897943&idt=302&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d753ff96237b22a34b1ef03316d9a4568b6e47ee8a9690ddf9334c35b86a6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7C71 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f6695f967284ddb3249e2b1a9ceea090c89f135fa6e2b035ed5705a15193ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 28C8 70 B
265 B 175ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 28C8 43 B
183 B 409ms
118ms Image
image/gif 2600:1f18:612b:4264:d907:27b7:e3c5:ca21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d907:27b7:e3c5:ca21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 12 Mar 2023 12:11:57 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 28C8 43 B
146 B 180ms
42ms Image
image/gif 18.196.249.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.249.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-249-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 8C01 20 KB
21 KB 130ms
41ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 160892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 15:30:25 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7C71 20 KB
20 KB 137ms
79ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 160892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 15:30:25 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7386 70 B
264 B 121ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&cmcv=&pix=undefined&cb=1678623117061&uv=3261&tms=1678623117061&abt=esv_vA!nonrv_vA!nrlc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=5348f50e-4276-4f34-889d-b2656ea957c3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 7386 43 B
182 B 356ms
119ms Image
image/gif 2600:1f18:612b:4264:d907:27b7:e3c5:ca21
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&cmcv=&pix=undefined&cb=1678623117061&uv=3261&tms=1678623117061&abt=esv_vA!nonrv_vA!nrlc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=5348f50e-4276-4f34-889d-b2656ea957c3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d907:27b7:e3c5:ca21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 12 Mar 2023 12:11:57 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E55 0
0 73ms
73ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030701&jk=7957725723493&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E8F 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxnzfcYo0Rw_O6jTyCRxVn-AZ_R4Cj77CyZI57VPPxpjEyNedFiH8FaOV1YSq1pmbpFRLzFi-LOnQ-4JSI4gUGBqvZNOL4QvuDyvQo-slFhCTGVyQjiNEn5hpFu-S769bBTz6yyOZDinxHb2Blr3oALXPGh6Ka9yYrIx97p5rc3ITN6co&cry=1&dbm_d=AKAmf-B66VYvB3e1vZvJ07N4yDWxeIqyKJI3VxBWqvay0bXJrVCaSDyROoK_rxOHQCli2lQPrW7q2ZNCmYvvuFpzkZo7cSwxK7Bf2KhAyDjSyjUHNy-TOPAndRD3iEnKFNmNsYppPlC-vm28SjRPHdyvSt6-0FUMy1eg96J90HbyJOp_Tz9kLSfCcC9m6XG_U7RocQ-e15yFra6XZ687hT2BjbfmbxTPiK18Fhe3nqq3k5nf4zTqN8brrzwugZZzG099sNrxSMq5vY1Wsi-TxfITkLwqPcfyYoZ-S40Q1pFD0ObheKqLKl1274neXNsOwlZtc-hjAxhB2o-k3mAFLjSMk8QomM-0C2y0l4vER3qpPsurbtkaUP-zTDRF93vWYoeSOZn9-oV2rJ9l00Ma2-x9xwbcRUEOLwZ3vF9rbiolrohZra2AcCnf0aaCAerE1PUgbf0gj0_oZcEALRKdjsS-9iZlViPe_lJZpFrn5_MCgJQUOU_lWvkvhAli26lDkM48dyJV-3Z5ZxI1AGTttTzTdqOrsZ4e9PZetTDEUCu9kJsBf_mQVHaDnxBJL8BDMYO-kObCV-6XMBy5Kthd9rU1RyP8N9V0S2CqHGINFDvRMkN1hi0_LR2Zh4R16XLrddrj1oPMeThuprig5SZ0Y4uBd9gZUbYVf_EaZp1h1vI_hcw_f9s5jN1RBXOPhtwAeiUKZ3EAfU7PzLMCVXnP04MDflJjheyzffNJ4n0JVdH9MnSJGGUAEQjmIvObWAFjUM4QyI0JS6KXCCNJPobEewXvFsv5an0dBppuLUXykDIP2NDd2okICAW8NK8gHz1OhXQOBm76wYZ-Gd_N7sC8zwishOjeNNM7No9o4dUiBF6NCVqxxc9nSE_nIFBXRh5U1GK43vcsT72wofnYvMJPw88DCi7zdVMhwf-3Q7Fr1oAEnZ_jt6rF6x0AGrKGtHLdAFZpia2DWt_VX9LMs6BuO8EALS2fLCulF7j6AyE92PxzMfS9Uy7PxtnKOgtmo53kiagPsTXLnvfykp4ZXzpAV38-yLtCBxh4UZVmkCXsn6SK7PxdcpQirdUYgHMkDUw69NqHX4Ra7EFKGaT0mIzTqeX0qPF2x5F96wYrJSTsOyWmgw5c5DtZfDvEmV6XYGPNcQwRc0Ey4VBW1Tnad-nKmADJEnraVu9lTXEYXWFSrpe_GkYFeo97ST0JpNomibF7qzdFQy72if1B6GvzYmwZpLUuYH1AFnYbm8ovUTr7wT_XI7bDyS0A36katiUim_Lwz74lByijnojVN5y3bK7wQ-bJsjUhd8KWd9mXF39si39v2kX9ZuETkFAun8HSZXPsXVei_3IISa9HK57L-mptbyNiSrIm9IO0MCXMw1iliaSNVHNKblzAM5qNsKpKNXamLnm9gfL37eY3UiPB6e3dqJVkb8TSJXCwgwKhWNadZlH8OAcmhkaRdmyC1H_jhT4QEdxKRhhERehWb1jguvaKA-K1rIjg_wtqGNCpzinMDa-c5GReQrjrt83cCzAlHPBI1Qo9uWHqm5dng6J2sy8tFaabVUiFpFlvaAL2FgRG6IyBo1stzmh0TlDNp3zS_smdMoKZcervvyuOfcUy5Qu5OFCC19utZtFmnX4xk9qgi4xdMizhpnEWM9uWk1TSDOqc_XBuIkqHksZolZTEfIIhvFh1v-UR1qy9ZESLHY1_mzWmLFPLlEP90w545sNiIA7bi_Pc5Tmwhr5cgDugVI3OzpKiOuTgQEr3wNe-JoHkLKf1TzmEZSK1lHVHObA6VvUfZ9fr_EQXssXUhoozLo0N1qXs4S5wo6zU5QrWwndHnzdALrk2spwTG3pRAfdFzYLLEMyDKU8E2tusqW2CedmhuuO_gLkDJjbAD4AvCsI-MmuTMJwuK_U7sy8dvFzmhhCgq93khOyjkAvjf39SCIJvZ2RER8QgYvOL05a8PbXUhbalf06TALFVmz96hvv0oBi-vuMoO3wEIgOMb6HWLUJmGZL9sqoj9krU1Olokrpt0Cy_t9KGt-6KyUGKxB5vwAufnfha-k2fL2f9gs0y1-fWICopHDp7A5nHwyO7byKSzMj6IsNaoOKlJsbpFbbXbVBmUPAt91hLUrU5a-JI5i3mbrPi2hnBvTsTm8OQPeiJWOwvuJAfkmUCN436iOlZ4epNOskNWTGPGK7JspeY5rm428hBCEqtCW07Q5AVAVsrKYNi7mKidli1wn9x1bKiCWqnHaJbIkc6X-6ao3RJMXeWv4GoCiCzTdn7apD0rxvXLXK9lceox4eqYL0xydECBTlmBMqZVnT9e6bbCiqq_oYqT9iIL5QiIxfVMn0S0dtm0OnkcCnR7a7pq3sraXTN3yIQlK_2xELLmwaFqmTNqkA8_8eM3b8YnMkNBHg4H4zyNKu0d1kfzAZ9HM6kX092iAlOt4gFwDN6nCWD7OicSW_e91uaZwWo5OnGT_Ml0XwBektpAbhF-3QI8x8-kaOPkaJEUZOLrgYF8awCzk-0GFkn3iEFDmZ9e8f7gcOnWmPfMgktgDJ3e7U5ggwm6JjDpVhz5ABpqwwEqAV1cYts_EyFe7i9aJRFOyG1HQRCFnddEpY8iIkMgIONuG0CjVFvsut_E-r2CHhP7lyn689Nv3WemuFT5s_QMfX0oEDw9tPLnhPI0_iN0b7orEwjU4hqcndnz0xgmY0_t8OdKG3XHK24aFau0NN-A0bQnay5ONq0KzODjSSYP3ycFyTSI4cf9u-ex9Ei-uiqUj279MMTwoM7ApIu9hGo-C-8g0IV5cZfNqAk4BgHkJyOuIFDmQAZt6avl9OJIFOvCHjyqi4MMRdXuB5tHQxwbVKNBcLZpyjcEK8HLiP3Pdp8Y-ZCJ6KZD_zzWBdIl6kwzOt0v3UOcdpT81qhvSXBIbKJM-6zdsuxTyjI86iQyAuEZ7EhIE_d7MoPDRIMhy-B5yU4niRuowEsP1zVpzd9nHn7YT_odqIHNr0_-Jk_wDdGY_fTmcEfGipwmMbYL5spmeOJPTdJFp28npytsj_iFyyHk5hfJcWf2qsFGQ1WEhDKMYmgg9q3D8JKgeS5p3jI7EMG3_vPCNvowc4RQbavuMnUDx3x-RMXTfDI1hbWp6TUzbBTvWw78jKZ_N8Oou54c_K7nJYPjUKh3mssOL115Kg4ZAdczonnF5S1lNmwCuatN347MgAD27sM-CfWXDZBrMvncSi5R4cxm7jUB2VOqcZceR_DnhzK0z-MFhZPxyJfXzn0FfDnoE1aed6jtzbQantsLCgHmeaTQTWLpgAyIeiJL1enVwb8gDdZZt_Uh6hoSunMPAgNCoiNnSv-sC3Q_uQMvSf1qRPgzUgY1O4xL9CeHhQ06Ecsh1my4mrgmMVxDGv-UlDHnTH6CP3wjiMG06e6YN-r8jos1TyR31pqeBapoXWxk6oMjLl0ZdanqnQVZImf5leeSrpOq0swRwqurLH9UoVQ4qe16_LmIX-o2Y60iM-rojf6AxO5oooBosPxG0FoaY94FljyMwAngWp6J4yfh1VADh9cifsjUgYikKV5Y_byJRVnfPhcHUQPRVarMpr8rEGWqWeg0guSQNHrbbvkNea7rheet3Wh0KAiZr9_3_7QvLsKvJu46ZNqduHeau0dlEpH4mT9rJq4oWGm4Sc4QBvv2V1MJEH5KkFva9Ug4FOg8kkGjbAlAZbG6HdfsuDlgGA1FOUoKtwvg50wOLhv0iZsO-PL18KUSyvM7SW3nEwvHz-Sr4MAL1jscL1GIBUhIj1cncibG_TUfXYtGUMM0oGF1bjld5SN7qeAmzm7JK-K8AFD6ee5ZqWLJp0pUIYvKxwBKf0uAdAbNOyMoFekLXy0R8mHrdGI8WfCWsKuu2PQQLPTO4WJmEbP3Lz9-iTihQ2eTsvttjtp9x2CC4XXVvloXAIsBVJJad2jhZXfYXjkuwQIrNaTrUYJt3qEFeqHx99joF3WhFiMoLHL5jcpKiwDcdL6bJR-2D2aI4SidCa2HnT43UT1UrXMG8Kv-C8&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=1209912474091735600&adk=3944675600&idt=214&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:23:19 GMT

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B34 36 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 18:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 18:18:32 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C61D 281 B
554 B 142ms
42ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V72X0CFgMGA4eHk7HSdQQGA4eHk7HSdQUAAAAGBvQHJLUZDWeuwcotmuxma9HMM1oLh8uRW2KZrWYrh3O123iGQFKb0XDmGqzcosluthbNPKO1cLgcuSWW2Wq2cjhXu41nChjGcpkMaoGEZfb7DkK-22V4-FwGOYkNHGg6HT7XvV73-91lL8_pedf47UqzX-1w2u0AAAAA8PD___8PAQAAABABAAAAIAEAAABAEVDxbyFwAQAAAIDx____rwEAxYEwH6PvZXna_QEAAAAAAgAAAEACQMCVXwJwYRV18v________8fM0CfeSPz____f2PQA_DgA_AgBAAA8DGElRgGRyzX9EJU8FrECAAAAADq_8DsaFInVBZV_____VYAVwAAAYbVvAo9WbqDEm9hAAAAAWJrDbL9FoIWuGML9LD4_WaHXeN3u-z_________3-z_7B9NyEovPC3IBldK7RcQAGDtFxAAgG3cAADeBOBCjgNNp8Pnutfrfr-77OU5Pe8av11p9qsdTrvpCFoxGKwuIQaD1WY32kxmBwAAAHD3____j7fWINtvIWiBqwcyy5FnOLP5VruJZzMzLkYLi2kxGQw3M8vE5Vmstics0SgNfWNJ3KchLLPfdxDy3S7Dw-cyyEkE8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLS_gVgsBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBihYNJqvRaLKYDFejyWq2XOx2G6Ro1Wo22gyGq9lkttuthoPhcjTCCVuMVpPJZjmcLReTwXA0HI2GCGOGkWu4WVncksls5haNHIO1cONyrWUmj8ewmthGw93ILXp9TBfDbrQbTLwoGPCxF8nTIp0IRq6FyeWbzDwu32xhWthso-FuuZi4BiPjbLhaWMQSzckincgu-85y5BnObL7VbuLZzIyL0cJiWkwGw83MMnF5Fqt9zTByDTcri1symc3copFjsBZuXK61zOTxGFYT22i4G7lFr4_pYtiNdoOJvzHbDWeTzWKx2jdmu-FsslksVvsOk-mZ-pyN5rN04nFZp-KWM3pzGBQug8X7k5gW0-7sIDr5jk6dVKUs6ox-v9_v9_v9fr_fb9B6DmaDwreN3rK9a9Bcuo7NBbHBoIglgot0ory7TG_Zy3N6XsQSpekineiLfrfL8PC5_BWxRHC6SCdCv9tlUf-RAQdzyWo1180Vg8kqAQAAAAAAAAAsYc68CQAAAMBpIMPVcrRa50GsJsvRZLVcAIjiZN2fb3wmQRwVrF2GM0wsAwWKzeLGjxXy7jK9ZS_P6XllAACBSebNnwlirVbLGgAAQAAbAAAggFs3b4GmVfz___9_HAAAgIwcPQAAAP0-kBNG1HqhBy4_QS4WqwE!&cmcv=&pix=undefined&cb=1678623117061&uv=3261&tms=1678623117061&abt=esv_vA!nonrv_vA!nrlc_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=5348f50e-4276-4f34-889d-b2656ea957c3&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 12 Mar 2023 12:11:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK q84gc72z27ut Show response
hal9000.redintelligence.net/zone/ Frame 8E8F 11 KB
4 KB 141ms
40ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/q84gc72z27ut?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eb9bea441b137edf63bae57635ae9c4a93522210d70fd566f8ca04fd72029277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4123
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8EEF 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0D6o487y3sIEJnpG4sdPne5tLk8TwyfSGCIsmuLyFLMPiB6WS3EBedK4XgX8FF714hbRmsK-0oc5TWb3leynLQ6Biv1XkhdQlBjSJAwg6FyB3E_UV8hmWImz_YXpHuQ8OYAB6XRZ58YZHEoI0sCV1DOTFxknRZuW5LanBx9H1Oui0Ve8&cry=1&dbm_d=AKAmf-BmmC21wfkjj6rgW7Z-DMi6j_ljWxeb3QuuTcX8jeQ7G1S0J70KAbZ7jPY9V1F4yWKXW7HlwmR94iwFtpkvnbBWU-MYcTewlPp23yILZpS1F5-qEOT5LOIzYZAKCgRdYwSAoQee8nr2t7-cTPOpIkPa9qLy7aSM7XeOIkkw5aWMvzDcKyeqay6E7cSAvUYo4dOIPsWZySSlRZSDjjlncJ-yWcuVQaISnk8XQmTMRWybK2VD2wEImBAbn6cDg1CxUKHJfL5C5qvlpZmD1wXAgW7fEOA0QZUYUUelE51VcIBGko4XWPwRXgpjuJbuKyFsR5rEWcpuwFF-wjvT1wzVgO8V75nz1PVER-c3JuWEqQQSDSCsyJit8mtFdRUpRWBSrUBulrHn54kiqFRbi6R6zNN462652hdNd7v3Oq6E_oQo5dWJmeiK2V8QHxXem-ZKzNt2aQWHmZEzy_wB5FMfAbkjPv2DfPgRNt21rPNLH4x1Hcu7wgMleRyOhWh6rd870TInhwUMDx47UXa_sgOZWrbg-CiWZOdK8V1i-_N8ielnpqzp3G_a6YD8lkNYR1Qaam9I8lCQvJJa6_sbBSW_Z_h4t-ag9yHqnwFaNcIT4FcXEbmZXCNVexv4Fmwzj6ePQTdmhqufizwn3ceaSDU9ubFiK84EO2r-fHn4tKsImN-CZy8AxcQFjDQXI2ZUsXGcOg-_OaHJv17qGtiY1v1tRZz6vgqiK_lR2rAPmhnyGIC85P65PQ3ePTgDMa3newUEQY4LUuF37QCtoO4vmtvhOvkcO3cJ8rQ49EMg6CmeESd5BGjHcmmn06yghpNoatba3w6QBhp2ngvJ_-1earqvPW92vJDzWdIPpjqCdS5e-bm7TkjsFherm64XxqED7YiwtZihFvgzOHQj4vlYL4Y2xnkiAX_TPfBRAr7_KzAftQd-gmIcT8I9bd6Bk3nQpsGvi82HcmdywG-nukcAYT0yRa_sSJEpy8d2ReA_3fBqPhPXH-kxkdB5u5sQasdjmg_JjL_v2mHdKkipa7u-RV27_5CvQ1do4en3yw4Zz0RZb_09mpOYfak-TpUP-iwGFYG4XmKAUcY0ZmxtbjGLvFrQ3b0FHUaWmziL2waEA30tNJqzmPrH4Kd5_B8spUk7OPURCa7SnY3akaPeN8ghNgxhvF4vHydRY_a-28v9Lwwr_K-Xv-ZeWRHJvbbONVtQFkucONEdgWPBczbWXdXAGIGE2kUZGL1T0iEJ3Swo88KKc6SJVAZGL1dGNc7jUGaqVeLBCTGeSqc91kuXPGDw72btbpJKUmrDwsitvg6O6df4B4NOQlO2Vonk7wlms6BmOkPS1i5mchpzcfxzi6cPZ7ZH3ozz1QkhGPxzTuWYD_oU05XApGg6EjHSUJufCzmzZLR6e9C8Eq1kABUYQ-ugq6bgkydMIv6TRTf5clZ3QCQovYp4tLCMJFa7OM7fsNEfdEoXvvJ0L3zLQJilPeCKkOB4MOtVLPOvMI22gUsdVGfx1wc8jUS3wrebMupOw7BwErXG3afJMV4II3QVZuaJfSbA6JNJONLIC0qQKKjf9KdGUmuwNEa793L-qjJAHXhgQi-9Q5OLcG-hzWz9MK9u5MZQKJ9i0TGk5zOyyn_0uCfXoRVr1Ie2QMGIVzN-nSxtDX6p7b4jp-TbkJzunJY-cSNBesL7sI4wNL5d_SEsxeHjm-4M9Nunvcxt8iYYP8SDkeOffFbmP4n_LhZYLwyOt66T9gPhk0NHvYL_tZehpXOe0PPXfpMNqwJ2hYiBHMGX8gEoWOjy1Dlq9PBfyIR4_bfvKC0Cdb3Ln61MLA6hSyBy-JHraA5dr1r8kkohEnu1n5A3GeQpkbZnTuz_1bzO2Zjeg_tq5LFSkwW40SprPg7RZPMQnBbCajzN6e9vbNBpGfwQ2rdmlqn8_UVEwTZ0j5bDWpBO9ojJnqr0gEESiz1SDkSLt33VmzD3sSRHJRpLmxpsw8OgM_cI6ljnJLN1yMAy6JUa-FBpj1nO8geVND0mHE0rLMEdY9GVpqB8XKL4yVaMgj26aThQKLh5Zka2XSmsfqwqY9wHL27AAUTtiDdS1XzM8c2p1zsIRmYkEXGQN26sBI71FU4vmiFoRUIJdOeG77RpckTsPs-W3oRd0H0aJAOt3Pzr1PnszovavBjbJQsLv3NL7Bx4IsdSRDZn93pS8JrulAUrPKivIvIaHzsA1fVybyvAQqQEkDMZo8HNw3Zqd9UYBMYnNmLKw9FD2tQ2T9uuKxXpSqe7QVIZkjUyNmqBFRhFX7nBfj3AQO_qcJkXeYd8n2v_o-KjayNPlA_S7avNhu5F5MRxFIW_xK5zllIYj-UZRfugf2ygNJAOvmHJa59J2L6IjwFsjNBg-ohOxgV_81rvdRTGwKV16nc7exBLyoeTrx7D1Bb8eMSpnWy6DXZAAVIcod1IEWgETCgSl2rRgQlS0lzVSI2BOHDDevcWyepwlDlDjiHpMMsMRpxTxM1X9GfYyesCrV5plO6px3cr4Ml62phcFdpYeqzv5xBwo0YeyIiNWExDFrWn_XmVlmFeLoik8BVKEalItmuzCJDIGbcjbpRJ2pHB346eASribtk7PAhXxv55mHENyOlGJY8CvZ9xSi59CIH6nSCLpt02bqN8lOYIAzeIvjp7tgmZbdjycUhdLS33dqup6FAGh3vANdjml1bISfOUPIpGumsyxmtebevkaLWfr_IkFluBzv8P_dkJhc8XCsQJOMMYu0JirDC2jxJtGba90VL0_pLekTiSW48_sYtFBxOmnbY2w9KiIEiFp5VxKSZPfr1uLCilNqE2aQli-z3hEehe51B9AymKku0yuDSGpm3foGgpqcBknOMO3UuefPbl_rT_my3pBdLla7pUOIsXg6n8VqcwUmc9AmJNFaMkJ-Zlk-W6BnX6SvnUNImKMkF0K8K3i9xk50yJAvmfKxVyLF1PIBiQ3A4SbfNV2EPs4du1L2rD8q0WTTU1SpJ2EGQBRBbBrRhlU0yJ0f39UL2z1N_2aylYY_Jv18JD5I_Udi4c6n6hrQjujAiVeFp-7OlwlJRvDns2sTK2pod0hdhDIel79diJazK6A6iPuWqaGYFqn4w26hypOVO_D3GNY8zc7flwibV0GEonGWoSd4LsRaXwSpQGxcVAB_mocYRnu9sb7SIqiGgcpt_ukAab7hARWS7yOb7y14lJSFxX6FJSWvuyr2rxTuoElTwsEnCvRJANtLbEnqPCvbuaud8ty6rxuaPcjHI1f1GJZdDN3lsLkv1mnQXsQkBKNPTbJDH_3Mv-fnfiR3Df10mtZncTquXq-H4YFcdmHRGfTT9CeXbKyVp6MOdxia4JaA-9RH2R7zATSlIbhjSyEBDxPli6Qm5UR5rGkLHQQi9ue1jptz6M_JI99gUWjeqAY3xFBjZMFSaF0GEpPjnFPnxzwQa5627fO2tbaypE76YFsSD0mvwYyHOpv1lUXdc37YWZpzEr700lLS383I1Oh3DV6hL7Y1xT6g4BOQYwFfhGAEzaIna6eBxuuCzD62wFCRyAJ2bkqBTIkeudxGg9-eTH1sk8pDu-C-nOZBYY9eMHW92G1Yjql1xvLS5f33CKMAU2g7wLnb3n7aP6vb0h9-RGFdVgSrmj4BY6Q3JEcM651TrJINNAH5TN6Mt5AKWzH4s9D4pZu2tjqOm0wgGSXvtjUXMim48QFOjNAJbOX6kysNWaE5jpBO1b3BJnkBSBZiwW1oX7yWu2Hk82dZzRjz5pcEtDWeqPTQwexLwDCB-EF2ryNmOMshv4TKhuFqRPRJ_SzHJZreYcRoa3Cegseq-CW9OOthAKzsPJI5qJndTkB2HyYMq94ACZowzX65n_481WEkSzSebYtnmo8GOczx1w_ERF-8y7iA04L4wfOSXF_jTU0YonMFSwleninhW2LMbt_8X3FgOtRE8IyoDb5xhrUJK0NBKnesI0rCZxHcMp1nCtJfxT9Tna-ByjMB0vndgqKSSxqst8-rLYJN83to8&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.vesty.co.il%2F&ds=l&xdt=1&iif=1&cor=2381010842241339000&adk=1877897943&idt=302&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:23:19 GMT

GET
H/1.1 200
OK g2gqt23fm9fm Show response
hal9000.redintelligence.net/zone/ Frame 8EEF 11 KB
4 KB 135ms
41ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g2gqt23fm9fm?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 900e1ff9ac2a7aa87f1bb17756ed13f31a1bb1ee3b509f5c57b7ddc61edce3bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4124
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 dmp-common-iframe.html Show response
cf.dxmcdn.com/dta/ Frame 292F 89 KB
29 KB 169ms
51ms Document
text/html 2600:9000:2127:f800:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=7a20f431-4d22-43ae-8981-b126d16e70ae
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:f800:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93150c94e2b9533e5f66b7b6b21beeba027049d5c1848746909600773a97cab9

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40480
content-encoding: gzip
content-type: text/html
date: Sun, 12 Mar 2023 01:15:11 GMT
etag: W/"e5873645cb0513d1ff8abec22af7ef3c"
last-modified: Wed, 01 Mar 2023 14:27:51 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-id: q2mmS4o9N4aPVOinPpOFB2-N0REzFAf-x_n30rkOlcMk64GBP3FJ1Q==
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: X08ID4.PERJgTBsHSfOnba34WR27mtH.
x-cache: Hit from cloudfront

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7358 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FD84 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 14:55:42 GMT
expires: Sun, 10 Mar 2024 14:55:42 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7358 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 18:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 18:18:32 GMT

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame DAA2 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 18:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 18:18:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3B34 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qqoXYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C61D 33 KB
10 KB 41ms
41ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e50e85f1e66deab7e0755834220a796491ea3000223bdf15333df1bbf822f4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:57 GMT
Content-Encoding: gzip
Last-Modified: Sun, 12 Mar 2023 00:46:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45283
Connection: keep-alive
Content-Length: 9996
Expires: Mon, 13 Mar 2023 00:46:40 GMT

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame C733 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 18:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 18:18:32 GMT

GET
H/1.1

200
OK

request.php Show response
hal900019.redintelligence.net/ Frame 8E8F
Redirect Chain

https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

191ms
112ms

Script
application/x-javascript

78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: dec60812e12bb21459630fa2635fcfece94b7fe4bc26c0c09140506bdf18a259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 86514200082648404445006012261019
Connection: close
Content-Length: 1301
Expires: Sun, 12 Mar 2023 12:11:57 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 12 Mar 2023 12:11:57 +0100

GET
H/1.1

200
OK

request.php Show response
hal900022.redintelligence.net/ Frame 8EEF
Redirect Chain

https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

175ms
95ms

Script
application/x-javascript

144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D&documentReferer=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.vesty.co.il&random=8021790098480&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 7b2c76db3a586c8c9c2194e0f19209c843cfe81fcdd67959521099452820987e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 67790300079536904444992012261022
Connection: close
Content-Length: 999
Expires: Sun, 12 Mar 2023 12:11:57 +0100

Redirect headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:57 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D&documentReferer=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.vesty.co.il&random=8021790098480&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 12 Mar 2023 12:11:57 +0100

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame FD84 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 18:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 18:18:32 GMT

POST
H2 204 bulk Show response
trc.taboola.com/ynet-vesty/log/3/ 0
278 B 88ms
88ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish
x-served-by: cache-hhn-etou8220028-HHN
server: nginx
x-timer: S1678623118.519114,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C61D 284 B
536 B 189ms
42ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 5a84e65a5a5780fb9e85ee5b6717005d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 48ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a84e65a5a5780fb9e85ee5b6717005d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ccb63ae51248d13238aecb1b6bd1b45e07432f108b57e636faa05bc79a792a69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_135%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a84e65a5a5780fb9e85ee5b6717005d.png
age: 0
edge-cache-tag: 540720832381734058336557644495314571612,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
cache-tag: 540720832381734058336557644495314571612,478792517604673124902371371817955775106,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 572
req-referer: https://www.vesty.co.il/
content-length: 5488
x-request-id: 4022d1c083cb25dde81d48929dc2d329
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000134-IAD, cache-iad-kiad7000032-IAD, cache-bur-kbur8200092-BUR, cache-iad-kcgs7200168-IAD, cache-hhn-etou8220028-HHN
last-modified: Sat, 25 Feb 2023 23:08:10 GMT
server: nginx
x-timer: S1678623118.661044,VS0,VE0
etag: "69f92658751bb36ef79f2fba552e945f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7358 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJgR_jcENZK-9CP6GjuwP1a29kAcAAAAAOAHgBAI&bg=!oqGlofXNAAZKh9k7aoc7ADkAdvg8WqkjvUEa6kKftbcJaH-7trPMW9LFV8jNtXeQBVvVWp5kaiOSOdpQbyCmkmPa4VaXXadNZ_MCAAAA9VIAAAACaAEHmQMavKVhXGv-Jq2TYNtB5uGoQtK2LY8SeldprxqAJMjUT5--tT9-6pQJdLNbjO_AjRuroAzdnHcLqICtw7vdkE2s__rLnL6I0fVG3UP2xyrKoxCsLpoZoaviJQO0FVjw3sewMAbmvu1K3iFxTb74LqjgBkbrOLcrgmWwSZG0t87YQckpdIDYVIsCZIv9siki_hEZ_ugW4QdIGcobzqV7sMEvGuNCofYigP538TDeYI66WyRlJAV7Na1eDtoTlBZJFYC61u0I4oks67AimbW0T_QXuFL8yU143xNxl6dZCYIcRg4OMOpc9X6_IUcyPiaRvLqchLlfK_xTWZFD64dy5iu7RMg1eObBUnqY43jBpDgRl8fC_aN_gf78eDnx5wMV1C1UdcGFqMxvNJj0b5OpZAfOEEUTFZiZn7TXj5HgQQuqJVNZWLxli-Xjup1QptyKchlA1TVNHR6EqexVEofGtSRroQeYfxuIyBhtfMtLfpi4ro-gcuB2m1dRlmKYSRg4WSo0SnaODyknOOSJQMKCCnNi_SoJAD17KDuG-nUtjbRITSd40cMM1tX2WGorvfNvy0K5Y5gq6eUx90eTqzWFMHbyfPY8RjPph4AKx-Qig4MzH1WdpeDyqbElflHhQwwQAk2epxEXaBQKtA0RS4FG9fIUDOy_ZbIEhJwkl4re1HXv4D426Sgx3ZGFuzshECgE1TOFpv8YHBj-KG2KdWKOWKHTC5-gi5o6xb6xjg3I0vZ3K7RJdlBLIFhNFJ7KMof4-Fhzfx51p3AGAqzyc8L7ONikHgUvsT9tb5FkJpfXXGSlHtWYywVJPEdNDLHDeqJn2kLZcW8ZrCCni9eHp8UrZXWscfZmRXrsoPKjvxKxtE647XkBK-Yld8cUqVnRFVV55xI68AnS4rTAg-GuTCW4Ce33wFD1euNJG9XThiIMWYUIH_qe9f_GIHHGKClEXDy6Pn3vSO4AGFbWvkh7Om8zfN7OhFisYvXDDTNgpWvHLiw0pOd3-pA9-eQTJ8fZ1erftiIZiCjKuSLyE0VIqE9F8Y5V8iKG_VJOlTAIegM

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD84 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBUvmjcENZJW7C6TJ3gOlp6CoCgAAAAA4AeAEAg&bg=!ubqluu7NAAZKh9k7aoc7ADkAdvg8WkmWIoaQrNqF6Ep7fwi08ZeAM63WsukNqMr6xyAOAevc0v_-U1P1bIkQR0g_o1REIHlpZE0CAAAAb1IAAAACaAEHmQNpbt4BGRUpKg97OnVInJ2kb5GnBXvemokC6fLJhgKICuc9GfPZbCsZ-Knxt8hcdyTufEIvBUaUgbvK0lY2A2BuzbgYYkQiGBaa2hdRlWQEkoJNxTNjWlE4wDz4Au9qx94jPucVsA6dncfwKPQCYGTHfGQAdoNzinMFDxwmc8-n54pZ9O6mgNZbikwXhxc3KkXTGOprhRUxwooVEptRHxFr8XslCl1Cw0skMhC-E-Fi2HyZzpPL3qc6gev9x_89K_timmQiw8XUQ6EnU4jiUmxZnhnvcuAoZD1Wcp9wkhbSvkuaRHQaMVtubf9PTwI0lZ3wfUVkphJ_1jpzEUPKN3BkCVdnZ6FVo2lM1lvGX1dyopVgrHaIAkTapHSc14Q6xyKsYBNydOPoQb3Z5yM5w9d6kyM7duXUTP4ZXnvDw2gZB494eoxRZ4ylZr-qbyjj8EtWQF2qx5IPS6PpIaBtDgcLuH7_qNhRUNvJeO-mEETYOLi3PGdwHhcn3oKuixK5KcZyP9qlNXYns1-T1fnSsVtnGxQZFM8V5aICSsfRHDYT-fAw1sI2EbhSl6_4rxptSZEon4H1AfOECQbFnGfjY74M7vtAWCeSwcn__1uQYkjg8lH5mauXDcze-QzONzWvGRRjsMIpqKSdDR_0_uR4umazarfo8UnJOx1TETfwDdPO2YrDjz5MunRcE3UEH5k8Xwrx2Mi59ijQHSR6zSjrHx4tvhsie443KujHNK8e8iZNysYSojRTd-N_P-9ZyVpnQyq8gkpqy1BzEnm-ednRxiHiGwVWXiqYimOeTdD2mEJa0JCz_-4uGdpozqs4my1lwgtaaoLubpXtn-JVODyuFL-dxgsmrkaqzkCpJli23XyvEEgyigKA0td1ig7RodueBlcNNWl3QieB2RpC5PEMiAsqPhhzpS05yaqBRzk6v6JJPDk0j-rU-gepY_D9AKPEWd1OK9tAXoI5QyKym5scNr4zTLeOtJO6kiHQ3ekF4c9xTmYDfFE8Tmu4415E1391QVMXu_T0TnQIYh_IRC53ru-C9wd-uJet3Inl4JKj2k1lPI4Yv3bFazzmLVNOsN6f8eG9FC5hb14DsDwOZw-8RtT8v5Sv0EpwXew_jEpP8JZASZs-ZHCLLcDj_DxTq3q_mkx4-mnNwzW_1ICe

Requested by

Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C61D 0
239 B 536ms
125ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 636a4452fa95aad32992c06634d4089f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
769 B 43ms
42ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sun, 12 Mar 2023 12:11:57 GMT
via: 1.1 varnish
x-amz-request-id: RXPPRCR6WSZ12407
age: 7537
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 6HRI7LUqTe5ZMnAAeDpkOqm2g/lgGiuzwqHLIoWfYP0ln7ampDPEtLDVJn9C0zLIy0PK+xJJTPA=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1678623118.773766,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4705

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2842
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=67790300079536904444992012261022&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=67790300079536904444992012261022&actionid=981741&produktid=&dt_url=

0
201 B

156ms
54ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=67790300079536904444992012261022&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D&documentReferer=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.vesty.co.il&random=8021790098480&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 12 Mar 2023 12:11:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 12 Mar 2023 01:11:58 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 12 Mar 2023 12:11:58 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=67790300079536904444992012261022&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 50FF0766:A8D8_91EFC182:01BB_640DC18D_CE9AD59:C02C

GET
H2

200

activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834 Show response
5994599.fls.doubleclick.net/ Frame B77E
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834?

391 B
326 B

83ms
82ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834?

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

a09cf9aa0ea5cf6cd7b441b7b49f549c6516112320c37e97cfa1a5e3faaf38ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:58 GMT
expires: Sun, 12 Mar 2023 12:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900022.redintelligence.net/ Frame 2288 6 KB
2 KB 118ms
40ms Document
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/request_content.php?s=67790300079536904444992012261022&a=a8e628f9
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=g2gqt23fm9fm&nw=20&renderingType=javascript&namespace=bf89e9f756&subid=&uid=044039da2a4ff180&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=200x200&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCt8E-i8ENZL_uMrWRjuwPk4WcqAOm5b2gaaWRnKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSOAk_QXvOLMUcSEl8SWrVNnK-uiVRWUWS25pW-VzOEgd2jmypVNHeyDvI8RBnt48Fz7YrOcUTBuQORxFrTVrZt5HcpMSJSstH3DToeD_XqUhkzzP6j5wxG0wRftTglZ85ntdxKCYdCwxmXxL5nveMGaW-1bj5SSzSDN9xd7FV-j0i1AQKJAIzKGYopgFfcIKd_FuN2vnVC7skb8iXKfWbo-rXLzZiLw7OxJy2DJmPS7iaOooXhyA_z9A2pxkxiZMjnC7xdzj99h-eklNi60fR_zFQWPSjvc7PX840eN5RGn0_5P3hsVeqlaDCJzuz9tEqw2ot_psFkDzuo7EJYzUdwFR6hf-DRhrnbdkhMi1ac9sAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_23hY4vpNFuNiN6TygE1reFEWNx_A%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-CL63dgY7anOwaQ-_LvZrqShvGOkH_T0suRRqhbsSFhsnMXnZIUS6NxXrDDFqG1P7LdgeokDNt2axEc_Gse_G-1LKnX8YqymfoLU4_hWOrYGyEVDexpKpsMjzRc0eVj9ufSqwSR2mXwEtArZGGBxQXwNsWNWyuXP5rSvWAA5-pURjrtO3I%26cry%3D1%26dbm_d%3DAKAmf-ABdObH3ehl0fJZzNTvPjzs2XgxfeMkTCxkN41J8FYEZj5YXBLOdkrd5acWy6OChxNbS69ce7ADTAnvxj-ZSx9c3p3FgsCobArwogli1ov3SMOR2sA-eCE1A3sBsR4QCmqpCh0Ey6dptVUSYw2vhFTWTusas2LVeO5sBXzR_doXD0lJ28KVm2wh-ikHBYfVUcizt6rWmncAb1Eak1Zvhnv9WhJw9Xt0PCWbkOjOY7kCXNnT1oRTjJ3_V5ZFCDdlZYZknXA3HXTdI5o_ZceYxvh9WEzCcxUBo8HSU-75Jjk-clclNbCmGdOkAoQUs5XMVbIdCQiWgdL9ZcjnfmndnADFatfSj83Fiky5plWnTmAI-jNOJz7we8Us333xNBvTD_Ouzp4vWpZT8hceggF1LcdRE7h-ZifL70ZrWSm3xOkrn06mQ9Lj02MiPTCA-2I01tWeWfNTKXjK77e4FFr4fwmg7slPU3IQWz7jz3IjktacI2wTZcjSI2PvgmEfS1QbOVG3InYzZctvGFDnlyh_nQ5r3mX2atWke5YrdP2XFyNGHhgdN3E%26adurl%3D&documentReferer=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.vesty.co.il&random=8021790098480&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e19e164031e0be6ae32919535af732daca976de7d5286ecf96d9610e35039640

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1856
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 12:11:57 GMT
Expires: Sun, 12 Mar 2023 12:11:57 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 8EEF
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67790300079536904444992012261022
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=67790300079536904444992012261022
https://ad-server.eu/wm/pb/native.png

68 B
312 B

335ms
53ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:14:32 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF0766:AF46_91EFC182:01BB_640DC18E_CE6435D:2FD2C
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
DATA 200
OK truncated
/ Frame 8EEF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc93b0e770bc65480f689bc186759978b437ac1af9ba7121752a476d5a03e620

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2F05
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=86514200082648404445006012261019&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=86514200082648404445006012261019&actionid=981741&produktid=&dt_url=

0
630 B

154ms
53ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=86514200082648404445006012261019&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 12 Mar 2023 12:11:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 12 Mar 2023 01:11:58 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Sun, 12 Mar 2023 12:11:58 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=86514200082648404445006012261019&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 50FF0766:AAC8_91EFC182:01BB_640DC18D_CE9AD5E:C02C

GET
H2 200 / Show response
adv.office-partner.de/ Frame CAD5 930 B
931 B 212ms
50ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 12 Mar 2023 12:11:58 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 19 Mar 2023 12:11:58 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

index.html Show response
www.parship.de/wplp/htlp/de/ Frame C6EF
Redirect Chain

https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=86514200082648404445006012261019&pv=1
https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID

558 B
898 B

165ms
55ms

Document
text/html

2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control: max-age=30, stale-if-error=432000
cf-cache-status: HIT
cf-ray: 7a6bf1594e319220-FRA
content-encoding: gzip
content-length: 325
content-type: text/html; charset=utf-8
date: Sun, 12 Mar 2023 12:11:58 GMT
last-modified: Mon, 28 Feb 2022 14:30:12 GMT
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-content-type-options: nosniff
x-ua-compatible: IE=edge

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Sun, 12 Mar 2023 12:11:58 GMT
location: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID
p3p: policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server: nginx
server-id: 11
x-robots-tag: noindex, nofollow

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8E8F 2 KB
2 KB 210ms
97ms Script
text/html 18.132.110.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=86514200082648404445006012261019&nw=1
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.110.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-110-241.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 16247abcdf9f726375c379a7776c2d6278197be4b8fe8c71730a3dacfabf5775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:58 GMT
last-modified: Sun, 12 Mar 2023 12:11:57 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 12 Mar 2023 12:12:57 GMT

GET
H2

200

activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934 Show response
5994599.fls.doubleclick.net/ Frame D869
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934?

392 B
287 B

84ms
83ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934?

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

eb05a53976eec308f213440a140d1da43f23d3e128101a8ce3ab51bd9a63d0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:58 GMT
expires: Sun, 12 Mar 2023 12:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 12:11:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900019.redintelligence.net/ Frame D58C 7 KB
2 KB 119ms
40ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=q84gc72z27ut&nw=20&renderingType=javascript&namespace=12f3489ed1&subid=&uid=aec4a4cc5be2bd5e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=980x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZdvvi8ENZMHuMrWRjuwPk4WcqAOm5b2gadWanKfJD_AuEAEgmfugK2CVgoCAtAfIAQmpAg4UuywP27E-qAMBqgSPAk_QSBvGegL3Xyg3Vn605GlzS0Dn9pWeOi_dGBjSZADd7Gl_BiGuyO50JffUxjAEgNLeVTtROLYGapTBJwp8jMfC1QFtl8jl5I_YK-TnSH9YGmh36XNFxjsft09PY6URRQ3P2nvYONOkt2DePOe0ls_W6fyZ0mMirhtmLsf2Nj0uzzun1fD-tcA1ayqIe3zjRKfm6AuoD0FdryQIaql20j_KmAp6ra-6-QWtffrmP62kyuCTgzyFGwKSqqkHuOcP26xxYlLzHGxeEOX7YvuGsDi775V07vsd4i6kYDcE10Q3z4r9i1oGSRLgoJt39_rwgg8eIL6I51RnxsQ1nI3Q56m4o9Bocnc6j0x4hRvUxl7ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ%26sig%3DAOD64_0Bjn14awtUPH7Bh4ysrMXhERilNA%26client%3Dca-pub-9314111824787632%26dbm_c%3DAKAmf-D7qt7V3SHK6a5pCG9jJKkS1FQnLmM14Aaag9hc7wOf9-CZCb1D3mjhZiUSEp4iHg_PQLuj-SHJwpHyIx2oLkdG_9V8NfIOfJM4Jc2s7x4MDXtTZhvBsK9lYAEC-JtbMS23zAYkzr9e4c-6Mrkr7ytVghNwYqEYss_3TdV8mcwbZjavhyw%26cry%3D1%26dbm_d%3DAKAmf-DJ7xa0SV7vDmQj8LsHGJ2kux_n4LkVEtJVTZCkheiDbXgexL7_rlDLMRWnB5gDaHewjzYj3Imz01PeqfCwIUBoAZnFcMk1s3TljRWSuMHH6n5oGo-x4fpfJ1wFr7hW4opw3GgNrOen2QSeB7Z5kl0h_as6Ng13XUuBjgpE9qr0zwNWKmcwPQpvqR7YphtVZbXV53Af1yFojeT76ussfIsfZ2QnArtdeyccLeeFmTyH0RjlJwQTzn7RSQn6qfcaxZIyzk0Tdc8xkznFdJN6rWj0DTnP0ngj1A0l5mX3BLJ_cKMkUM665iRm1bVcg2erywKPhvp2ol_PaOBahBOD0h3uNzYjoS1Mx9sHedNxx31v--7PBt_CacBq8taV_zw7P3NFr5rjiMQFUxuE6hkjpsBCq7xzVbWe4rslKGr0OMANdVy4C_SxiT1KOtBrvs19al_R1A4S-gURkuzKg3f6XDgXfjOT4BuHgotykWbr7Q0GdEmlxMPFQ7IIPCAnFnBs3UiiW88XnrCZ3qyiiXidQsdeUvA9IWPGgHMiAHvkzY1HFUt6xWU%26adurl%3D&documentReferer=https%3A%2F%2Fwww.vesty.co.il%2F&ancestorOrigins=https%3A%2F%2Fwww.vesty.co.il&random=7866864739435&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 6d93d5cf6dfa470d34ed004fe13b09cf3be76feb7e1ca3acfaabf96a39b1b6a5

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2098
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 12:11:57 GMT
Expires: Sun, 12 Mar 2023 12:11:57 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 8E8F
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86514200082648404445006012261019
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=86514200082648404445006012261019
https://ad-server.eu/wm/pb/native.png

68 B
312 B

336ms
54ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:14:32 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF0766:AF48_91EFC182:01BB_640DC18E_CE63FAE:2FD2D
X-IPLB-Instance: 40027
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
DATA 200
OK truncated
/ Frame 8E8F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec99b5c306d20de015ab33bc8709964e91b4435f69b69479a72a14a8275eaaf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame C61D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

69ms
69ms

Image
image/gif

67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

HTTP/1.1

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DDJSB9A91M2ZYBAK2KGN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 12:11:58 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SPAHRRYS3ASK4DDM3RRH
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame C61D 0
214 B 44ms
43ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C61D 70 B
264 B 57ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame C61D 0
239 B 168ms
42ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C61D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=DEIWSyP68ibE&ev=1&us_privacy=1---&pid=560687&gdpr=1

0
239 B

43ms
43ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=DEIWSyP68ibE&ev=1&us_privacy=1---&pid=560687&gdpr=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(9.4.50.v20221201)
content-language: de-DE
location: https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=DEIWSyP68ibE&ev=1&us_privacy=1---&pid=560687&gdpr=1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-68b8b6bc74-h9z67
expires: -1

GET
H2

204

current
rubicon-match.dotomi.com/match/bounce/ Frame C61D
Redirect Chain

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1&gdpr=1&us_privacy=1---
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=Su3j7pUId8L0rZn9XjrSDg&gdpr=1&us_privacy=1---

0
104 B

220ms
83ms

Image
text/plain

2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=Su3j7pUId8L0rZn9XjrSDg&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Redirect headers

Location: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=Su3j7pUId8L0rZn9XjrSDg&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame C61D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=22d58063-7893-461b-8256-dd52c6f9fbcc&gdpr=1&us_privacy=1---

0
239 B

73ms
42ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=22d58063-7893-461b-8256-dd52c6f9fbcc&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=22d58063-7893-461b-8256-dd52c6f9fbcc&gdpr=1&us_privacy=1---
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1035983
content-length: 0
expires: Sun, 12 Mar 2023 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame C61D 0
75 B 243ms
50ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=87&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:57 GMT
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3CE5 42 B
174 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszN46a3cRMI2oQIjR9BHwHjs7MV4FcPKgpOs8PZD200q0InCIfobmZMvoax4pzbayFcYFq4E8ArEKCQcosa5LLDzMYHUJ97TYLmE4G1XbkrPf9YgvW&sig=Cg0ArKJSzLRhzM80f9UBEAE&id=lidar2&mcvt=1000&p=5,204,255,1396&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4127172794&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678623116482&rpt=405&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2288 4 KB
747 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=67790300079536904444992012261022&a=a8e628f9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 12:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 12:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Mar 2023 12:11:57 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2288 66 KB
66 KB 119ms
40ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=67790300079536904444992012261022&a=a8e628f9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dabd512d779db6197aaa0ddeb0ca9e1417d8c2b77adcecaca9741f47d7e02529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame D58C 4 KB
724 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 12:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 10:16:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Mar 2023 12:11:57 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D58C 16 KB
16 KB 125ms
40ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 63644d6d325b1395f1d011abf447ac4a5e9fc4be1ff7f37379d855adc2fbf4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16269
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D58C 16 KB
16 KB 124ms
41ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 25031fb7bcef66e82350264f16836c733289ab9b3b77bf0ce877508e150b2f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16550
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D58C 7 KB
7 KB 181ms
98ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b5e6112ed80a1d1483be0e3bd4e27aa887954590d56fde1160542cec603fcf93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7179
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900022.redintelligence.net/ Frame 2288 0
150 B 118ms
40ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900022.redintelligence.net/viewability?s=67790300079536904444992012261022&a=78f8ace8&vb=m
Requested by: Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=67790300079536904444992012261022&a=a8e628f9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900022.redintelligence.net/request_content.php?s=67790300079536904444992012261022&a=a8e628f9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2288 13 KB
13 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 19:53:32 GMT
x-content-type-options: nosniff
age: 58705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Mar 2024 19:53:32 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2288 13 KB
13 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900022.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 301381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:28:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB90 42 B
108 B 78ms
76ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxVqzJHbWLUf0PkbgNnFginkoytrmp2HAYJK2SwP1iatvEm-74Bl4WwEUgWuDueWC2lGD_toHqbytss_2Nl2DbW4kTrJ-06t7wwDsON0M45L58qykc&sig=Cg0ArKJSzPdfZh7Q6-lGEAE&id=lidar2&mcvt=1000&p=906,810,1156,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=886418757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678623116495&rpt=449&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 51FC 42 B
108 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss12KJUkamYe88R_x-HW_eVz0R4CyOGO-pW-urzQS6-eflukQQPZ_TvNWYTIvEWfCaqRXJ0lTgJZZnfk77EsuP_9F5MS_Ph_AlnGhxCXxYc2JVrFkSg&sig=Cg0ArKJSzAQPiIdgJ1O4EAE&id=lidar2&mcvt=1002&p=906,1120,1156,1420&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230308&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2427552119&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678623116505&rpt=421&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame D58C 0
150 B 122ms
40ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=86514200082648404445006012261019&a=dbcec50b&vb=m
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=86514200082648404445006012261019&a=223ad27c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 12:11:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D58C 13 KB
13 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 19:53:32 GMT
x-content-type-options: nosniff
age: 58706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Mar 2024 19:53:32 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D58C 13 KB
13 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 301382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:28:56 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8E8F 85 KB
31 KB 159ms
46ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=86514200082648404445006012261019&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 12:12:42 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2023 12:12:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 86357
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: eZG-q6BkAPIU4vqlndEnFmN5B1Bsj7aybBrMvV4Jkd25NMeS84nfZw==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 8E8F 3 KB
3 KB 133ms
39ms Image
image/png 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1678623417&Signature=JAabNONwDQR5Vj2G5171iAAQbHqM9utwu0W~h4brVgUCRGxINGNmRpOWfSdWA0tPLE0KgTlU1RznH7qEqu3RVvx~SHRu7ODiEgp-x-OqCWl~pYICmYRQcDVatEfD15vTlbHsDztsP~djtRur4r9QWl80gkdNKQIXVkoEtRhe0zH1VBgW7bqSbFY3nBeudHflVmni0lUOCjqlay38JaKgREBvjtdpu87f9JWnGPKvtIU7DTO7yl1Q3QMSmN9YckU8rsBYyC7tRB17qursZhCKk~z7llDk7en~SEcXp0DolaztHK1R2To7WWpVEEzKUd9T4XLZ7iJWaMIiJamrexe-Jg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
URL: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 12 Mar 2023 05:48:42 GMT
via: 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 22997
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: Q98UwzJF7YSnbveQ2mxo6mEXnw_G2X6-re-IAuCeBbNdRCfHTS2gjg==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame CAD5 105 KB
40 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

115b9672ede367281e1a6f7e985dcd65beea6b8aceee8fe7fe9b082c2b11516e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 41428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 12 Mar 2023 12:11:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030701&jk=7957725723493&bg=!jo2ljdnNAAZKh9k7aoc7ADkAdvg8Wu1vc_R5m98_9rBo7e0hVFMiUV1ZRVbLra8ot8GhxEMS8zE4kho94g8v2-H0iADEk9Hfw9ACAAAAq1IAAAACaAEHCgAsw1j7RaNjnZ70B51oHtGhgqwbwORxrl64afhPCS4C7IbTVLCj9ar7E8AneWKZAtKbrGFkEDCf8mJqUAnZ1deMcKgj517MrYo7ghthfdgfx0SS5NIjbZAbaRgCshZ0cCs1a3xJezEeZ1MTmk1WgQuI3-EagPUngNDhEI_DCk6_KdXFg5NPqrLWW0qbypO_uvXEmAeMpIkraLnDUMlg2ZYX-yzxHqQByMO8FPaH4oP1hgjyTwon_-crZOrWeISrW-PCK3V_GW9CDW_Z8gncuG7SenjVrFEPZQ7Jf8nDJMHrHUfY2krq0BrWusmWHQKNZa2pPIj_R-21CRRKz0AMkp2__4uK5CRTDqWfaFOjAXv3xjc0tzAxl8_bWvTVLymGz7szpyjBHARGbbWNXgsDjwP41SK40npGtThVclFbwwkZqyGOTtLGTqDWjr-GpPFbYjxgqEZM6_mu-nTqypOsMwuVdj1ifnfceEY7H12_nPT2sXvv46aKGhhz5N-LspGPlg7zgEG5gpNMsJmQ6IQgo7P8X54BjklSjUyqYP3L44o2bwVfnw6V2p6_aeWPGUi9ronQMyJXmOqKJjGkglPlaDcy4Uab3HZZMl7jI7mvHhLvkwKyRnO6Stx4BU2c4o8XOsqplgUOTBtP5kJFHe_srXgiJvljX0g9IqAiNrgyKaQGLTJFtVOnH7auhkUbyrgG6c8rHUNMUs_X9XxfUi0rTfqo_QsHUOx5Evt53VoWfHQnOS8yFo5L4etEPfomPcWLC4FiXgVNrHIFdbwfm9x4KYOQPPWZvF9kC1a7cYJ0xHCM-4zFnDoQxsoQqjUsljX8OxyWybujOVAptmReUJRxC7BfoHbk4XgeRC4eu1tmHSG8cL-9tKUd9MNeiqSC4zba7oNiBWJ-DdxR0VCyJi1YRugzmSUMzVTHqDvYO9xHzJs_3a35MgA-goAvj3y6AVnQ0F-6wNDeqe0QM0rEAsYkW0FcuN7tvT-az-QIzRVsBKnAkZhoRNXIbzxUh50pp3A6YEh55w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834
adservice.google.com/ddm/fls/z/ Frame B77E 42 B
262 B 77ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK_2oLWu1v0CFQbTGQodA_UKaw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4001514772161.834?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934
adservice.google.com/ddm/fls/z/ Frame D869 42 B
107 B 75ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CK32oLWu1v0CFU0tGQodfhUJcQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2637629138024.1934?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 peg_logger.js Show response
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame C6EF 12 KB
4 KB 74ms
74ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bbfca69c4ec147d9fcda55fe71d53f8de8493b511d667512adf2c9b99cdbf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:58 GMT
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 13:11:30 GMT
x-content-type-options: nosniff
server: cloudflare
age: 67479
etag: W/"63ee2b82-3061"
vary: Accept-Encoding
content-type: application/x-javascript
content-encoding: br
cache-control: max-age=86400
cf-ray: 7a6bf159ae939220-FRA
expires: Sun, 12 Mar 2023 13:23:01 GMT

GET
H2 200 pegtracking_combined.js Show response
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame C6EF 30 KB
9 KB 54ms
54ms Script
application/x-javascript 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Requested by

Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:58 GMT
strict-transport-security: max-age=15552000
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Wed, 05 Oct 2022 07:17:58 GMT
x-content-type-options: nosniff
server: cloudflare
age: 16048
etag: W/"633d2fa6-77ae"
vary: Accept-Encoding
content-type: application/x-javascript
content-encoding: br
cache-control: max-age=86400
cf-ray: 7a6bf159ae959220-FRA
expires: Mon, 13 Mar 2023 07:39:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C01 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyQ0A1swq_O_OCRQCk7KatHwBvcWYSOZpCYQfKUMOkAFmx8gu6YBGJuD95bnw4f5toCUVNXdViEqMwKpiSGe32VMkIQHishYEYwV2n-BP44oeEFS5jJEZVSsk7D6vglHaDaVCP7Q&sai=AMfl-YSVwgp-qOEF-xlSINEw8KlRnky5C2vm-u4HLhYl02Fb8k5i4JOVqCBXDiuXNZ1m_pQuuxBpXzT0HIT8LZoVaoiJe_bsWEE-efrDZrUNT6Cbo_MgKzbiXsun7nQdEw61Qu1JzkvXZMreqohRCQ&sig=Cg0ArKJSzGZDY6PB9lQBEAE&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&id=lidar2&mcvt=1000&p=0,0,601,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=273824712&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678623116571&rpt=805&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 40ms
40ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230312-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Mar 2023 12:11:58 GMT
x-amz-request-id: XZ48AY8MC3YY614W
age: 23
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ZXMXCLJsczBoyw0v63m27AWkI94Y95ukWIGwlplqNEpaniQj72rR0y3rlTEcSHyevflymKnOHpA=
x-served-by: cache-hhn-etou8220028-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1678623118.404417,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 31
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 304

GET
H2 200 eum.min.js Show response
eum.instana.io/ Frame C6EF 26 KB
10 KB 167ms
57ms Script
application/javascript 2606:4700::6810:cc16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eum.instana.io/eum.min.js
Requested by: Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:cc16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efb60430b5eff8addca6f52bfee090e9a318381e834b6401021b70838f05059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:58 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 1 Jan 1970 00:00:01 GMT
server: cloudflare
age: 394027
etag: 1712844505--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin: *
cf-ray: 7a6bf15ad82f696f-FRA

GET
H2 200 nvi Show response
www.parship.de/nocache/ Frame C6EF 15 B
389 B 83ms
83ms XHR
application/json 2606:4700::6813:b979
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID&ref=https%3A%2F%2F7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com%2F

Requested by

Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 12:11:58 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
cf-ray: 7a6bf15a2f139220-FRA
content-length: 15

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C71 42 B
64 B 79ms
79ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnsN7WoExCLYYYXZB0FN7hXe7vCRCnkcYHOAD899zwdDrjYrVQJiKDJTnCJBaLW1whL9yuT2cvuAcgKzhF6-zxdes5TvjOhBc93NYLsPHQAgqPoes03tGPXPz8qkWEFwOagDsN6g&sai=AMfl-YRGyM7jkGRegkHTkJX3idnt3zKrykTXKRbSU5a_I2h-ZqtejZZ0ynkhdwBRPXPMyTwRljmDAzbKNu8eMjXY7wcElZjD7DBA2W5j0eFHaQ6DIgBpLlKEBgNZmMelzJGV2JtrcXyh-t1Qh3Mdgg&sig=Cg0ArKJSzL0MIjIPemWgEAE&cid=CAQSTADUE5ymbQNmpH5xYSBW6MU0L4Wx6yPu6ymNVm_mvk_t7SiqLdWsjYtjHfQRL3NZsdEWaJztWflJLWXiaR_6kHLj-uIGn2-I01f2l6cYAQ&id=lidar2&mcvt=1002&p=0,1440,601,1600&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2495267343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678623116580&rpt=825&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 128ms
39ms XHR
text/plain 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220044-HHN
date: Sun, 12 Mar 2023 12:11:58 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 375ms
113ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=f0d583eb-226f-4d10-8ce5-fdcc05b6487d-tuctb07470b&uad=d5792801335f11b32a948d51b64bb655b16f8767f5837f2be4c406715994752f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 12 Mar 2023 12:11:58 GMT
cache-control: no-store
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8E8F 16 B
232 B 93ms
93ms Fetch
application/json 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-33-70.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 12 Mar 2023 12:11:59 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 161ms
46ms Preflight 13.41.33.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.33.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-33-70.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 12 Mar 2023 12:11:59 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EEF 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8782937513944&version=m202301230201&ct=77&x=1&cor=2381010842241339000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E8F 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3286216932891&version=m202301230201&ct=77&x=1&cor=1209912474091735600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 12:11:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vesty.co.il/	1969-12-31 23:59:59	Name: yexp Value:
www.vesty.co.il/	1970-01-20 19:02:39	Name: ab-checking Value: 46
.vesty.co.il/	1970-01-20 12:26:39	Name: _gcl_au Value: 1.1.983645553.1678623115
www.vesty.co.il/	1970-01-20 18:55:27	Name: dcsyncundefined Value: true
www.vesty.co.il/	1970-01-20 18:55:27	Name: tmcundefined Value: 1
.vesty.co.il/	1970-01-20 10:18:29	Name: _gid Value: GA1.3.1506253885.1678623116
.vesty.co.il/	1970-01-20 10:17:03	Name: _dc_gtm_UA-5536870-20 Value: 1
.vesty.co.il/	1970-01-20 19:53:03	Name: _ga_HBGSDK9P6D Value: GS1.1.1678623115.1.0.1678623115.0.0.0
.vesty.co.il/	1970-01-20 19:53:03	Name: _ga Value: GA1.1.255671840.1678623116
.dxmdp.com/	1970-01-20 19:53:03	Name: dmpid Value: 7a20f431-4d22-43ae-8981-b126d16e70ae
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: o8xCoMGxQjc
.youtube.com/	1970-01-20 14:36:15	Name: VISITOR_INFO1_LIVE Value: J6PSDBTMQXY
.vesty.co.il/	1970-01-20 19:38:39	Name: __gads Value: ID=c2e4fc6426bc22b6:T=1678623115:S=ALNI_MaBEiqvJzvSNBqzk8OsSMmB6RBK5w
.vesty.co.il/	1970-01-20 19:38:39	Name: __gpi Value: UID=00000bc3c106ea50:T=1678623115:RT=1678623115:S=ALNI_MbRFUrtxjhYHmDj8St9mO7Up3KwmQ
.doubleclick.net/	1970-01-20 19:38:39	Name: IDE Value: AHWqTUmlmXfs3q7gbFN5FcYWe39qGZnXZQY8x54W3dVrA5Jf_-V7-kPoRx8KXn9P4_g
.dxmdp.com/	1970-01-20 19:53:03	Name: audids Value: xcYmesNs
.casalemedia.com/	1970-01-20 19:02:39	Name: CMID Value: ZA3BjVDHfFRIFIuK.p8sKQAA
.casalemedia.com/	1970-01-20 12:26:39	Name: CMPS Value: 2144
.casalemedia.com/	1970-01-20 12:26:39	Name: CMPRO Value: 2144
.doubleclick.net/	1970-01-20 10:17:06	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 12:26:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%<rK1if!@wnfH8K6pQK`!5=E<L5?%KB2cKov4$>('Bipm:k>xk`7B!ak@Q9lLv_<^cP(hw9P-HC_#tu>1$Eto
.adnxs.com/	1970-01-20 12:26:39	Name: uuid2 Value: 6869956682197595250
.redintelligence.net/	1970-01-20 12:26:39	Name: 8lcfmzhxc8d6_uid Value: 08bdf79b9d7b6b14
.criteo.com/	1970-01-20 19:38:39	Name: uid Value: 22d58063-7893-461b-8256-dd52c6f9fbcc
.awin1.com/	1970-01-20 10:18:29	Name: awpv11524 Value: 296283\|1678623117\|16191820-c0cf-11ed-9a9c-22335c3bbb34
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 391598:2661283
.office-partner.de/	1970-01-20 19:53:03	Name: source Value: {"webgains_webgains":{"timestamp":1678623118121,"clickCookie":false}}
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_si Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%22162fa036-c0cf-11ed-989f-00155d53a129%22%3Bs%3A3%3A%22sit%22%3Bs%3A10%3A%221678709518%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/	1970-01-20 19:53:03	Name: cjcookie Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj162fbbf2-c0cf-11ed-989f-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1741695118%3B%7D
trf.greatviews.de/	1970-01-20 14:36:15	Name: mcookie Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%22162f9fc8-c0cf-11ed-989f-00155d53a129%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221678623118%25%255712300%25%25162f9f0a-c0cf-11ed-989f-00155d53a129%22%3Bs%3A6%3A%22expire%22%3Bi%3A1694175118%3B%7D
trf.greatviews.de/	1970-01-20 10:27:07	Name: ads_pu Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A1679227918%3B%7D
trf.greatviews.de/	1969-12-31 23:59:59	Name: ads_ps Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: e567f6c5b5dfc32b
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lxznvlqupqjojj2arqriztwd
pb.media01.eu/	1970-01-20 19:53:03	Name: DTU Value: A40CC4AE1C2A512EF3808482671991C7
.www.parship.de/	1970-01-20 10:17:04	Name: __cf_bm Value: sZB49XZtQVNpCivpuBDeClda_ymJDK_g2UlbTf49bUk-1678623118-0-AdMNQrRNv1TXDmqnKtfoAjFo0smHmoXPnwWkzNEkNBcE/SLXyHCBVgVGGe7+u+FPkqrlRkKZCgZn7YGSrCcB9+c=
.parship.de/	1970-01-20 10:27:07	Name: NVI_LC2 Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID_TS%3A1678623118
.parship.de/	1970-01-20 19:53:03	Name: NVI_FC Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1678623118.5712300.162f9f0a-c0cf-11ed-989f-00155d53a129ID_TS%3A1678623118

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ads.google.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.permutive.com/fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js?d=2023-03-12 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
7330976e7973311a42fb6ea17fd3ebb0.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad-server.eu
ad.doubleclick.net
ads.google.com
adservice.google.com
adservice.google.de
adv.office-partner.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
analytics.webgains.io
api.btloader.com
api.webgains.io
bh.contextweb.com
btloader.com
cdn.ampproject.org
cdn.firstimpression.io
cdn.flowplayer.com
cdn.permutive.com
cdn.taboola.com
cdn.track.production.webgains.team
cds.taboola.com
cf.dxmcdn.com
cloudflareinsights.com
cm.g.doubleclick.net
dis.criteo.com
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eum.instana.io
eus.rubiconproject.com
event.dxmdp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900019.redintelligence.net
hal900022.redintelligence.net
ib.adnxs.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
js.nagich.co.il
match.adsrvr.org
medialead.de
mrb.upapi.net
pagead2.googlesyndication.com
pb.media01.eu
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pv.medialead.de
region1.google-analytics.com
rubicon-match.dotomi.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.cloudflareinsights.com
stats.g.doubleclick.net
taboola-supply-partners.tremorhub.com
tags.dxmdp.com
token.rubiconproject.com
totalmedia2.ynet.co.il
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
trf.greatviews.de
vidstat.taboola.com
widgets.outbrain.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.parship.de
www.vesty.co.il
www.ynetnews.com
www.youtube.com
x.bidswitch.net
yandex.ru
yastatic.net
ynet-pic1.yit.co.il
104.19.149.54
13.41.33.70
130.211.23.194
138.201.63.165
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.102
142.250.185.166
144.76.104.53
145.239.193.130
151.101.65.44
178.250.1.9
18.132.110.241
18.196.249.120
18.66.122.112
18.66.147.98
185.80.39.216
185.86.138.150
198.148.27.140
2.18.235.16
2001:4860:4802:32::36
23.37.42.132
2600:1f18:612b:4264:d907:27b7:e3c5:ca21
2600:9000:2127:f800:11:da61:a100:93a1
2606:4700:20::681a:314
2606:4700:20::681a:68b
2606:4700:20::681a:81b
2606:4700:20::ac43:4513
2606:4700::6810:3865
2606:4700::6810:3965
2606:4700::6810:cc16
2606:4700::6812:69e
2606:4700::6813:b979
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9c
2a02:2638:3::c
2a02:6b8:20::215
2a02:6b8:a::a
2a02:fa8:8806:16::1400
2a04:4e42:600::300
2a0b:4d07:102::1
34.241.105.99
37.252.171.84
52.222.158.11
52.223.40.198
54.76.176.197
65.9.95.124
65.9.95.51
65.9.95.95
67.220.228.202
69.173.144.139
78.46.90.238
8.43.72.98
85.239.105.10
88.198.250.30
88.221.169.78
94.23.99.218
95.100.75.47
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01d30752c2a1f873f2030018f4cd7d7835dce6b29f63b509d325bd2992e9dbc7
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a
05976a36acca0a209e34abc6d55978803fc6cbcf278d66553e782c34e599cfde
0622cb7019c42f0293d54be0fa188d3fca6af90b8efdb5bd07340a5734b156d3
07e2d2f2c26b92a40a960d3c0aa3d68f29fa69de99a7feecf7c401864d205316
09202b23ed9c0f142a1c7af341d55ecb08599d05e075aef086fd92d33893a489
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
0b7697dc0aafddef0adc276e9764a16ba6328028637a33b6ecd616081328cad0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1a6ad799bccaf6403a6c2dd97d8ba1fe4530d012fe02933db2b71c2d5b42e2
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0caa5435ac919e2053610a41d874a462581ecfad98efff858d14679bdff73365
0e43de8ac3f0ca712d7299430fcbd4a9ecc6af555c40ca76580fcf0d96541d74
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0f6695f967284ddb3249e2b1a9ceea090c89f135fa6e2b035ed5705a15193ec7
0ff0afdf6b5ce60efc846f88bc88e2e19e7f3bfb15865d9361c972231de284e3
10993116ca5b2187405775500b2c55ab168c53b31fadf1ade4afa7678367e6e1
115b9672ede367281e1a6f7e985dcd65beea6b8aceee8fe7fe9b082c2b11516e
125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16247abcdf9f726375c379a7776c2d6278197be4b8fe8c71730a3dacfabf5775
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1710a7d50db056fc7f36508c32c4cc6b7da865cbb1178c07a8827c2896a704c0
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
186e39368ccbccde547cd17de318de6440b569ec8bec5f4c3bc934bec4cbab4c
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
190244210236bdb383bd7e7b51386bf0dc552c4bb24d4bc37dc436eb929ab1c2
1b8fb1678ebce94e32f755c4e1680fec756fb90413959b8fb6e930562a3ae1cb
1d1011d2a1a683c34ae5a2b970442f1ed2ea975e127de6359b43045b609cfc9b
1d753ff96237b22a34b1ef03316d9a4568b6e47ee8a9690ddf9334c35b86a6b6
1e28d71eb706599808b27197ff7cb8a4e14637b91218c7fa56a52561b631a4b8
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394
22a5dcd17162fb1bfa7898f1b7cf33bc5282ac65f0b47544141f1111e1e748b6
22e2d4d1bc63cc26feb19491b1b8bd5ca77f133e99c5e44a1f23fc68b05ae966
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24302da202d5f76b541e8be13ca84e5f59d04ca28b78280d8c62cc88e5e9a42a
244810c329c4a6cec74aa1321649dfc7d7b9a26c9ff27bff005461c69966605b
25031fb7bcef66e82350264f16836c733289ab9b3b77bf0ce877508e150b2f76
2515d51d838d0f76458065d99d68209a70ea5407034ad23b33bf42f0de86ed9e
273746bfb4f9aab48bc043b02f453ae18fedad76a5244fdf2c24fe631fd5d46a
27cdf776f81d7f52148bd17be1494ef7b9af5f132db2125a94df52cd1679a4dc
29a426e3f203b67b66e9ebed93781e5950a7fd98a0b09cc8e858f9ad77c5e019
2a14d89b849f9404d4b04b8fda990e75bd6c00bfcf07bb3ee00236621a302623
2b2ed87fcdb76cf04bfec4e6ad94a14a2ab6833c474fac140869c53d1c898077
2b4524b22ee5f7e0f719a731cfc2b36f9709cf69be079f3b251347d12eebe344
2c2ff867c75cb1fca9865d94294caa7b66268ed0e12f9ffb1f247b8687f38e4e
2e4188515828c942a5eb2f047a2246cdf68a7aeea374009dde58629fe0c9beed
2f1a7e00e11523b6be00e8c6d54728f59e5a12d1d035b31295be10bbe844e900
2fbcc3825dc269f53d8c9d11dce673e6ea969dd2b8790d806880fb273d9ffe2e
30491c6b81dad3b6bb4e8576dbfba06cdee3e80ccd39663af5426d10501b5f3f
311effebf670aebd57830fd70133ecf2b0d74725e69554d42e91074f739f786c
315a0911ea473c0a872ad26fb14907c1b76eecde302c3f646a33f2b6b996d4e3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
347b65dc4f86eca9a03d1fb887d09bba41af2d2332d2cfcbbcfbc0cea0e6a92d
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36d2e9e031cd04d2122e43f3172ee2f451714cd1d0831bccfd805eb0852b621e
37bbfca69c4ec147d9fcda55fe71d53f8de8493b511d667512adf2c9b99cdbf4
37d569bbfd830a8b7238b345277c19a1a83992731ae74a57b9e813c16d6ca055
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38dc3287865914d7f3dffff585adc332654397dbf3f4007c992e2f16e31179da
397e1fa6b641266ac6537f43be08647287bafc72dff55f1b04d58e464e5c3b74
39a79e00667ba542a44cd68ddd7cf15f6c2d713986badfc453ef6cb025cad4e9
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ae071e63b88e6c852bfa05651fda24652949d5ae6b244d2df58c313546df5ef
3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
4190fd13bd1c650624071fdcc2ca777c6a5f3e2ded079d499f9bd293077012b1
43c47f1d5225e0f3d5aa0e1e4bb22f0228479e31ee5f78123eaef863e1d41538
43fd3d3ca6f2a177c59759388e8663d0e534e27b2ed9ee986232d1c7099a4a07
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119
461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479a1e54ef2ea9909a5194cab4c9e3f00c2b9219b9d6c453bfd59490fafc7ecb
486b99f524c3a3949bd86e3d13c15c940c68c5d5f72487670846e2517dd8a982
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4abec9a5f2539bdc5f00add55cf15098fdd5eb0b47f1f998b6f39b24ad03206b
4b0acb5b956e0838f74b55d4693710c5f2f5fb43d6ad98609eb2882ad7df92eb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515792b5f8eece1facb8452b78d4a4b75d44a3c0199ff73a66541733a6917439
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
543bee066850ffda34784bf04f96f06246a16f0a57d64a504fe459177e79056e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b3b462960f190262ff7a1951dd0b58dcfcaab6e17cac647f2ef0ba6513f019
55a0024ea31151632842888498ec8447deb62e2c4180c9b2f8056df18c61e21f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a2506cda1e225983623e588ed4aa947210642dc6951d237adfc608f6c82d310
5c8232dea0264696ca1534cb5ccb8dbb455965586f5eac6ce9071fba480e81e0
5d2b0bd0f24b8fe4f2f67f27ec5b3c2d23bf536b012d0504fdde0ccdc97d5ed0
5d8d5f39cacef88a3e9c2aeeb5cacfcf513c8be0a14ae2c1006668bed121b352
5e1fbba805fe17e588bafe47a622c8b9e5ed5957c55eeea08659d4f99186246a
5efb60430b5eff8addca6f52bfee090e9a318381e834b6401021b70838f05059
5eff99580f3e3cb06d768951911708189dbdbe28a36efc95d58ec2a669032d3d
5fee42c00e734bfb6194e66912a31b6cfb7aab74ddcce563d920219ea12fc5bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f5a96bb59b6a4085c64fe2fc9149aac2d3d7752b7f5eab1a2706ca55a76ed2
63644d6d325b1395f1d011abf447ac4a5e9fc4be1ff7f37379d855adc2fbf4a8
648b09ff48416521e500b635803cae6030d4761f334c335178461aeb93071eb6
6644b38612adab7c985316a135aa23e3accb658eb27bd7d9239b18b6109f74ad
68617b5509c476b6a77d95cc512edec292a27d1b5a534f26c016997669cd2d54
6897e63fd1d20948f67d3ad677f87386e3d8edf3a3c5bd45c75c19bc9bf74d50
6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6d0aad3f5180a9737ea5e2fbc115c9b5c32836d1ac333afaca11311a22527409
6d93d5cf6dfa470d34ed004fe13b09cf3be76feb7e1ca3acfaabf96a39b1b6a5
71b8b84cf265c7d6828dc826db550041cbb10e5e128701b892bf063edf366337
71feaaa730cbf44d232252367f5f36bedceb58c359a3edc400ca3cae69a55bbe
7325719a58773c527d337457bf7df125e1ba8a814c4c65eaa5b67c822764ab99
733b4be3545dbba132e34214131e9dc49c3b5bea04743e81d201ca4371f48c8f
75a2a3c7d6cc027c04838059485983bdd2e606e3e7735a8331f4bdf880b21e31
7605e17a9b4092eb5ffe7685416246022382078ba38a3b3287691a361fa109e8
76ab40faf1f3200e071c44d8ea5f3ae03704ce5bdb3087fc616cdbd870fd9c13
76b169d3169387eae4a7fce5b1c27b26022455d25f2b20f8592e054f3e1eacf4
7726fd721a0bc57c7a1fa948f21a7633cf51772a7f0d29dc15fd9097d9ce0513
78e5ad92bc0110aaf670bd110d3f5e6703d4b39516d1cf4e1687e00f234b754f
7964f60f291f39693ad8a62f9a6bf2cc70b53b94298244a9ee246321fda4f782
7b2c76db3a586c8c9c2194e0f19209c843cfe81fcdd67959521099452820987e
7b4f93c736508c87de89aeb1ea0d92d3227713d5dac90a93f34f38ba9255d97c
7e8d69ed6d508a5a3b55538a4dd8352a81a6e60d0f11dc992c5e91843fe139a1
7ff34e07601a0355e61d4c433e99559889f5da4c73e6601d3182745c9222d98d
800a31d5d041534c0f05c0c6fb18a16eefc33519d43b9428717aa129a3cc4752
8066f3032f328de26f28d61237d6a5a1c7cb181a70bd93ea71ba1a34d127435d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369
8bf4ebf5da9e89e0f93265b2068a9843aaa93c627e5bfab37564d85ba6562b51
8d0608692433a30f00e2f46a6bdaf8963100faa4e0b96657cf7dbb59afc14bdb
8d33531badd230b30c5d752fdb8aeafefb4b836ab9e2427119229167852283b7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
900e1ff9ac2a7aa87f1bb17756ed13f31a1bb1ee3b509f5c57b7ddc61edce3bb
913e622305737166561489738e6df69f154ef445f708334cc1ca2a57761f23c0
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
92fb0a36fa469dbdfac80736ae937bb7979da6d682064e19ed615062b772e431
93150c94e2b9533e5f66b7b6b21beeba027049d5c1848746909600773a97cab9
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94be23a50de84dbac18623f017f4985a5efee3d573a17c2fa1a547337a650376
9520156f99a3bb679097e5850de9fd0813130dcfa9af8943c154cc229445827c
95387dc692d85f3b88df0a6526d58a41b36f2149b209f969ac28a5be3787e9e8
963674b97a03a0192c7ec22a58976221a35739af7e3207be62452c45bef6c018
9647129e04fb0087ff7d9aa50a657bbce11fcfcd89f2688cba822d0d7bf1f025
974ff0bb3d9d0ddc9177adc3476a5bc655c1b24e38a9ba27f781a3d9a533bbb8
98cd8802460671a365e51bd1dfaa8862015955a200daa786ab5a2a1c83303550
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9dbf959dbde32ec95d48a79c47dfe90a9ab436cf1f749c68d21603050b603221
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09cf9aa0ea5cf6cd7b441b7b49f549c6516112320c37e97cfa1a5e3faaf38ed
a28b962d9727e38c61648727c841439ab808e3ea59857f5f365da0f9576ffcf2
a291c75d0dbae743aa948cbab10042c9bfe5265de90d91a8c6fd7a92f30e2783
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426
a34e381faa7996a9dc025fa934f64d94e18690bfcef4983b9f09f96228985d8b
a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461
aa0399d59a0f0c05c91a1d562fd03a57d725c15f00d8dc7d7a99c4b3ec8a1a41
aa3cd433cbbc175ad17db52b955c36cc467f2529d0bfbe69ed7482a6f93da246
ab2fc2a0b1f69351176de37e0fd0dfa58d26651e7148e817c74a4406bd84a0ee
ac7359540e95f22f0e3903c0ac4e8f8b4a0d761ccc5564c5cf89e1a775129b6b
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b02f26cd50ee99e88dc04fcf64d3d02e024f8ce49447e9aad3962438e62b5709
b068a1e4d320d1d506f3c90f33b9306881ca0bd116ded78c71a2aedc9d15e5e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bf89e54067db75ba8f027a57e08367c041f2634a2fc5cc7eafeefb3407268f
b2ed13a8680748afb45c0b7d2059d5d8d0fc991e88ab0192e12a5985a648092a
b31402025c967b9b44011f44c00a337fb4dd94ad242cb9a46198ddc2835fff54
b470d290bca13bb0ad69eb7b71eaa230a779c90dcb31e634cf48fd128b7ea51d
b5e6112ed80a1d1483be0e3bd4e27aa887954590d56fde1160542cec603fcf93
b81a847076b180fb8365b839b00e6d2bfacd04e45862e8094caea6f76d1f4a17
b9e17381d4cc5f10bbc1d09f22fbf22f7854763510eedb2ba694093410214ac5
ba0610623ba1a30857f5e9a2e1eca4998aef758edfa6c7e21f6e17c98d8957c1
bac018f003188a5eee21e2bfcc2b0d08c52db556dcb8516355e3b20bf008a41f
bac7d54900bb77dd1ba8ba654a75f6b35151c4cfdcb92fa873c1af40a3005a36
bbb32305de8274641325e91aca39e774d543b11d194bcffed68059b82f8db04f
bbec6ad5fcc7993fa87de6e94b777d3c85c133e760873d9360379f9fa0d64a6a
bc93b0e770bc65480f689bc186759978b437ac1af9ba7121752a476d5a03e620
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c202a6b938d7d148395310ee84652594a7805d1ead88215b0b3b369edce3d0b6
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b
c3594c1675bd6a285cfc9a5b6e6bb0994d6ad9625b22004555f6db53db394149
c4622b8ccc7d122b291403e2592ca6d43e9b0411c0338e65526a9b4c09949998
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9901eba322320d37653843ced2b7ef18b27e92f36c7407211d564ab762508a5
c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc
cc0b289cf3afa792240c96bacd597d314c861bddf73f7639217b82d2ad1ed48e
ccb63ae51248d13238aecb1b6bd1b45e07432f108b57e636faa05bc79a792a69
ce4af9473b8596150d66b8319829d1440d97be876c21dfcc0dfa347571f5ee33
cec99b5c306d20de015ab33bc8709964e91b4435f69b69479a72a14a8275eaaf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02c2c341d9003f8fbba98ca1e4db52d48aa5ccb0afbece816a7e131bd29b88c
d131be00e39df9e1633917a6567fe743d19e75e93d716100e454f1e22f1a32aa
d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62
d2fc43ae96329367881d25b42c9a8025bb86a93c5194d1de0bd8d5fb8c69236d
d3d594cf90108912af059afba3d7146c424d5040723764643cb19550f1ff1032
d4a7569c3bbab7ef407fbcaf065055c8e6ec9a6ab505636ffdf9ffdff523bde2
d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c
d54e851db62143344146dd02717567e87695725d3e25e18a2feafd3dc6ba5714
d597c43ce3195958528dfd9487c305cc3e1d54b66019fffad1a6a701ff2db716
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d78874d120616374d4eee37ed27d975e01a90c4a924dd452c1dbc6bd851efbe4
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d931654bc346b6e836b4644266c0d4670e4865f82673af0221048c6e6abb2d27
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a5d4412b1a4e07b6fd3664927a265c09a2a06544ca160193082e4fc7ddac12
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b
daaa8665415c17083651c7dca5faa946d3c406ee11458c57a54d6c7867b2f4af
dabd512d779db6197aaa0ddeb0ca9e1417d8c2b77adcecaca9741f47d7e02529
dd8c5e2827cef7d43206d71f88d228de02316b8f754b13e0757ebbfdf1fcd8ae
dddb4c293a814c34e78a92449aa1f61f82b20d90ee9aadefc3570862981559a8
dec60812e12bb21459630fa2635fcfece94b7fe4bc26c0c09140506bdf18a259
df1f6b4d9d8ae3b72cc814559a25735a36f017a28ea52cd67496a08837c79b0e
df49ccbe6dc250c850b3986ae5a8b0be2dde5d1254205a58e0133fd8c4b7b0ec
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
dfc49cd1a72ca692c404422e9e0c6797459657e93634ff09bd71503f0ad4ae07
e1588062fbae70d6cbba62fa3fe147b5c56fbb51eb00ee728fac73f2865b2352
e19e164031e0be6ae32919535af732daca976de7d5286ecf96d9610e35039640
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e50e85f1e66deab7e0755834220a796491ea3000223bdf15333df1bbf822f4ef
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072
eac0590b081beed79429908062e5f44b7bab0c05855f0888f3de472692ff7919
eb05a53976eec308f213440a140d1da43f23d3e128101a8ce3ab51bd9a63d0a4
eb9bea441b137edf63bae57635ae9c4a93522210d70fd566f8ca04fd72029277
ec9b9eda1473038ef4956f8f0e2035bdc00081e08fb65ada2057d9637fa82b92
eda86674f16adb5ab26df7d80aa10f2ce6199bbc2a2bf0906b624ff4cf2dc5cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef66beed0ea5c471fa927974b38df8441064fa6334ba0574847a2093e89e1388
f2ced2b19390b613c55ca0ad8a45eeddc71c0f790ebd238f70c5c68b3b6687c6
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f55e7b1493865c23c9523489189405478dabe9f3367fbee9ce4169b5abde16a3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb30c23b6a4e2853813ce875d67505320aa4a3983eaa4ecb6978492abf733313
fbf08c4d01639c653424ded1023e1d5f1f5010cdaa29d192d10090c9479715d4
fca48bc930949987a5316ee38c06b81bf438bde1e097db8d3349cb38c75a55cd
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

www.vesty.co.il Open in urlscan Pro 2.18.235.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

372 Requests

95 %HTTPS

50 %IPv6

54 Domains

91 Subdomains

74 IPs

12 Countries

6376 kBTransfer

17574 kBSize

38 Cookies

23 Outgoing links

Redirected requests

372 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vesty.co.il Open in urlscan Pro
2.18.235.16 Public Scan

Screenshot
Live screenshot

Full Image

372
Requests

95 %
HTTPS

50 %
IPv6

54
Domains

91
Subdomains

74
IPs

12
Countries

6376 kB
Transfer

17574 kB
Size

38
Cookies

372 HTTP transactions
20 data transactions