www.vesty.co.il Open in urlscan Pro
2.18.235.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vesty.co.il/main
Submission: On November 27 via manual (November 27th 2022, 10:51:41 am UTC) from IL — Scanned from DE

Summary HTTP 393 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 33 domains to perform 393 HTTP transactions. The main IP is 2.18.235.16, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il. The Cisco Umbrella rank of the primary domain is 234689.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 13th 2022. Valid for: a year.

This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2.18.235.16 2.18.235.16	16625 (AKAMAI-AS) (AKAMAI-AS)
119	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
11	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
26	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 1	2606:4700:20:... 2606:4700:20::ac43:464d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:88f::30bc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2600:9000:20e... 2600:9000:20eb:4000:11:da61:a100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	13.224.189.112 13.224.189.112	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.13 13.225.78.13	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2606:4700:20:... 2606:4700:20::681a:314	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	54.78.253.158 54.78.253.158	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9 12	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
9 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
7 10	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
41	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	3.73.210.71 3.73.210.71	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
393	47

31 2.18.235.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-16.deploy.static.akamaitechnologies.com

www.vesty.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totalmedia2.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images1.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ynetnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

119 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

ynet-images1.yit.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:464d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:88f::30bc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4000:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.dxmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-112.fra2.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-13.fra2.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:314 (United States)

ASN13335 (CLOUDFLARENET, US)

js.nagich.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.194 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 9 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.211.12 (Frankfurt am Main, Germany) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.9 (Bad Krozingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.210.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-210-71.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
119	yit.co.il ynet-images1.yit.co.il — Cisco Umbrella Rank: 46584	4 MB
48	googlesyndication.com a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	386 KB
41	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 332	471 KB
41	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 ad.doubleclick.net — Cisco Umbrella Rank: 197 stats.g.doubleclick.net — Cisco Umbrella Rank: 142 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356	308 KB
31	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 564 scontent-frt3-2.xx.fbcdn.net — Cisco Umbrella Rank: 11986 scontent-frx5-1.xx.fbcdn.net — Cisco Umbrella Rank: 11028	573 KB
30	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1006 trc.taboola.com — Cisco Umbrella Rank: 770 trc-events.taboola.com — Cisco Umbrella Rank: 1541 am-trc-events.taboola.com — Cisco Umbrella Rank: 10903 images.taboola.com — Cisco Umbrella Rank: 1522 pips.taboola.com — Cisco Umbrella Rank: 1616 cds.taboola.com — Cisco Umbrella Rank: 1790	576 KB
27	vesty.co.il www.vesty.co.il — Cisco Umbrella Rank: 234689	249 KB
15	casalemedia.com 9 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705	12 KB
10	adnxs.com 7 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	9 KB
8	ynet.co.il totalmedia2.ynet.co.il — Cisco Umbrella Rank: 56548 www.ynet.co.il — Cisco Umbrella Rank: 40254 images1.ynet.co.il — Cisco Umbrella Rank: 55021	111 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	284 KB
5	nagich.co.il js.nagich.co.il — Cisco Umbrella Rank: 34264	21 KB
5	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 4633	136 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 84 region1.google-analytics.com — Cisco Umbrella Rank: 1166	20 KB
4	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 1524 api.btloader.com — Cisco Umbrella Rank: 1711	7 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	29 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 37680	757 B
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 7113	3 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 93	54 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 51597	40 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5200 www.google.de — Cisco Umbrella Rank: 3269	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1725	1 KB
2	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 19988 cdn.firstimpression.io — Cisco Umbrella Rank: 19917	94 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	141 KB
1	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2932
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1138	42 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1441	3 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 24212	5 KB
1	ynetnews.com www.ynetnews.com — Cisco Umbrella Rank: 343906	2 KB
1	dxmcdn.com cf.dxmcdn.com — Cisco Umbrella Rank: 84162	1 KB
1	yandex.ru yandex.ru — Cisco Umbrella Rank: 1208	119 KB
1	upapi.net 1 redirects mrb.upapi.net — Cisco Umbrella Rank: 48713	546 B
393	33

	Domain	Requested by
119	ynet-images1.yit.co.il	www.vesty.co.il ynet-images1.yit.co.il
41	s0.2mdn.net	www.vesty.co.il s0.2mdn.net a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
29	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
27	www.vesty.co.il	www.vesty.co.il ynet-images1.yit.co.il
23	pagead2.googlesyndication.com	a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com tpc.googlesyndication.com
16	cdn.taboola.com	www.vesty.co.il cdn.taboola.com
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.vesty.co.il securepubads.g.doubleclick.net www.googletagservices.com
10	ib.adnxs.com	7 redirects googleads.g.doubleclick.net
8	images.taboola.com	www.vesty.co.il
6	googleads4.g.doubleclick.net	www.vesty.co.il
6	googleads.g.doubleclick.net	a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com www.vesty.co.il
6	www.googletagservices.com	securepubads.g.doubleclick.net a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
5	js.nagich.co.il	www.vesty.co.il js.nagich.co.il
5	ad.doubleclick.net	2 redirects www.vesty.co.il
5	yastatic.net	1 redirects yastatic.net
5	www.ynet.co.il	www.vesty.co.il www.ynet.co.il
4	a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.vesty.co.il
3	www.facebook.com	www.vesty.co.il static.xx.fbcdn.net
2	d.adtriba.com	1 redirects a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
2	m.exactag.com	a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com www.vesty.co.il
2	www.youtube.com	www.vesty.co.il www.youtube.com
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	api.btloader.com	mrb.upapi.net
2	www.google.com	www.vesty.co.il tpc.googlesyndication.com
2	trc.taboola.com	cdn.taboola.com
2	ad-delivery.net	www.vesty.co.il
2	www.googletagmanager.com	www.vesty.co.il www.googletagmanager.com
2	btloader.com	1 redirects www.vesty.co.il
2	totalmedia2.ynet.co.il	www.vesty.co.il
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	am-trc-events.taboola.com	cdn.taboola.com
1	www.google.de	www.vesty.co.il
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.permutive.com	cf.dxmcdn.com
1	www.googleoptimize.com	www.googletagmanager.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	trc-events.taboola.com	cdn.taboola.com
1	widgets.outbrain.com	www.vesty.co.il
1	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	ecdn.firstimpression.io	www.vesty.co.il
1	ecdn.analysis.fi	www.vesty.co.il
1	www.ynetnews.com	www.vesty.co.il
1	images1.ynet.co.il	www.vesty.co.il
1	cf.dxmcdn.com	www.vesty.co.il
1	yandex.ru	www.vesty.co.il
1	mrb.upapi.net	1 redirects
393	55

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
popup.taboola.com
www.zwilling.com
ad.doubleclick.net
info.geers.de
bit.ly
server.adform.net
trc.taboola.com
om.forgeofempires.com
ymag.ynet.co.il
www.yit.co.il

Subject Issuer	Validity	Valid
qa.vesty.co.il DigiCert SHA2 Secure Server CA	`2022-02-13` - `2023-02-15`	a year	crt.sh
*.yit.co.il Sectigo RSA Domain Validation Secure Server CA	`2021-12-19` - `2022-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
cf.dxmcdn.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
analysis.fi Amazon	`2022-11-03` - `2023-12-02`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2022-11-27` - `2023-12-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-05` - `2022-12-04`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-10-20` - `2023-01-18`	3 months	crt.sh
*.escalated.io Go Daddy Secure Certificate Authority - G2	`2022-01-03` - `2023-02-04`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.vesty.co.il/main
Frame ID: B57C7D5B7E4F8FFC4E0F8E273B2BA5BC
Requests: 238 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fvesti-502815246460949%253Ffref%253Dts%26width%3D300%26height%3D300%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dtrue%26stream%3Dfalse%26show_border%3Dtrue
Frame ID: 1D6BDC3AF9D715F42B70DA63EDA64AD7
Requests: 34 HTTP requests in this frame

Frame: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A3CDC05649C8B702AA4B63D80858DCA9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFEGpdFmISxdS0g76YtlrovjGES2LwinDXiGC7nxnPby-irjxDzmI4HVreMxuXaT4WWN9bDuZBI8WMO_PRb0g2VChpFGUYeXctgWn_cc9kGhM9Gs-R8to0yzMzf4R5HjsP0-9F9iOCrIdF3IvTYfuN2vi7lWMIsdRKcecxpaAudgDeMqpmZMVP2e0QTerZZTN5cCEozwi0Ybl7pZlk5Iqya1eGww6eABvP-BoPiCdAT0NG8jAcc7y-u1E1pFugrnvg6DTG8KZBBL9A4fA4fWFDqaZpP4m1k5K1XrQeEIFo1d3qXaRq8IqpIXvYlWUqtQdFJsOsiAW6PGg&sai=AMfl-YRUe97A8LA5xyG9Ga-RhUx8Di4x_MD1dBttvFXpyd-1V62S2OlAB8OsZbuGTQsbwy1QJme3gBE-UZ8_np9Hgk3zsZIhT-_t_ZrMT4DuUCL3AZX_AXyk07hU0BremTVdsZG9cgAfnXvabAlcHic3ug&sig=Cg0ArKJSzBpmy2As_WzQEAE&uach_m=[UACH]&adurl=
Frame ID: 620A8BA2E34428FBC459067903D0E380
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJOm-WiRBrlicgSytCeJJ-AWw29xnrtvaaex7Qa1_ucbcw10LaKRmIL4fX1prnSfdprX-ejDGY8gNCt1nbI07Otxt-ISvAjcVlsN9-hCVGo-5UWKHVzcg_JZNzYK0Aj5UW1tpN4KSpnU0bdQ8dNPwXGf3M3YOe7nuIqBW3oek-Ar8RedHqZOEsyowvEN_uAfsazfw1sqFspaxtnQ0nGfg8-n4wFg8hnSMI9JhxRLJCUFeOEhKgyAhiO150J1p0MJ0nuqC0JMdaJlVblx9yAc8o2F7hfCbaQ1mkhE5JHU248YzOw5B4eaDEcJJjm20E46sQPmeS52oxlxhbsQ&sai=AMfl-YQ2vo9cgDT5z4JP07juoUyq5XsbbbWW2pI7-x7xS8btyx1cpp2wq9G8aF5BQTEf7H_FEom5L1dZeVpkPiepiJ89Hu6Gqk9rW8x4DWgFlqiKx33KDJM7Alfn3Y69J__5BSK6d6wKrNqeCKRAfKmefA&sig=Cg0ArKJSzFz7Rc4ITOBWEAE&uach_m=[UACH]&adurl=
Frame ID: 5B385D5688156D1E0E2F70E9FAFFD7CE
Requests: 7 HTTP requests in this frame

Frame: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B779A861F47895AA2CABBFFA06E95DC
Requests: 14 HTTP requests in this frame

Frame: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CBD4B14A67D687F88E7E55344F3E852B
Requests: 15 HTTP requests in this frame

Frame: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98CA317E16EFCB3F9D06E5509E19069C
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKYVlHtYbd37zsiYW5J0bxdrqtCeeq-4KYhWWRLr_G2ipY6WUOAYGCESd-q_KGHQrK6Cv3mT2NxaXocSBZA_dBEMR9tDc2sODerX5WyOlnSVCwTbgtC0TsIZqacYjOz_VVShADTtP_GjIAbApAAStdIzXwT3QhuOVR37kvOy043zfeJP4mVIRplTu6D_1m22AcVV-v9t9unPdkaq3iF_8XRB6kTrJLBu8hP31dcZkcJ8XVX-BjvfpoQinOdkkO3UVnmyJbVfeLFh5zeglIy4VejllAsHxlu_4mLeIs1G2KfX8dl3rVVkHCdq9tXXiJqCdTkG_A6bOVIZ1fiw&sai=AMfl-YQI6u7cb6yh4W-cMFlM8Ey7CP0G5Ts_lj4FfwAUxcxc7O00ROimewBsn3XQ_PxNKItT8nsT-XAVklsqLgGWPpMSIqBOZ2M-JzDMP8-BAgvWhi0wCKc2M1m7JLGVyedR8nRt-MFNZJ-d5mf8CcIhsQ&sig=Cg0ArKJSzH5aL_TFesB2EAE&uach_m=[UACH]&adurl=
Frame ID: CFC94A923A770275FACBAE819E8B7B10
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNWUNMUtjZgLXDdy5JG1x0UkBJi0-1uMXgwZtVpcO2FMDNmVRdem_AazqEdVTQmh5pYElpozQp1miC5pLIVlbBLDuJV8En5gf1KBnD9EAPnscDtYFPc9T0VsLCIWKOGwPbcRtMlk9fVB3NBCAX5AjNWCYeHqPjuqsUrJ3jndCVZrQgJvfSw
Frame ID: 3E5A419582CC3A3C0096D5160C70D3DC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNUUgJ-qMZoYh2AoMnBHDlo5XKtuIfY6Uuqa7bmywfsoVmg-Hx6l5CvcGuExIxJPZReGLLquwYrQi-kSsl1qqy65Rocq566VZaCl501fXZ4jk5aqB0TDz5nEHiDC4w6xt-yiYaL__GNdd0fRkVHIjU_srsbh7r4cSvpZc5H576ZVOyujfh8
Frame ID: 7F0A540A14E1DFAA897AB8278B13D88C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYkp6m1AEwAQ&v=APEucNV2blzh8nroFRqZXuBYA45XARGfNOTApHktiKCE2A0CTlODXwiLGCoCBoFJnz7Bup2QNqe98UCM1TxJGSMb01eWZkl0ZY-hq3FeonQkIwAfqeipCgFGmt3GyaAwn_ugbaguSGpeI93N8Mji2g0MU5_Hge4DimwZtYcqpBCwVfW_9xbGGWg
Frame ID: 2A3FC4A31C1C5CBC1C6F7DC089A8A35E
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
Frame ID: A870C85363F20FDF835566986094883C
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
Frame ID: 04B7EF953DC0CC78A39D0BBB381CD47D
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
Frame ID: ECE37D72B3D6A64DC985701D9427960D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D0A0A32DF4BA8B9747918E7B386B85B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 625BC7EB63E42C433E09ADD65F21718C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0A120C85303EB7BBEB096A4B673D602C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 78CD00F941119A35C9174B7A8939DFE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 261D6A74DD6312C0A044437A4B3F548C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vesty | Новости Израиля | Вести Израиль

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

393
Requests

96 %
HTTPS

62 %
IPv6

33
Domains

55
Subdomains

47
IPs

8
Countries

8123 kB
Transfer

19780 kB
Size

23
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/VestyIsrael/

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbs-hero-01-a:Mid%20Homepage%20|%20Card%201:
Title: от Taboola

Search URL Search Domain Scan URL

URL: https://www.zwilling.com/de/angebote/black-friday/?utm_source=taboola&utm_medium=display&utm_campaign=all_blackfriday22_desktop_pst_csd_traffic_promo_de_de&tblci=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSDmy0IowKPstvi1l6WKAQ#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSDmy0IowKPstvi1l6WKAQ
Title: Jetzt Black Friday bei ZWILLING, spare mit dem Code BLACKFRIDAY22ZWILLING|РекламаРеклама

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N718661.2069703TABOOLA/B28680143.347829486;dc_trk_aid=539034857;dc_trk_cid=179040692;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?utm_source=taboola&utm_medium=referral&tblci=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSD96lkoxdDDsKPXn9w-#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSD96lkoxdDDsKPXn9w-
Title: Alfa Romeo Tonale HybridAlfa Romeo|РекламаРеклама

Search URL Search Domain Scan URL

URL: https://info.geers.de/kostenlosprobieren-tg-flf/?utm_source=taboola&utm_medium=display&utm_campaign=KPFLOAT_DE_GEE_ACQ_DIS_TAB_DES_STEFDI_IMG_NOV4W&utm_content=3583199409&utm_term=ynet-vesty&utm_title=Erlangen%3A+GEERS+sucht+700+Testh%C3%B6rer+vor+1972+geboren&tb_click_id=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSCDkFIomYnFkdH3iPK1AQ&_ad_placement=ynet-vesty&tblci=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSCDkFIomYnFkdH3iPK1AQ#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSCDkFIomYnFkdH3iPK1AQ
Title: Erlangen: GEERS sucht 700 Testhörer vor 1972 geborenGEERS|РекламаРеклама

Search URL Search Domain Scan URL

URL: http://bit.ly/GoVesty

Search URL Search Domain Scan URL

URL: https://server.adform.net/C/?bn=59294753;gdpr=$%7Bgdpr%7D;gdpr_consent=$%7Bgdpr_consent_50%7D&utm_source=taboola&utm_medium=referral&tblci=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSD0wVsopNKMv9rAhunmAQ#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSD0wVsopNKMv9rAhunmAQ
Title: Miele Kaffeevollautomaten

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Homepage%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ynet-vesty/log/3/click?pi=%2Fmain&ri=02d788dbb5fa6fcf16df77502b5d8245&sd=v2_5f040f9aef89f21094fe868dfaadbe0e_ba64f561-c2e5-48b5-9473-8764e5005e89-tucta7cc6b6_1669546294_1669546294_CIi3jgYQyYtDGKT42sXLMCABKAEwODib4wlAgooQSL--2QNQpewQWABgAGjm_N3wkuqitRNwAA&ui=ba64f561-c2e5-48b5-9473-8764e5005e89-tucta7cc6b6&it=text&ii=~~V1~~7792310254498971021~~5mTDHS_wqlRcZfvA98lXNayOUKwoPwycgP-mG14CcCPTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RK7QAGO75slbf6KJpKENutSTEwbsyOhnoL14xNgAfrPHQXrq_yGm0iYSOWxWR7ktMaYLHPO0kTjnpTyLtFK3LI5KbRPKCmlAGXLwfo1uZWJ-Q&pt=home&li=rbox-h2v&sig=e23e491232ff023f181f26b877009909be3c8c299d9a&redir=https%3A%2F%2Fserver.adform.net%2FC%2F%3Fbn%3D59294753%3Bgdpr%3D%24%257Bgdpr%257D%3Bgdpr_consent%3D%24%257Bgdpr_consent_50%257D%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSD0wVsopNKMv9rAhunmAQ%23tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSD0wVsopNKMv9rAhunmAQ&vi=1669546294308&p=pilothamburggmbhcokg-mielekaffee-sc&r=70&lti=visibility_test_2_var&ppb=CNwD&cpb=Em8yMDIyMTEyMi0xNV9iMS1QUi01MDUwOC1ERVYtMTIyODA5LXJib3gtZml4LXZpc2liaWxpdHktcmVwb3J0aW5nLWFmdGVyLTFzLWJ1dC1ub3QtaGF2aW5nLTUwLXZpc2libGUtYzdhYmZiZTYyOTEY2Kj4LyAAKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDExNTiAivyKBUCb4wlIgooQUL--2QNYpewQYwiVNRDURhgyZGMI1xYQ1R8YI2RjCO3__________wEQ7f__________ARgTZGMIyi4QkT4YM2RjCMEyEP9CGCRkYwjs__________8BEOz__________wEYFGRjCPn__________wEQ-f__________ARgHZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwiZNxDASRgKZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAd3t1NwBkAEcmAHA-NrFyzA&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de22&&external_param=3577549124&pid=ynet-vesty&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Ff871bc9a287a101882c44fb3baa82cd7.png&tblci=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSDJqD8onqiq1pPJvskH#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSDJqD8onqiq1pPJvskH
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=exchange-thumbs-feed-01-new:Below%20Homepage%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/ynet-vesty/log/3/click?pi=%2Fmain&ri=f3f36028e7c9394fa3fec77bae06215d&sd=v2_5f040f9aef89f21094fe868dfaadbe0e_ba64f561-c2e5-48b5-9473-8764e5005e89-tucta7cc6b6_1669546294_1669546294_CIi3jgYQyYtDGKT42sXLMCABKAEwODib4wlAgooQSL--2QNQpewQWABgAGjm_N3wkuqitRNwAA&ui=ba64f561-c2e5-48b5-9473-8764e5005e89-tucta7cc6b6&it=text&ii=~~V1~~-5706783564621160526~~yv4AVFVH8iEjzC5WgG0n-cBvRTgMC2PCTWbSK-gpWgPTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lStQk6jaQcGGDUiGnTk93_4FS8qr-f53vDbiQQMMys26sPEBa0oxGA5MyFVgn73N7M_PzuA4EW4DjzY1dJqyxhIf8YVa_aih0Hd9xSMh8rGWRVlcehfkdpMhhAW2tjFOyraqATpoq6MeWoH4GRgQc25ZN3hJ7KKP1X9uogLtcG4h97eOaAdlcLTgaAQKb66iN&pt=home&li=rbox-h2v&sig=c01f68d3f99fe74f660c639ba70df80071acd8daee28&redir=https%3A%2F%2Fom.forgeofempires.com%2Ffoe%2Fde%2F%3Fref%3Dtab_de_de22%26%26external_param%3D3577549124%26pid%3Dynet-vesty%26bid%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Ff871bc9a287a101882c44fb3baa82cd7.png%26tblci%3DGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSDJqD8onqiq1pPJvskH%23tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSDJqD8onqiq1pPJvskH&vi=1669546294308&p=innogamesforgeofempiressc&r=53&lti=visibility_test_2_var&ppb=CH8&cpb=Em8yMDIyMTEyMi0xNV9iMS1QUi01MDUwOC1ERVYtMTIyODA5LXJib3gtZml4LXZpc2liaWxpdHktcmVwb3J0aW5nLWFmdGVyLTFzLWJ1dC1ub3QtaGF2aW5nLTUwLXZpc2libGUtYzdhYmZiZTYyOTEY2Kj4LyAAKhlhbS50YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmM0MDExNTiAivyKBUCb4wlIgooQUL--2QNYpewQYwiVNRDURhgyZGMI1xYQ1R8YI2RjCO3__________wEQ7f__________ARgTZGMIyi4QkT4YM2RjCMEyEP9CGCRkYwjs__________8BEOz__________wEYFGRjCPn__________wEQ-f__________ARgHZGMI0gMQ4AYYCGRjCJYUEJgcGBhkYwiZNxDASRgKZGMI9BQQnh0YH2RjCKQnEIM1GC9keAGAAQKIAd3t1NwBkAEcmAHA-NrFyzA&cta=true
Title: Jetzt spielen

Search URL Search Domain Scan URL

URL: https://ymag.ynet.co.il/kedma/?utm_source=taboola&utm_medium=exchange&tblci=GiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSCmzUEowsn9iezAyulh#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSCmzUEowsn9iezAyulh

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N297201.2069703TABOOLA/B28360616.343678768;dc_trk_aid=535112177;dc_trk_cid=176040241;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?https://www.ionos.de/smb/use-case-2/verkaufen-im-onlinebusiness?utm_source=taboola&utm_medium=native-advertising&utm_campaign=DIS-DE-MIX-MIXX-TAB-CON-SMB_ContentActivation_Desktop---&utm_term=DIS-DE-MIX-MIXX-TAB-CON-SMB_ContentActivation_Desktop-first_sale--&utm_content=DIS-DE-MIX-MIXX-TAB-CON-SMB_ContentActivation_Desktop---&ac=OM.PU.PUo55K426585T7073a&itc=JGSXAO1E-5ICVBT-L122D9V#tblciGiAlnSkKfwJxxEwr8h_q8kleLWjGKJHxmuywuZE98yZitSCamFgoyYfrx5fOzJo0
Title: ionos.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/ru/?template=colorbox&utm_source=ynet-vesty&utm_medium=referral&utm_content=organic-thumbs-feed-01-c-left:Below%20Homepage%20Thumbnails%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.yit.co.il/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
https://btloader.com/tag?w=5732901039636480&upapi=true

Request Chain 10

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 239

https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CMyY286YzvsCFYnuuwgdepYOzA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il

Request Chain 240

https://ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/B28680143.347829486;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/B28680143.347829486;dc_pre=CK-W286YzvsCFUh-4AodL5MHhg;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il

Request Chain 295

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1

Request Chain 296

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4NBN1u-gADxzetEZRPPrQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1

Request Chain 298

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1

Request Chain 300

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4NBN1u-gADxzetEZRPPrQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPKDcLbE-rZ140gbleoQNH8%26google_cver%3D1

Request Chain 302

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

Request Chain 303

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1

Request Chain 304

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4NBN1u-gADxzetEZRPPrQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1

Request Chain 305

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1

Request Chain 306

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

Request Chain 333

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347634703&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

393 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request main Show response
www.vesty.co.il/ 216 KB
50 KB 76ms
15ms Document
text/html 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/main

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

3649435a40194f5315dcd5dcaa05c7755216c9bc6ae2b4066a0f3b180fe140f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 50872
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 10:51:33 GMT
Last-Modified: Sun, 27 Nov 2022 10:43:21 GMT
OSV: c8
V-TTL: 30
VX-Cache: HIT
Vary: Accept-Encoding
WAI: 01
X-Frame-Options: SAMEORIGIN
X-me: ${S_HOSTNAME}
X-version: V3
backend-cache-control: s-maxage=900
vg_id: 2

GET
H2 200 vesty.64d196992966b7a6f5031b8a69717461.css
ynet-images1.yit.co.il/Common/frontend/site/prod/ 659 KB
155 KB 45ms
15ms Stylesheet
text/css 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b561bfa244697b8ab4dc84d418433e008320813e1db67c0001fa71467597f6f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 12:47:11 GMT
server: Microsoft-IIS/10.0
age: 361908
access-control-allow-methods: GET,POST
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 158791
x-llid: 4b8ce0173ec6b0d269c3e7e08567386e
expires: Fri, 23 Dec 2022 06:19:45 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 79ms
24ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 704 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Nov 2022 10:51:33 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
ynet-images1.yit.co.il/Common/Api/Scripts/ 86 KB
36 KB 39ms
9ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/Api/Scripts/jquery-3.4.1.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 08:04:02 GMT
server: Microsoft-IIS/10.0
age: 330435
access-control-allow-methods: GET,POST
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 37032
x-llid: 5289d2da2ce481141b11f78ebf996bf1
expires: Fri, 23 Dec 2022 15:04:18 GMT

GET
H/1.1 200
OK gpt_script_yns_ynv.js Show response
totalmedia2.ynet.co.il/new_gpt/vesty/ 97 KB
21 KB 82ms
54ms Script
application/x-javascript 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dc3d45106d24333353604d863e28084cf0a66e99d9d4e155eacafbb6ae95f5fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 09:44:46 GMT
Server: AkamaiNetStorage
ETag: "35f958c8dbdcf725db1fe025b04d17f5:1609917348.719687"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 20834

GET
H/1.1 200
OK ynv_templates.js Show response
totalmedia2.ynet.co.il/gpt/ynv/ 110 KB
44 KB 97ms
69ms Script
application/x-javascript 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Feb 2019 09:15:22 GMT
Server: AkamaiNetStorage
ETag: "0d986196c56347b4af883296acc3ef7f:1549530922"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ynet-vesty/ 687 KB
50 KB 30ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4880589e30cc8bd6457393dce0afbf184761f4c173c3a5be54c6d64015cfcdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: jveWVFyrypMlUb5IFb4ewYq9hYGaRVJZ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:33 GMT
x-amz-request-id: 8QPYGGHNN7SPD7G7
age: 3322
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 12
content-length: 50205
x-amz-id-2: g/IOHzuERZ/TP9PFlw5yjWZDYPwcnX/S5oKDuQn5bE28ck/JkEEzorrFe3oyIICHwKJ7HLMfmLo=
x-served-by: cache-hhn4057-HHN
last-modified: Sun, 27 Nov 2022 08:24:34 UTC
server: nginx
x-timer: S1669546294.701477,VS0,VE1
etag: "e35e6b07cf17cab361e0e96e2ed7f2767488149a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 11
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://mrb.upapi.net/code?w=5732901039636480&uponit=true
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
https://btloader.com/tag?w=5732901039636480&upapi=true

15 KB
6 KB

25ms
24ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c1c250227d7dc898cd6b3883f01f86c4bdd6aaeb99c46e235ac9ecdacff259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 27 Nov 2022 10:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 764
etag: W/"299acf31b6ef1d92e649986c51104bb5"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUs4rlKexUMuAwoEMdvxTX1DMCgUHrOIu5UiC021XihvvoSPoA%2FxqTxqI%2FUp0ktyc5Q928Nronh%2FcTgfIzEIAzKk%2B4k2fWNbzMXudhq8%2FDX0DxtYYALuRPdJ7efqtGOdzHUtlrIdJhhSFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 770a4f30a88191d8-FRA

Redirect headers

date: Sun, 27 Nov 2022 10:51:33 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 515
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeDlS6G3el3%2B82n%2BSN3VGKMUxd6SDTnrnK6dKobIk7sTUCTLnt3GqQXnBhaDIH3mvpw0xuAb00ivfzGOTbf3x35Y0EwSfRtJYCNMgfyHWVP6W0co6YB1l%2Ft2zxoZos75bnaJptbEwaX0hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?w=5732901039636480&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 770a4f30782091d8-FRA

GET
H2 200 vendors-widgets.81738138db7fbf06462f.js Show response
ynet-images1.yit.co.il/Common/frontend/site/prod/ 2 MB
668 KB 8ms
7ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 92a85f93f18ea572688b8fd7b5c5ff1b9e69c4a61464d72764d833c42dc41c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 12:47:08 GMT
server: Microsoft-IIS/10.0
age: 274918
access-control-allow-methods: GET,POST
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 683776
x-llid: 6ed871f59d16ff931b1f381b21a1eb1e
expires: Sat, 24 Dec 2022 06:29:35 GMT

GET
H2 200 widgets.9a96e33e36ddbeb309c9.js Show response
ynet-images1.yit.co.il/Common/frontend/site/prod/ 3 MB
629 KB 8ms
7ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/widgets.9a96e33e36ddbeb309c9.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 18e3e5a436c079aedceaa2ad41862438a6b9daa7e1411a6fa85664381dde2a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 12:47:12 GMT
server: Microsoft-IIS/10.0
age: 427732
access-control-allow-methods: GET,POST
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 643064
x-llid: ae422d223790a6c827714411ddd99582
expires: Thu, 22 Dec 2022 12:02:41 GMT

GET
H2 200 YitVideo.js Show response
www.ynet.co.il/Common/Api/Scripts/ 68 KB
17 KB 58ms
15ms Script
application/javascript 2a02:26f0:3500:88f::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 62b6987d45b03c5af619443ee3a7ac8707e097df093fd770b61ed95ad071f9ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 13:32:55 GMT
etag: "1cf9d919bef9d81:0"
vary: Accept-Encoding
content-type: application/javascript
vx-cache: MISS
cache-control: private, max-age=1651275
wai: 02
accept-ranges: bytes
v-ttl: 0
content-length: 17592
expires: Fri, 16 Dec 2022 13:32:48 GMT

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

448 KB
119 KB

180ms
67ms

Script
text/javascript

2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

12ed8aa0e9ecccd60202cc5c966b654c6330ac29be05f7d51ae1b67d96a3bb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1669546293813246-4634410126767406962-vla1-3844-vla-l7-balancer-8080-BAL-4220
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 27 Nov 2022 11:51:33 GMT

Redirect headers

date: Sun, 27 Nov 2022 10:51:33 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H2 200 vestywb.js Show response
cf.dxmcdn.com/dta/ 2 KB
1 KB 324ms
250ms Script
application/javascript 2600:9000:20eb:4000:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/vestywb.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2436d29de150accd2c12d8d0d9573a1a9eb737cf7d3367399c0cb16373350ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront)
date: Sat, 26 Nov 2022 22:26:04 GMT
last-modified: Tue, 08 Jun 2021 14:35:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 44958
etag: W/"a435da4401729d31985da618671fc2cc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Bmm0BSVTwOcfPpUXFo6EOsYcbVU46-u7GFAa8VTQ7TlEIyzpok4d3A==

GET
H2 200 2.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2019/09/08/H12UofG8r/ 7 KB
7 KB 8ms
7ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2019/09/08/H12UofG8r/2.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fb408a3f4c5c7ba9cd3672310df56a5a9a5f6e9fa36e73e20b54c643614f0af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 08 Sep 2019 06:12:06 GMT
server: Microsoft-IIS/10.0
age: 338643
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7051
x-llid: 57595755061cee204dc7556ede9c9232
expires: Fri, 23 Dec 2022 12:47:31 GMT

GET
H/1.1 200
OK logo-menu_vesti.png
www.vesty.co.il/images/ynetnewsresp/ 3 KB
3 KB 9ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/logo-menu_vesti.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5d46a3aec6cdde85198eef50041bf346ecf8dc3b5a06e03329da7998f475143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Sun, 16 Oct 2022 00:58:17 GMT
ETag: "0128c803c30d21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2739
V-TTL: 0

GET
H2 200 1230.png
www.ynet.co.il/Cnt/Images/Weather/ 740 B
955 B 111ms
83ms Image
image/png 2a02:26f0:3500:88f::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynet.co.il/Cnt/Images/Weather/1230.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4ac4bba0aba4ecc5214737c59ad1bc793f8e32a0befabd240048b84ddd3a530c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 13 Nov 2022 21:30:55 GMT
etag: "48ae6b31d827d41:0"
content-type: image/png
vx-cache: MISS
cache-control: private, max-age=1420650
wai: 01
accept-ranges: bytes
content-length: 740
v-ttl: 0
expires: Tue, 13 Dec 2022 21:29:04 GMT

GET
H/1.1 200
OK nagishot.png
www.vesty.co.il/images/ 2 KB
2 KB 38ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/nagishot.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d819ca91e194a55f3763ce322ba88e7447cac67fbe81d85872045a1432db5b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Fri, 18 Nov 2022 13:45:11 GMT
ETag: "5a34512025ccd41:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1719
V-TTL: 0

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/ 1 KB
2 KB 34ms
6ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8550ea63cdf2144d6663541355a2c22d39d55092bff6bb559b33b5596269aa34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 489100
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1461
x-llid: b249409d41c16781c3048a006edc38a0
expires: Wed, 21 Dec 2022 18:59:54 GMT

GET
H/1.1 200
OK mivzakim_menu_item.png
www.vesty.co.il/images/ynetnewsresp/ 22 KB
23 KB 71ms
25ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/ynetnewsresp/mivzakim_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b81870c09e4546205428647dffb99435bfaeea2a481b8932dfd37b76a0654b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Sun, 23 Oct 2022 12:13:50 GMT
ETag: "02b2552e30d21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 02
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22778
V-TTL: 0

GET
H2 200 comments_menu_item_200x200_RGB.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/ 5 KB
6 KB 43ms
16ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/comments_menu_item_200x200_RGB.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: dc4506aa970b6143b290a9fc2109bd70ccf4d1782428aedf2591b40f1434ef82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 15:17:54 GMT
server: Microsoft-IIS/10.0
age: 434710
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5365
x-llid: e5eb0954666421baee2c39d48e6d6066
expires: Thu, 22 Dec 2022 10:06:24 GMT

GET
H2 200 money_menu_item.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/ 1 KB
1 KB 34ms
7ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/money_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2e13e2b9a9478f68c39346a7155b90321b2fb8a865eb8804781a75815b004d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 338644
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1165
x-llid: 7fab9e943b8d9dbe27a74f44a09ffc84
expires: Fri, 23 Dec 2022 12:47:30 GMT

GET
H2 200 community_menu_item.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/ 22 KB
23 KB 35ms
8ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/community_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 37053f01142cbe1f55a25ba58d820579027647a4da0794209783b3dd609078cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 434710
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22990
x-llid: e88fbd89e2a8d6f01ea3ef929f319b20
expires: Thu, 22 Dec 2022 10:06:24 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/ 23 KB
23 KB 79ms
52ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b759a63aa4d7af11cf52d9e2a1910662595a3b59fc1a4b8b5e5644c39f74e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 482833
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23041
x-llid: ccb3dac88f29313035b3f37e1caac430
expires: Wed, 21 Dec 2022 20:44:21 GMT

GET
H2 200 ______.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/ 22 KB
22 KB 38ms
11ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e97600804f99d9b0a37ca25349cafea3ca90c75498a4967afbdc616f7133059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 338644
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22734
x-llid: 137f6477e105e58a4daee54383cd596c
expires: Fri, 23 Dec 2022 12:47:30 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/ 1 KB
2 KB 34ms
8ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1cc6304316c75c71feb79060ebcbdaec27b18b67a1d6fafffa7881a9655e65fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 434710
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1454
x-llid: 908b1af31aa75cd47db1992dd3f3017a
expires: Thu, 22 Dec 2022 10:06:24 GMT

GET
H2 200 ______.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/ 1 KB
2 KB 43ms
16ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 62d3dc98c507a16e8dc5d9815eee29add7bfce141c25b844e0f6d57afd1cdd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 434708
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1397
x-llid: ad4d8c7469fc22fab76e6229749ee24a
expires: Thu, 22 Dec 2022 10:06:26 GMT

GET
H2 200 ____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/ 22 KB
23 KB 35ms
9ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e1c563384b96de069dbd94b764088e9c6b4cb6031b393d8ffa775e5b44e7b781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 434710
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22866
x-llid: e364a7c5db37c83cba19374f5ddbecf1
expires: Thu, 22 Dec 2022 10:06:24 GMT

GET
H2 200 ______.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/ 22 KB
23 KB 37ms
11ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e92539e06df96dc2373cc3cdfe2fc0bddb434cdcbdd6216def27ed76f916408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:47 GMT
server: Microsoft-IIS/10.0
age: 358470
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22853
x-llid: 94afb242d19e81560eda8ca3b971127d
expires: Fri, 23 Dec 2022 07:17:04 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/ 23 KB
23 KB 41ms
15ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f2fb2516957cf9e8fcba382836cd3f5ca0b6dae9446611e577b2d1dbb10ce95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 338644
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23090
x-llid: 0755c8d0b55708e8cd726eaca056a71b
expires: Fri, 23 Dec 2022 12:47:30 GMT

GET
H2 200 _____.png
ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/ 1 KB
1 KB 41ms
16ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: bfac01f1e0a8417d76b572c6c01e3459e4b026c3cddbeb12a335bc033adb9a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 12 Feb 2020 14:01:48 GMT
server: Microsoft-IIS/10.0
age: 434708
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1178
x-llid: 67c6bb12875ccbe906680408cfa784ef
expires: Thu, 22 Dec 2022 10:06:26 GMT

GET
H/1.1 200
OK currency_ruble.png
www.vesty.co.il/images/ 251 B
531 B 71ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/currency_ruble.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 738b9cd36fe5bcf159ab463801ed5f9791d64629cb7b51defcc7061485a98500

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Fri, 21 Oct 2022 19:11:10 GMT
ETag: "053fe4eb94fd21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 251
V-TTL: 0

GET
H/1.1 200
OK currency_dollar.png
www.vesty.co.il/images/ 316 B
596 B 73ms
12ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/currency_dollar.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0016393da9ef1a445e63bc833c3806423336f0c85926cb3035cdd55fdc702052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Sun, 16 Oct 2022 19:25:19 GMT
ETag: "0ded2d1b84fd21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
V-TTL: 0

GET
H/1.1 200
OK currency_euro.png
www.vesty.co.il/images/ 331 B
611 B 71ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/currency_euro.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e248d1f1d1cd34170a12a1a6577c78ad6ded463820430e30620c37c3ace79f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Sat, 29 Oct 2022 06:41:43 GMT
ETag: "0c9ae5fb94fd21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 331
V-TTL: 0

GET
H/1.1 200
OK mainsearch_sep.png
www.vesty.co.il/images/ 118 B
398 B 31ms
15ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/mainsearch_sep.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e89e9cf76acc420ce8014fb5752eb639a3ddab8b5683f523a13ed1f9bca122bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Fri, 21 Oct 2022 23:35:18 GMT
ETag: "809e52bb5f2cf1:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 02
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 118
V-TTL: 0

GET
H/1.1 200
OK rssIconVesty.png
www.vesty.co.il/images/ 2 KB
2 KB 43ms
29ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/rssIconVesty.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 55f7554cc7b33c97e2cda88237977f58ee7bdec0006d1db1579f9debe8321bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Tue, 25 Oct 2022 19:57:03 GMT
ETag: "08817210e8d21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 03
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1698
V-TTL: 0

GET
H/1.1 200
OK emailVestyIcon.png
www.vesty.co.il/images/ 1 KB
1 KB 250ms
232ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/emailVestyIcon.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d4bef38d102f950ca16ac71a8fb77eac9840c6bbbd85cd1fc43ce12578ff8ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Fri, 18 Nov 2022 15:46:10 GMT
ETag: "095808b3046d21:0"
Content-Type: image/png
VX-Cache: HIT
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217
V-TTL: 874

GET
H/1.1 200
OK faceVesty.png
www.vesty.co.il/images/ 2 KB
2 KB 28ms
15ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/faceVesty.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3da550d33721ae136835c223328e06a02f9377a1415d16869bbff8360b699f8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 24 Aug 2022 04:02:42 GMT
ETag: "805caa162a46d21:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1904
V-TTL: 0

GET
H/1.1 200
OK 1230.png
www.vesty.co.il/Cnt/Images/Weather/ 740 B
1020 B 29ms
16ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/Cnt/Images/Weather/1230.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4ac4bba0aba4ecc5214737c59ad1bc793f8e32a0befabd240048b84ddd3a530c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Mon, 21 Nov 2022 02:56:19 GMT
ETag: "48ae6b31d827d41:0"
Content-Type: image/png
VX-Cache: HIT
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 740
V-TTL: 1

GET
H2 200 S17WYvyPo_0_302_3000_1688_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/S17WYvyPo/ 112 KB
112 KB 41ms
17ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/S17WYvyPo/S17WYvyPo_0_302_3000_1688_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: bba3c1ed2ff6c383c0600b2c76bd2d001df3c26c3f5002966f4ec54914d64eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 09:36:00 GMT
server: Microsoft-IIS/10.0
age: 4505
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 114646
x-llid: bd86b7a7ee6b82766dcacdb18defd679
expires: Tue, 27 Dec 2022 09:36:29 GMT

GET
H2 200 BkXWGXCIs_123_0_728_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BkXWGXCIs/ 98 KB
98 KB 82ms
58ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BkXWGXCIs/BkXWGXCIs_123_0_728_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8998df8a63ed0f8ba73793ac630c120cf5c575e535f88d93aa14602526b333cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 08:53:03 GMT
server: Microsoft-IIS/10.0
age: 7060
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 99999
x-llid: 24c012e623065c9fede2ff0067dc13df
expires: Tue, 27 Dec 2022 08:53:54 GMT

GET
H2 200 rytdTHCrj_1302_91_1699_1120_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/13/rytdTHCrj/ 13 KB
14 KB 73ms
49ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/13/rytdTHCrj/rytdTHCrj_1302_91_1699_1120_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 016b77c03bfe182b8073e11381d7bb5520f80ef823d61bd47602b8b541f2686c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 10:33:19 GMT
server: Microsoft-IIS/10.0
age: 1000
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13584
x-llid: 26f8192632c692a20e0aa4b8d3274c40
expires: Tue, 27 Dec 2022 10:34:54 GMT

GET
H2 200 BJos383o5_0_184_2016_1329_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/07/13/BJos383o5/ 16 KB
16 KB 82ms
59ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/07/13/BJos383o5/BJos383o5_0_184_2016_1329_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8384d2d648438d8f64ddb9b79177042f72fa515897354d046d0f0d5d7bf621db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 10:08:38 GMT
server: Microsoft-IIS/10.0
age: 2520
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16272
x-llid: fb63a7d38c7ae042e2655e0ccf309464
expires: Tue, 27 Dec 2022 10:09:34 GMT

GET
H2 200 HJ00IY29St_0_0_500_330_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/10/18/HJ00IY29St/ 24 KB
25 KB 74ms
50ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/10/18/HJ00IY29St/HJ00IY29St_0_0_500_330_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4952317dbd95b98f51594e4030f3ec23900d9b3bb501d50e09928127f1d02f08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 09:49:17 GMT
server: Microsoft-IIS/10.0
age: 3671
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 24984
x-llid: 9d624ee447e89146139ca820fe15d6f0
expires: Tue, 27 Dec 2022 09:50:23 GMT

GET
H2 200 H1Mxb7SXw_0_0_500_330_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/08/27/H1Mxb7SXw/ 20 KB
21 KB 75ms
51ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/08/27/H1Mxb7SXw/H1Mxb7SXw_0_0_500_330_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 65408ab3bcd5f77832ac9d0be849e7cb7ec418d5d7ce46b9c452c32b78c2c221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 26 Oct 2022 05:56:56 GMT
server: Microsoft-IIS/10.0
age: 179450
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20826
x-llid: a898fec2a88b83418a94f69a0d519b52
expires: Sun, 25 Dec 2022 09:00:44 GMT

GET
H2 200 8583931_0_0_1093_720_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2018/06/10/8583931/ 10 KB
10 KB 75ms
52ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2018/06/10/8583931/8583931_0_0_1093_720_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b304e1cae3388fb99554905bc4b8acb1cd3c28217b74ec8d9effb301893c849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:48:55 GMT
server: Microsoft-IIS/10.0
age: 18101
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10103
x-llid: ee94530bb941f22a07222c06919ccac2
expires: Tue, 27 Dec 2022 05:49:53 GMT

GET
H2 200 8583931_0_0_1093_720_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2018/06/10/8583931/ 66 KB
66 KB 77ms
55ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2018/06/10/8583931/8583931_0_0_1093_720_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9de7f60db798ad4bb03f406a9c1ab0eb4a7ae4c1182572161d0e608c0634adb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 07:46:09 GMT
server: Microsoft-IIS/10.0
age: 11074
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 67246
x-llid: 87ee20c0062662f2e11759075dc026e7
expires: Tue, 27 Dec 2022 07:47:00 GMT

GET
H2 200 HyeZlERbGj_0_101_1000_563_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/09/28/HyeZlERbGj/ 6 KB
7 KB 84ms
61ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/09/28/HyeZlERbGj/HyeZlERbGj_0_101_1000_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8263feb69af1064f3198bca035f45dd590afa147500310f826da0ad3c7178c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:52:54 GMT
server: Microsoft-IIS/10.0
age: 17814
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6382
x-llid: 1684d6bc31ad5f9ac34ae3b95e6d4c6e
expires: Tue, 27 Dec 2022 05:54:40 GMT

GET
H2 200 Sy9IRelDs_83_0_728_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/Sy9IRelDs/ 12 KB
12 KB 78ms
55ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/Sy9IRelDs/Sy9IRelDs_83_0_728_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 24f3e8be1c01c35430c72d53ed4c2c4b587349b5ddeef0acf860150d18522868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:35:21 GMT
server: Microsoft-IIS/10.0
age: 18916
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11783
x-llid: 334d789cc40a89e60259b7a65ea5e456
expires: Tue, 27 Dec 2022 05:36:18 GMT

GET
H2 200 HyNf33ywi_123_0_728_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/HyNf33ywi/ 16 KB
17 KB 75ms
53ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/HyNf33ywi/HyNf33ywi_123_0_728_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 913e6aeadf5845369a71ce21634068e11de45bab3e06d311df348cf2693f75a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 20:53:01 GMT
server: Microsoft-IIS/10.0
age: 50262
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16772
x-llid: 5ee01ee196f521c612951854287bd1f0
expires: Mon, 26 Dec 2022 20:53:52 GMT

GET
H2 200 H1BO00oJ5Li_183_98_761_501_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/H1BO00oJ5Li/ 16 KB
16 KB 75ms
53ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/H1BO00oJ5Li/H1BO00oJ5Li_183_98_761_501_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: aa467d7d858d1ea11f5ab2d7dfd688edb739533becd1337d3a7b68a6414f1b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 15:18:06 GMT
server: Microsoft-IIS/10.0
age: 70383
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 15915
x-llid: 71bfb19acfa6d4ff665b543a0adec18e
expires: Mon, 26 Dec 2022 15:18:31 GMT

GET
H2 200 H1N9g7xGO_0_0_1280_720_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/02/21/H1N9g7xGO/ 6 KB
6 KB 82ms
60ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/02/21/H1N9g7xGO/H1N9g7xGO_0_0_1280_720_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: ee604394532caefef0370eb9f9a16b6ae24b1b206d31e2c2a4adbdf7b1d8c6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 13:47:18 GMT
server: Microsoft-IIS/10.0
age: 75601
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6206
x-llid: fb271b3f60344c18d89a43cb21785ad2
expires: Mon, 26 Dec 2022 13:51:33 GMT

GET
H2 200 ByFxjyAHw_0_26_1300_798_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/09/27/ByFxjyAHw/ 12 KB
12 KB 73ms
51ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/09/27/ByFxjyAHw/ByFxjyAHw_0_26_1300_798_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b3e3b07b23a2b54d76706fb529133b3e8dd83cab740d40a3b11be103c6b2af42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 15:18:54 GMT
server: Microsoft-IIS/10.0
age: 70332
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12454
x-llid: 42f750fb74a8a62528aba0c915e114d0
expires: Mon, 26 Dec 2022 15:19:22 GMT

GET
H2 200 rywRf3kp5_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/07/28/rywRf3kp5/ 6 KB
6 KB 73ms
52ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/07/28/rywRf3kp5/rywRf3kp5_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0b5643d26d01cdd2f502a877252f473d362bf546c8584f6b765ef0f4438b1fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 28 Jul 2022 06:56:55 GMT
server: Microsoft-IIS/10.0
age: 186843
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5689
x-llid: 0e9412bdcd74bcbb4200c3fb972b6fbf
expires: Sun, 25 Dec 2022 06:57:31 GMT

GET
H2 200 rJSXYenH59_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/06/26/rJSXYenH59/ 6 KB
6 KB 72ms
51ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/06/26/rJSXYenH59/rJSXYenH59_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: a04d2bd54f657fe4f656aa6bf305fff2ccd0bf48724dc694420d49a2dc5cf8e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 10 Jul 2022 07:22:35 GMT
server: Microsoft-IIS/10.0
age: 1740475
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6356
x-llid: 33aff881f3a854cca9280eaeb702f979
expires: Wed, 07 Dec 2022 07:23:39 GMT

GET
H2 200 rkcowHg95_0_0_625_138_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/06/22/rkcowHg95/ 20 KB
20 KB 75ms
54ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/06/22/rkcowHg95/rkcowHg95_0_0_625_138_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9f9601a8a22316b5e779726fed7c902ff7ac1a9d7930bdf8855314f332e668e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 22 Jun 2022 07:46:19 GMT
server: Microsoft-IIS/10.0
age: 702265
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20637
x-llid: 6f98178d0d1e76258f9adb96d0a74f90
expires: Mon, 19 Dec 2022 07:47:09 GMT

GET
H2 200 rk13HHe75_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/rk13HHe75/ 9 KB
9 KB 74ms
53ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/03/29/rk13HHe75/rk13HHe75_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 93aae7c061382138a7ec0b3d7e0689235d9975725214c0f167737ae94acf7ca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 29 Mar 2022 08:51:35 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8920
x-llid: 47dd41272cde11d6ce3e9850bfa391c0
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 ByNTDf8Nq_2_262_1279_785_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/04/15/ByNTDf8Nq/ 16 KB
16 KB 82ms
61ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/04/15/ByNTDf8Nq/ByNTDf8Nq_2_262_1279_785_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4d55eead6a0169c36b3642cf5fecf934f49b718e7c4c1425e9dd66e854798755

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 10:09:27 GMT
server: Microsoft-IIS/10.0
age: 2515
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16048
x-llid: 32e5da418836cabc96a18b97cb3b0a31
expires: Tue, 27 Dec 2022 10:09:39 GMT

GET
H2 200 ByNTDf8Nq_2_262_1279_785_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/04/15/ByNTDf8Nq/ 83 KB
83 KB 78ms
58ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/04/15/ByNTDf8Nq/ByNTDf8Nq_2_262_1279_785_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1fd94e175b5127d3acfbd7ce7374954bc24f58f9ef8121ab585f50041f2ce8f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 10:09:27 GMT
server: Microsoft-IIS/10.0
age: 2515
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 84732
x-llid: 969c0554fdf46ed1f57e496f1d082b90
expires: Tue, 27 Dec 2022 10:09:39 GMT

GET
H2 200 SkdIlKMIs_0_210_1280_721_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/16/SkdIlKMIs/ 11 KB
12 KB 77ms
57ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/16/SkdIlKMIs/SkdIlKMIs_0_210_1280_721_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d89d5a8715a14affc082fea8f107899a28432a05fec2f5190d607ee324e804fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 06:57:53 GMT
server: Microsoft-IIS/10.0
age: 13895
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11550
x-llid: 8731535bd382b0455e25d66c3fb13e44
expires: Tue, 27 Dec 2022 06:59:59 GMT

GET
H2 200 7445426_0_0_1300_732_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2016/12/12/7445426/ 7 KB
7 KB 76ms
56ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2016/12/12/7445426/7445426_0_0_1300_732_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0bee4c9e7d95bff09cdb62f99827e332dfb6e986a30ec3d32894e55f4b7107d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 22 Nov 2022 08:21:00 GMT
server: Microsoft-IIS/10.0
age: 440744
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6848
x-llid: 799bf5520a55f41297c75ddb0afb48a7
expires: Thu, 22 Dec 2022 08:25:50 GMT

GET
H2 200 7066349_0_0_1921_1080_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2016/06/13/7066349/ 12 KB
12 KB 39ms
19ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2016/06/13/7066349/7066349_0_0_1921_1080_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7b0c5a7e99fc34a3f01ed2fbf6c15c3c385307d671b05b58237359214dc68e99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 15:05:48 GMT
server: Microsoft-IIS/10.0
age: 157538
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12080
x-llid: 7c6c8abd94fd4ddeafd5d7a6f95e4df3
expires: Sun, 25 Dec 2022 15:05:56 GMT

GET
H2 200 rJcd5Rp8i_0_454_720_405_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/rJcd5Rp8i/ 13 KB
13 KB 39ms
19ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/rJcd5Rp8i/rJcd5Rp8i_0_454_720_405_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9397b8cde68ae4c9eae42daae2c7380f3a4c36220e4850ee583ee97c9dad0c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 06:18:31 GMT
server: Microsoft-IIS/10.0
age: 189080
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13261
x-llid: 5f91ead3c817617f2f76b931d164d209
expires: Sun, 25 Dec 2022 06:20:14 GMT

GET
H2 200 HJ6ubBmht_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/01/05/HJ6ubBmht/ 7 KB
8 KB 40ms
20ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/01/05/HJ6ubBmht/HJ6ubBmht_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2ef9e4403c0feb424778d6c77af1d5783fe8c31e720938b5a0a79599a4c29696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 06 Jan 2022 11:45:00 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7509
x-llid: f689c8d0f195383a10b3a29f1699bdc0
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 S1DyekbKt_0_1_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/11/28/S1DyekbKt/ 8 KB
8 KB 40ms
21ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/11/28/S1DyekbKt/S1DyekbKt_0_1_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7eb3ac194a04bde86dc6b5065f6471cfc52103a20028c5a5e9b72545ad3b2c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 20 Jun 2022 07:47:40 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8001
x-llid: 99b220d7dbce969465ee8f5f7953b740
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 rk00mQDmov_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/12/01/rk00mQDmov/ 27 KB
28 KB 40ms
21ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/12/01/rk00mQDmov/rk00mQDmov_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: cc106ba0afcdd9264bc897deb19a78b1ed31dce1117e90c94dcf54c561678bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 07 Apr 2021 10:31:51 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 27979
x-llid: faf2cb903d01b81adf047d02c22c35f8
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 H1DbBaFrd_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/04/06/H1DbBaFrd/ 24 KB
25 KB 41ms
22ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/04/06/H1DbBaFrd/H1DbBaFrd_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: fb1010591986c7ad06bc80fa234bc51fa2a362ff0309723acc9f94d25a98dd63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 04 May 2021 09:49:50 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 24906
x-llid: 76cc609ddd989a2deb8322cbf5a25008
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 S1ECkiexw_0_0_2042_375_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/07/18/S1ECkiexw/ 7 KB
7 KB 42ms
24ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/07/18/S1ECkiexw/S1ECkiexw_0_0_2042_375_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f18c7c1c9909695dffff15d16d31e2f3055a01696e946f2700ed3bb246382c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 29 Dec 2020 07:07:02 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7197
x-llid: 07810c46958aa7ceb430f441c35649d6
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 H1CvseXot_0_0_300_66_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/12/24/H1CvseXot/ 12 KB
12 KB 46ms
28ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/12/24/H1CvseXot/H1CvseXot_0_0_300_66_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1aead1520a37b98565359b49261d2d513cefe2c6df0a1e7bdb023b46df01d537

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 26 Dec 2021 08:52:57 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12261
x-llid: 61f314c5e2f243f25772ab53a0379c06
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 ryYodUpUF_0_0_300_110_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/11/01/ryYodUpUF/ 37 KB
38 KB 50ms
32ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/11/01/ryYodUpUF/ryYodUpUF_0_0_300_110_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e2453a88dfee45b4bef3383d2c78c09186840cf04ae4d1e359390dbb72c0a4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 01 Nov 2021 12:10:09 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 38197
x-llid: 8118d8e29fe6586d10544de7e4cecd44
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 ByBMFC1wj_0_0_850_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/ByBMFC1wj/ 13 KB
13 KB 50ms
32ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/ByBMFC1wj/ByBMFC1wj_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6df6d48d0e35371970c99da551fbef58e2c0c54de93243a98e42f2a1ddfb69c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:50:11 GMT
server: Microsoft-IIS/10.0
age: 16540
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13288
x-llid: 62879182cc036c826ea5833c06288bf4
expires: Tue, 27 Dec 2022 06:15:54 GMT

GET
H2 200 ByBMFC1wj_0_0_850_479_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/ByBMFC1wj/ 48 KB
49 KB 50ms
32ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/ByBMFC1wj/ByBMFC1wj_0_0_850_479_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 02667aa3bd07697317268811a1e06d552af7f188eac4412afe75cdcadc918ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 04:57:59 GMT
server: Microsoft-IIS/10.0
age: 20837
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 49352
x-llid: b89fa30237ee20c505fa813a41c7a7b1
expires: Tue, 27 Dec 2022 05:04:17 GMT

GET
H2 200 rJx2vny6Nj_0_40_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/10/31/rJx2vny6Nj/ 15 KB
15 KB 51ms
34ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/10/31/rJx2vny6Nj/rJx2vny6Nj_0_40_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c0fa62ff2fb1c6a0df76b6e66ccdcf47f1a77c459e843540b5d1b02e7ea3505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 06:43:15 GMT
server: Microsoft-IIS/10.0
age: 101247
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 15304
x-llid: f8a6720abeb47a188ee172ca577e6e8d
expires: Mon, 26 Dec 2022 06:44:07 GMT

GET
H2 200 S1MS5QZLo_0_0_1320_880_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/15/S1MS5QZLo/ 17 KB
17 KB 52ms
34ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/15/S1MS5QZLo/S1MS5QZLo_0_0_1320_880_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 811f51799efb8dad8ace1c59f5de2b6e51e4216665af9461898b4b6ce42bfe6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 09:16:52 GMT
server: Microsoft-IIS/10.0
age: 178343
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16931
x-llid: 2e2a4adbac31cb595a4127f14fd4eacb
expires: Sun, 25 Dec 2022 09:19:11 GMT

GET
H2 200 rkPL2Lc5ri_0_77_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/10/rkPL2Lc5ri/ 12 KB
12 KB 79ms
62ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/10/rkPL2Lc5ri/rkPL2Lc5ri_0_77_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b69fb0fd0c3b54b066414688628f5df5a1b242ac75f42b5b27b6f08d293160a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 04:52:12 GMT
server: Microsoft-IIS/10.0
age: 193113
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12080
x-llid: 7211d51170b0d70efcdba96636e6b968
expires: Sun, 25 Dec 2022 05:13:01 GMT

GET
H2 200 r12R4uw8yi_0_230_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/08/26/r12R4uw8yi/ 16 KB
16 KB 52ms
35ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/08/26/r12R4uw8yi/r12R4uw8yi_0_230_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7be3f93a947032ead2533412ecf067e904b3547fe2251dbbc456c0d96ce32df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 12:15:39 GMT
server: Microsoft-IIS/10.0
age: 253999
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16412
x-llid: 5b16d11da0d70bc8139d818b575d080f
expires: Sat, 24 Dec 2022 12:18:15 GMT

GET
H2 200 HymRrSM4w_0_0_300_120_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/09/06/HymRrSM4w/ 40 KB
40 KB 52ms
35ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/09/06/HymRrSM4w/HymRrSM4w_0_0_300_120_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f2a73be472ecf03df32c0a5e5d36190529830c988675b5be31a8e79d15639fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 22 Dec 2020 17:40:58 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 40655
x-llid: 45af53ca9dbf7cca14f7a3a1cecb93bd
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 SyZSUskk5_0_4_500_282_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/02/08/SyZSUskk5/ 32 KB
33 KB 80ms
63ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/02/08/SyZSUskk5/SyZSUskk5_0_4_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8565f8971d59afce1dc8380e08b8fcd9b83a7083d6b8b5bd38aae6ce293ce1cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 10 Feb 2022 16:14:12 GMT
server: Microsoft-IIS/10.0
age: 1235252
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 33256
x-llid: 369e5cba6eea3dc9630b491689cab92d
expires: Tue, 13 Dec 2022 03:44:02 GMT

GET
H2 200 BkH3SoF2K_1_0_980_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/01/10/BkH3SoF2K/ 20 KB
20 KB 52ms
36ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/01/10/BkH3SoF2K/BkH3SoF2K_1_0_980_551_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 366779676004418787e9ec5c31f55d5a6446199dd1fc7310d6ffef10c864cf97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 14 Jan 2022 13:29:21 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20068
x-llid: 2ef52bdcc2511e5e45eafe7257fe8043
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 9813805_0_63_640_360_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/02/27/9813805/ 18 KB
19 KB 53ms
36ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/02/27/9813805/9813805_0_63_640_360_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 38edeadf2ecc3a24cf531e245de9470510ebb5cd3efa34bf9d539bf5a98e6f8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 30 Jun 2021 13:22:36 GMT
server: Microsoft-IIS/10.0
age: 1235252
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18681
x-llid: c2fc0a0429daebca66cca16aa26e46c2
expires: Tue, 13 Dec 2022 03:44:02 GMT

GET
H2 200 SJZ4uAaAP_0_0_980_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/01/14/SJZ4uAaAP/ 20 KB
20 KB 53ms
37ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/01/14/SJZ4uAaAP/SJZ4uAaAP_0_0_980_551_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 674578c38ff08214f62f4ea0e46fa7b5b936554bfe5b26ef5926c235be8bd088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 15 Jan 2021 12:36:50 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20225
x-llid: 554cef6250a49fdda56899fc82a7f229
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 HJS4TEacv_0_0_500_375_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/11/26/HJS4TEacv/ 225 KB
225 KB 53ms
37ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/11/26/HJS4TEacv/HJS4TEacv_0_0_500_375_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 1c62b11af11f2be4eda6712d1279e4cbe2a8a25f02050ffc8f7d02ebb3f6ee27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 24 Feb 2021 20:25:02 GMT
server: Microsoft-IIS/10.0
age: 1235252
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 229904
x-llid: 0ada690ebc230d662c1c6e8e84e10dbd
expires: Tue, 13 Dec 2022 03:44:02 GMT

GET
H2 200 Skbfdq6IZw_1_132_980_582_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/08/04/Skbfdq6IZw/ 18 KB
18 KB 53ms
37ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/08/04/Skbfdq6IZw/Skbfdq6IZw_1_132_980_582_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 3b7309744ad5853f506edb9354e4d3dd672153284f38b1ae92c2c08a5410657d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 02 Dec 2020 06:01:18 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18241
x-llid: ab25240e2a6fce1758737e978d416e71
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 SJPWSrGNP_0_248_1125_633_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/09/06/SJPWSrGNP/ 10 KB
11 KB 54ms
38ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/09/06/SJPWSrGNP/SJPWSrGNP_0_248_1125_633_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 141c84ef67068f649c2fe2af34d4051e3e4e100e5725b35c021643d19a0ff02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 02 Dec 2020 06:01:13 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10609
x-llid: 7cd396c47f7db1c3d7a9da5ef491d204
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 By2exjq2I_0_0_2042_1148_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/06/07/By2exjq2I/ 14 KB
14 KB 54ms
39ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/06/07/By2exjq2I/By2exjq2I_0_0_2042_1148_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 118a3dd1ef084c64c8009edddbbc259f57cb41c79ea6274afa43a0f8f9def78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 02 Dec 2020 06:01:14 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14338
x-llid: a2716dd8386ee42813f5d271d0dced93
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 ByfOKa7jI_0_1_980_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/05/21/ByfOKa7jI/ 65 KB
65 KB 54ms
39ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/05/21/ByfOKa7jI/ByfOKa7jI_0_1_980_551_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2ba18611f8e8fe9e8bb7181b28400147ca3192f4ec702f7bf0f98757468843c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 02 Dec 2020 06:01:11 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 66533
x-llid: 0b024f421f83c65b51380db534e8401a
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 rJRMgiEkP_0_36_500_282_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/07/09/rJRMgiEkP/ 16 KB
17 KB 79ms
63ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/07/09/rJRMgiEkP/rJRMgiEkP_0_36_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 43b7e084089678e9daeaf79e1893db33e7d29ef097e8f7f9c1f337f392f2265d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 06:37:48 GMT
server: Microsoft-IIS/10.0
age: 15176
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16845
x-llid: 922d2f85c8eedb564b662a3e8e740d2d
expires: Tue, 27 Dec 2022 06:38:38 GMT

GET
H2 200 rJRMgiEkP_0_36_500_282_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/07/09/rJRMgiEkP/ 16 KB
17 KB 79ms
64ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/07/09/rJRMgiEkP/rJRMgiEkP_0_36_500_282_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 43b7e084089678e9daeaf79e1893db33e7d29ef097e8f7f9c1f337f392f2265d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 06:37:48 GMT
server: Microsoft-IIS/10.0
age: 15176
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16845
x-llid: cf1abbb0ecfd609ecb7aef36c30cd806
expires: Tue, 27 Dec 2022 06:38:38 GMT

GET
H2 200 HJ00IY29St_0_0_500_282_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/10/18/HJ00IY29St/ 22 KB
22 KB 79ms
64ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/10/18/HJ00IY29St/HJ00IY29St_0_0_500_282_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: ceea7f36965ca2f13039ba4edea7c1c7cba5b224916d819f7833f73dad74e723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 07:10:53 GMT
server: Microsoft-IIS/10.0
age: 12608
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22497
x-llid: 1fa478811b5ced29996830fae79bb474
expires: Tue, 27 Dec 2022 07:21:26 GMT

GET
H2 200 9733717_0_0_1000_563_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/01/21/9733717/ 9 KB
10 KB 79ms
65ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/01/21/9733717/9733717_0_0_1000_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 30e1e1d33b62566b6f3c89eebeeb185997643c6a91e1fdce3083a603576c8f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 22 Nov 2022 08:33:45 GMT
server: Microsoft-IIS/10.0
age: 440182
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9715
x-llid: 63d120c995fefab4fe7f390993880f3a
expires: Thu, 22 Dec 2022 08:35:12 GMT

GET
H2 200 S1fWzMxTIi_0_0_2048_1153_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/24/S1fWzMxTIi/ 18 KB
18 KB 80ms
66ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/24/S1fWzMxTIi/S1fWzMxTIi_0_0_2048_1153_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: abae23f621043a092e981e98c86d0a36a5571f23891a8f13f3c46bc8d55df089

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 15:59:09 GMT
server: Microsoft-IIS/10.0
age: 240696
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18472
x-llid: 126b5c12d4faf107be748901449fc6ef
expires: Sat, 24 Dec 2022 15:59:58 GMT

GET
H2 200 rJeBalnLo_0_0_850_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/23/rJeBalnLo/ 90 KB
90 KB 54ms
40ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/23/rJeBalnLo/rJeBalnLo_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d39d98dcfcc958b0045a6aac8bfe17d28afaf249a0f567b72998140eb0e82a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 23 Nov 2022 20:19:43 GMT
server: Microsoft-IIS/10.0
age: 311393
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 91658
x-llid: 72c5de7ba830f988157ea6bdf03aa11f
expires: Fri, 23 Dec 2022 20:21:41 GMT

GET
H2 200 BkbPwKrA8i_0_127_961_540_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BkbPwKrA8i/ 9 KB
9 KB 80ms
66ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BkbPwKrA8i/BkbPwKrA8i_0_127_961_540_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7e73a4f6b285389945ee8c7dc8489186a60e1e05fefd44ed39362d1f2183275f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 19:44:47 GMT
server: Microsoft-IIS/10.0
age: 140704
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9219
x-llid: 585f40ff82ce8625f2565dbdc7468047
expires: Sun, 25 Dec 2022 19:46:30 GMT

GET
H2 200 BkbPwKrA8i_0_127_961_540_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BkbPwKrA8i/ 69 KB
69 KB 81ms
67ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BkbPwKrA8i/BkbPwKrA8i_0_127_961_540_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: a3fdb0fc14e53dfccf40a70ebd4bbdd124c6234cc556f8cad25fa395d787b7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 19:46:30 GMT
server: Microsoft-IIS/10.0
age: 140656
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 70555
x-llid: c8f432f83a729c4d4f2a371c4b8cf337
expires: Sun, 25 Dec 2022 19:47:18 GMT

GET
H2 200 H18uWSwf8j_0_0_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/16/H18uWSwf8j/ 7 KB
8 KB 82ms
68ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/16/H18uWSwf8j/H18uWSwf8j_0_0_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9cca851b32120fcd364ca06660d60714ce8e5ba532ed32b7f2ce503cee7ac2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 09:38:41 GMT
server: Microsoft-IIS/10.0
age: 90700
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7405
x-llid: 05822075f13d21644ad4c7ae1efc66a4
expires: Mon, 26 Dec 2022 09:39:54 GMT

GET
H2 200 rkG2Djn8j_0_0_850_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/24/rkG2Djn8j/ 85 KB
86 KB 83ms
69ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/24/rkG2Djn8j/rkG2Djn8j_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 752d586dc5ea8b7da2cf19aef56b66c6515c2ded7b7cb4b16843163773a4c166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 09:06:14 GMT
server: Microsoft-IIS/10.0
age: 265478
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 87366
x-llid: e3b1aff6fb3c1f04adda4803c3d137f4
expires: Sat, 24 Dec 2022 09:06:56 GMT

GET
H2 200 r1g6vlXero_0_114_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/02/r1g6vlXero/ 4 KB
4 KB 83ms
69ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/02/r1g6vlXero/r1g6vlXero_0_114_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d54f49f811681dbafa6ae1b0abe2baf318e1d5d0c7e77491f0a38e4c7727ef81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 08:38:12 GMT
server: Microsoft-IIS/10.0
age: 180775
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4192
x-llid: c56927139e657f193be11e8ed624c37e
expires: Sun, 25 Dec 2022 08:38:39 GMT

GET
H2 200 4038356_114_42_834_470_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2012/07/12/4038356/ 11 KB
11 KB 83ms
70ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2012/07/12/4038356/4038356_114_42_834_470_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 998eecacb60099ced55ad36ed26f11195b9743dc7d93dce4c05167469c2e1bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 14:02:17 GMT
server: Microsoft-IIS/10.0
age: 246923
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11229
x-llid: 0c358deab4e81baddd03e0bf31ebe1e8
expires: Sat, 24 Dec 2022 14:16:11 GMT

GET
H2 200 ByIZhIWMj_0_97_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/09/28/ByIZhIWMj/ 7 KB
7 KB 98ms
84ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/09/28/ByIZhIWMj/ByIZhIWMj_0_97_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: d899ccc4a094466de3ee05e38895242206e793ed2e6b43656849c559907c21b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 28 Sep 2022 19:29:29 GMT
server: Microsoft-IIS/10.0
age: 6370
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7040
x-llid: e57573e631089737894dc9b10c7d9bf7
expires: Tue, 27 Dec 2022 09:05:24 GMT

GET
H2 200 HJyWB6SQK_0_0_850_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/09/20/HJyWB6SQK/ 73 KB
73 KB 83ms
70ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/09/20/HJyWB6SQK/HJyWB6SQK_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: b64fd0cdb93fca43e09ea43029256f3e804d59759fc49630e93d1d5e705848c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 21 Sep 2021 08:56:29 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 74787
x-llid: 54c9940c3ca411bd122c6ccb27482b07
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 HkgnuKZY3O_0_0_1921_1080_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/06/30/HkgnuKZY3O/ 33 KB
34 KB 84ms
71ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/06/30/HkgnuKZY3O/HkgnuKZY3O_0_0_1921_1080_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: dcb1769f7eb29d9bf646fd491694eab8d43b9e8dbe83480d55207bdd2c1ab126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 30 Jun 2021 10:25:58 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 34177
x-llid: 457d8bacdc22bd71601d8bd54b01e5e4
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 SJegbyZCsd_0_0_1280_720_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/06/21/SJegbyZCsd/ 7 KB
7 KB 84ms
71ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/06/21/SJegbyZCsd/SJegbyZCsd_0_0_1280_720_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 5d537a4d64fa02ad51b8141332fefde0cbaae44b8200c43913751e9e64592281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 22 Jun 2021 08:43:43 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6697
x-llid: 55d101cb6a60531d7f03e33258faa923
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 HyeZlERbGj_0_101_1000_563_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/09/28/HyeZlERbGj/ 32 KB
33 KB 52ms
40ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/09/28/HyeZlERbGj/HyeZlERbGj_0_101_1000_563_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 5f564d4e49a3bf12304677ca4d9f94b3f760fc9ea139a05618af4886d137acd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:59:06 GMT
server: Microsoft-IIS/10.0
age: 17473
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 33248
x-llid: e48773e06c88253f09844d400f2d56dc
expires: Tue, 27 Dec 2022 06:00:21 GMT

GET
H2 200 HJl28xi7Ii_0_154_1242_699_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/17/HJl28xi7Ii/ 8 KB
8 KB 96ms
84ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/17/HJl28xi7Ii/HJl28xi7Ii_0_154_1242_699_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 70bc7e8fbdb99b0e8333b0fc8292fc4661d01327f2998f6872d781f6cd59356d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 21 Nov 2022 12:15:18 GMT
server: Microsoft-IIS/10.0
age: 513181
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8216
x-llid: 20eaab55e6c2326a3583b37c8c6a3dfa
expires: Wed, 21 Dec 2022 12:18:33 GMT

GET
H2 200 HyvX8qDUi_0_0_2000_1125_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/20/HyvX8qDUi/ 6 KB
6 KB 52ms
40ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/20/HyvX8qDUi/HyvX8qDUi_0_0_2000_1125_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6dc573261f23fb7cec50d10b4a28dde3660fb13aebb3c30a18c4811307c2d4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 21 Nov 2022 08:07:57 GMT
server: Microsoft-IIS/10.0
age: 527518
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6351
x-llid: 11772df629cfe9cb4b97fe99d2b5b5df
expires: Wed, 21 Dec 2022 08:19:36 GMT

GET
H2 200 S1wpWRoLj_31_15_926_521_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/23/S1wpWRoLj/ 13 KB
13 KB 84ms
72ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/23/S1wpWRoLj/S1wpWRoLj_31_15_926_521_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 9282f5f0d6e35dc972ca1d6e9dd93706ee7d5c54ad442d841d2573c38b20459e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 23 Nov 2022 17:03:06 GMT
server: Microsoft-IIS/10.0
age: 323012
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13098
x-llid: a87d47c617b8dc310c536671e4f51270
expires: Fri, 23 Dec 2022 17:08:02 GMT

GET
H2 200 BytHwosLo_0_40_1000_563_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/23/BytHwosLo/ 13 KB
13 KB 84ms
72ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/23/BytHwosLo/BytHwosLo_0_40_1000_563_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: df2475b34ea49d6548e68781fd787984d6d857e1edb64b58ead19af0c88834df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 23 Nov 2022 14:02:43 GMT
server: Microsoft-IIS/10.0
age: 333872
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13010
x-llid: 737add6a757058c75627f518787ff3db
expires: Fri, 23 Dec 2022 14:07:02 GMT

GET
H2 200 HkiBFdkwj_0_0_850_479_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/HkiBFdkwj/ 15 KB
15 KB 85ms
73ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/HkiBFdkwj/HkiBFdkwj_0_0_850_479_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 7c6af8c526cd3a43ab60854951a8242537c47b71cc27506224394693593e047c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 11:35:48 GMT
server: Microsoft-IIS/10.0
age: 83726
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 15353
x-llid: 16b68267b5d27e1c04a2bc616655cbfb
expires: Mon, 26 Dec 2022 11:36:08 GMT

GET
H2 200 HkiBFdkwj_0_0_850_479_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/HkiBFdkwj/ 82 KB
83 KB 52ms
40ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/HkiBFdkwj/HkiBFdkwj_0_0_850_479_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e7c2ba8ee7f8c9732127791c0af7f8542eb742189f7c133a37ec0f91506480ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 11:43:26 GMT
server: Microsoft-IIS/10.0
age: 83229
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 84464
x-llid: 5416943ef8eb8a75f38c1888b151b971
expires: Mon, 26 Dec 2022 11:44:25 GMT

GET
H2 200 ByFxjyAHw_0_92_1300_732_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/09/27/ByFxjyAHw/ 12 KB
12 KB 86ms
74ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/09/27/ByFxjyAHw/ByFxjyAHw_0_92_1300_732_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d375c088fe5edceffe6852ba17e2639339c7f91a99f2d653c84fc2c9aa74348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 12:43:00 GMT
server: Microsoft-IIS/10.0
age: 79679
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11908
x-llid: fe9c4de25f3f905ae2bc5a9db9d581c9
expires: Mon, 26 Dec 2022 12:43:35 GMT

GET
H2 200 BJLMmWC8j_223_0_1044_587_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BJLMmWC8j/ 12 KB
12 KB 86ms
75ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/BJLMmWC8j/BJLMmWC8j_223_0_1044_587_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 358b4c2bc2ff1c98c5e75a041ddd3cb4abeba9d3f461acfe3b95c627ca5a3e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 25 Nov 2022 13:58:38 GMT
server: Microsoft-IIS/10.0
age: 161481
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12054
x-llid: a75d9a5c928c45731680e0ebc1e6d317
expires: Sun, 25 Dec 2022 14:00:13 GMT

GET
H2 200 BkKSSk68i_22_1_744_418_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/24/BkKSSk68i/ 107 KB
107 KB 87ms
75ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/24/BkKSSk68i/BkKSSk68i_22_1_744_418_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2013acee4c440c6356cc8d98990e956750b48b68fd56823b741d353d82c5f341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 18:15:00 GMT
server: Microsoft-IIS/10.0
age: 232481
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 109532
x-llid: fc65d7ae1412a978e4c31c9b98b0c063
expires: Sat, 24 Dec 2022 18:16:53 GMT

GET
H2 200 7359707_0_0_980_552_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2016/11/02/7359707/ 18 KB
18 KB 88ms
77ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2016/11/02/7359707/7359707_0_0_980_552_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 38c833266654605601adc1c5b265157d520f8b9775383f7a2dfde6a6b85b9780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 08:42:28 GMT
server: Microsoft-IIS/10.0
age: 266668
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18448
x-llid: 354b83fa10376bebc20dd450e71433ba
expires: Sat, 24 Dec 2022 08:47:06 GMT

GET
H2 200 SkJnR3eUu_0_0_500_333_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/04/11/SkJnR3eUu/ 40 KB
40 KB 89ms
78ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/04/11/SkJnR3eUu/SkJnR3eUu_0_0_500_333_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0f6d069ba4d434d13fa047412280d51baa1ae1d16f9da719716753bdcdea6ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 01 May 2022 18:34:56 GMT
server: Microsoft-IIS/10.0
age: 1235252
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 40805
x-llid: 03655be28064dd64d6d24016e73397a1
expires: Tue, 13 Dec 2022 03:44:02 GMT

GET
H2 200 SJ0XNur800_48_330_913_514_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/04/15/SJ0XNur800/ 22 KB
23 KB 89ms
78ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/04/15/SJ0XNur800/SJ0XNur800_48_330_913_514_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 252aaf79a9e0cade2d691e567f7afd04b93fdc690df56bf7ece6b9690395b6e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 18 Apr 2021 10:42:09 GMT
server: Microsoft-IIS/10.0
age: 1235268
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22826
x-llid: 1331921b95529bec07aeadbff6d6ac9a
expires: Tue, 13 Dec 2022 03:43:46 GMT

GET
H2 200 H1Hpfk5SO_0_0_980_552_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2021/04/06/H1Hpfk5SO/ 13 KB
13 KB 90ms
79ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2021/04/06/H1Hpfk5SO/H1Hpfk5SO_0_0_980_552_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e65c31133f95471be272c8fdcd63ecdc3c489f7ddff92ca1f7a81e547dd09589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 01 May 2022 18:35:40 GMT
server: Microsoft-IIS/10.0
age: 1235268
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13231
x-llid: 5ada2fe58f1f4559b13955902a37b307
expires: Tue, 13 Dec 2022 03:43:46 GMT

GET
H2 200 H1xmWaUAK_7_56_1324_746_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/02/01/H1xmWaUAK/ 18 KB
18 KB 90ms
79ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/02/01/H1xmWaUAK/H1xmWaUAK_7_56_1324_746_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 09ac8ea119cbed16f5beadbc0f9264d0d9eb1b8c154459db6828d22f008ab4a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 07 Feb 2022 18:41:15 GMT
server: Microsoft-IIS/10.0
age: 1235268
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18060
x-llid: 70e4aa52e5757b13525ec89457bcb359
expires: Tue, 13 Dec 2022 03:43:46 GMT

GET
H2 200 rkGyC3KTv_0_0_980_551_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2020/12/30/rkGyC3KTv/ 35 KB
36 KB 91ms
80ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2020/12/30/rkGyC3KTv/rkGyC3KTv_0_0_980_551_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 017548d3f15c9368a68936c5429db26e02796e75873c3a834b33f4bf2dcd2acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 03 Jan 2021 20:19:06 GMT
server: Microsoft-IIS/10.0
age: 1235268
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 36265
x-llid: 9bb11a7a5f402c2e3ed33f4d18445b66
expires: Tue, 13 Dec 2022 03:43:46 GMT

GET
H2 200 7792289_0_436_1850_1039_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2017/05/20/7792289/ 13 KB
13 KB 91ms
80ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2017/05/20/7792289/7792289_0_436_1850_1039_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 76e4769c77c0216fca6021da45e170b8c024efeff279f79907f18f237855a2dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 01 Dec 2020 15:09:53 GMT
server: Microsoft-IIS/10.0
age: 1235268
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13316
x-llid: 53ae541191b3d6db3233b65e96fd0cd4
expires: Tue, 13 Dec 2022 03:43:46 GMT

GET
H2 200 H1BO00oJ5Li_0_70_1200_675_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/H1BO00oJ5Li/ 14 KB
15 KB 91ms
81ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/H1BO00oJ5Li/H1BO00oJ5Li_0_70_1200_675_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: c76e2af2500b3a3234346e50de6a5e349ab765b2e28232d75792f86cb4324ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 15:11:36 GMT
server: Microsoft-IIS/10.0
age: 70624
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14666
x-llid: 003b9b3969ee73b96209907a0f8c58f7
expires: Mon, 26 Dec 2022 15:14:30 GMT

GET
H2 200 H1BO00oJ5Li_0_70_1200_675_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/H1BO00oJ5Li/ 103 KB
103 KB 92ms
82ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/H1BO00oJ5Li/H1BO00oJ5Li_0_70_1200_675_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 73a3fdb7e55ca9443679b0c78d1cf850cbc8d5baee05f5cb2fbe18a1c3da8ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 15:11:36 GMT
server: Microsoft-IIS/10.0
age: 70449
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 105031
x-llid: cd035465a2f110d3ee000bfb721b932b
expires: Mon, 26 Dec 2022 15:17:25 GMT

GET
H2 200 HkrhZqkw5_0_114_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/05/16/HkrhZqkw5/ 7 KB
7 KB 92ms
82ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/05/16/HkrhZqkw5/HkrhZqkw5_0_114_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 797a32714b7b358cce4ae7a79d60412b0107d5606cab8d49884a72811ce112dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 24 Nov 2022 06:46:36 GMT
server: Microsoft-IIS/10.0
age: 273842
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7221
x-llid: aa7b1b5cd650914a3d52f5ba059e54bb
expires: Sat, 24 Dec 2022 06:47:32 GMT

GET
H2 200 B1J3I3O8o_66_0_727_409_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/21/B1J3I3O8o/ 10 KB
10 KB 94ms
84ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/21/B1J3I3O8o/B1J3I3O8o_66_0_727_409_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 047a9ce403f5c99ce5a62cdc5f171bd018a7524bdb40508b991c0818d08b6930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 23 Nov 2022 12:13:39 GMT
server: Microsoft-IIS/10.0
age: 340382
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10170
x-llid: 1d5f7c1b42d86069989d85622fc33463
expires: Fri, 23 Dec 2022 12:18:32 GMT

GET
H2 200 B111ityFq8o_0_227_1600_901_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/B111ityFq8o/ 10 KB
10 KB 95ms
85ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/B111ityFq8o/B111ityFq8o_0_227_1600_901_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 38631374aeeb8a8af2dfa93d29fb928b2f023904d968abbc401ad33d817a40c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 22 Nov 2022 19:39:27 GMT
server: Microsoft-IIS/10.0
age: 400201
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9857
x-llid: 6d365cd239be6029db09d9e92cda086d
expires: Thu, 22 Dec 2022 19:41:33 GMT

GET
H2 200 BJzWAFpOIs_0_457_961_540_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/21/BJzWAFpOIs/ 10 KB
10 KB 92ms
82ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/21/BJzWAFpOIs/BJzWAFpOIs_0_457_961_540_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8a5dfeefb54a0d7f4034c83fd72fd88fc2b9eeb749d1b92d35a761928fc79407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 21 Nov 2022 11:31:29 GMT
server: Microsoft-IIS/10.0
age: 515923
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9967
x-llid: c6a460b4b51d6c81d203553203091dfb
expires: Wed, 21 Dec 2022 11:32:51 GMT

GET
H2 200 DOAR_ADOM_A.gif
images1.ynet.co.il//PicServer5/2019/05/13/9242159/ 9 KB
9 KB 61ms
13ms Image
image/gif 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ynet.co.il//PicServer5/2019/05/13/9242159/DOAR_ADOM_A.gif
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 13 May 2019 09:21:28 GMT
server: Microsoft-IIS/10.0
etag: "b27baa3e6d9d51:0"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=1216019
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9053
expires: Sun, 11 Dec 2022 12:38:33 GMT

GET
H2 200 8378662_0_0_465_264_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2018/03/01/8378662/ 27 KB
27 KB 95ms
85ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2018/03/01/8378662/8378662_0_0_465_264_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8e1568d7ac8e890ad66d0d6f47b3801c0ab5ea66a2fd7f0d3215c33943626027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 02 Dec 2020 06:01:13 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 27289
x-llid: 52df570e51b45e2c6f121416f3643aea
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 8081108_0_0_183_103_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2017/10/10/8081108/ 8 KB
9 KB 96ms
87ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2017/10/10/8081108/8081108_0_0_183_103_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 58eb6039ba4cf05d9af866ee663ee3c48a5c81d4ff2a648b7f1aab46fa150fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Wed, 02 Dec 2020 06:01:16 GMT
server: Microsoft-IIS/10.0
age: 1235281
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8657
x-llid: 2749d4913b6d86cba0496d7d2d083d05
expires: Tue, 13 Dec 2022 03:43:33 GMT

GET
H2 200 H1bNBZlvs_0_0_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/ 12 KB
12 KB 100ms
77ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/H1bNBZlvs_0_0_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b862ad8d490559b37103ad2dd3c914073d6a13aa81ed9cd2ef8205753376d44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:09:38 GMT
server: Microsoft-IIS/10.0
age: 20507
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11792
x-llid: e0e25d52731a4e7dd618331174edf944
expires: Tue, 27 Dec 2022 05:09:47 GMT

GET
H2 200 H1bNBZlvs_0_0_3000_1688_0_x-large.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/ 94 KB
95 KB 100ms
78ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/H1bNBZlvs_0_0_3000_1688_0_x-large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 713de754c3a7cc1dacd4c001c5ff41e3d693ef0d3ab633c5d0b59c8a9b115b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 05:09:38 GMT
server: Microsoft-IIS/10.0
age: 20507
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 96619
x-llid: 3ad3193c0f28d64c5c8453202a6fff13
expires: Tue, 27 Dec 2022 05:09:47 GMT

GET
H2 200 rJTzHZJEIj_0_269_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/17/rJTzHZJEIj/ 13 KB
13 KB 102ms
79ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/17/rJTzHZJEIj/rJTzHZJEIj_0_269_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 939f2861ff23094b6ba90ae0002c62f49da08c6359735dda6959e781e942e94c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 20 Nov 2022 12:13:16 GMT
server: Microsoft-IIS/10.0
age: 599675
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13353
x-llid: 44c6d88d932a5b706680947635c9f7f1
expires: Tue, 20 Dec 2022 12:16:59 GMT

GET
H2 200 r1dE9elPo_0_0_3000_2000_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/r1dE9elPo/ 18 KB
19 KB 100ms
78ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/r1dE9elPo/r1dE9elPo_0_0_3000_2000_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 43f3dc398082108e0f834b28e030129e907d638f89f8afeb532760102c432484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 21:11:49 GMT
server: Microsoft-IIS/10.0
age: 49184
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18942
x-llid: a13ffc460f0f9e2a4a996ffaadf8a9b6
expires: Mon, 26 Dec 2022 21:11:50 GMT

GET
H2 200 BJfmT6yPo_0_23_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/BJfmT6yPo/ 13 KB
14 KB 108ms
80ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/BJfmT6yPo/BJfmT6yPo_0_23_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 6dfd2e20bf43dcecc0dab12281a86bbc3dfde6730bb7fce26e977450c251b7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 18:04:07 GMT
server: Microsoft-IIS/10.0
age: 60430
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13740
x-llid: d93f7e4a728a37244a18c6d8a6d4aeab
expires: Mon, 26 Dec 2022 18:04:24 GMT

GET
H2 200 r1DV5qyPi_0_119_3000_1688_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/r1DV5qyPi/ 15 KB
15 KB 109ms
81ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/r1DV5qyPi/r1DV5qyPi_0_119_3000_1688_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: c11ff825e313163e17e5e7b8520b82fff5926d4be86c44fa0ea9b7dbc9468216

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sat, 26 Nov 2022 15:11:36 GMT
server: Microsoft-IIS/10.0
age: 70624
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14939
x-llid: 7177fd6064d4c91808e8060e3cd8494b
expires: Mon, 26 Dec 2022 15:14:30 GMT

GET
H2 200 tap.jpg
ynet-images1.yit.co.il/PicServer5/2022/07/11/11551895/ 48 KB
48 KB 106ms
79ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/PicServer5/2022/07/11/11551895/tap.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: e343a167a61b47cce4999369e2bd2720c556335b1af118747732c4df838fdb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 11 Jul 2022 10:16:05 GMT
server: Microsoft-IIS/10.0
age: 1548151
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 49093
x-llid: 8601ffc96a9b4057e5033ac955c2dd88
expires: Fri, 09 Dec 2022 12:49:03 GMT

GET
H2 200 tap.jpg
ynet-images1.yit.co.il/picserver5/2021/08/10/10880200/ 23 KB
23 KB 107ms
79ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/2021/08/10/10880200/tap.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f4b0e1c8bcdff24cdf97abdd440078596dbfa6a512d5dd5957ee9b5cc105543c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 10 Aug 2021 09:59:12 GMT
server: Microsoft-IIS/10.0
age: 1983721
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23541
x-llid: 178f15e7f18659e356078d24af047289
expires: Sun, 04 Dec 2022 11:49:33 GMT

GET
H2 200 tap.jpg
ynet-images1.yit.co.il/PicServer5/2021/03/22/10609613/ 39 KB
39 KB 108ms
68ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/PicServer5/2021/03/22/10609613/tap.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f73f5f2107e43c76096806e6bee7233eb5a1974fc158905ce1fabd1f3a2e124c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 22 Mar 2021 15:13:37 GMT
server: Microsoft-IIS/10.0
age: 1889134
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 39807
x-llid: a971cba802a7ef85afc7295e4bb13dd3
expires: Mon, 05 Dec 2022 14:06:00 GMT

GET
H2 200 8823658_0_0_465_264_0_medium.jpg
ynet-images1.yit.co.il/picserver5/crop_images/2018/10/15/8823658/ 40 KB
41 KB 109ms
69ms Image
image/jpeg 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/picserver5/crop_images/2018/10/15/8823658/8823658_0_0_465_264_0_medium.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: be63677319df5219352f91eb1a7d84c8d06307e8cf0cd408015a6153aaf70ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Tue, 05 Oct 2021 07:31:55 GMT
server: Microsoft-IIS/10.0
age: 1235268
access-control-allow-methods: GET,POST
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 41313
x-llid: 36babc453b0cb6a1be7bb328ac912b32
expires: Tue, 13 Dec 2022 03:43:46 GMT

GET
H2 200 white_icon.png
www.ynetnews.com/images/ 1 KB
2 KB 94ms
22ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynetnews.com/images/white_icon.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c9c8fdfce46e567be13f3c2069ab3d6de3deb66237932fcfd82bb04f4709208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 27 Nov 2022 00:55:16 GMT
etag: "0a956cd2173d31:0"
content-type: image/png
vx-cache: MISS
cache-control: private, max-age=569026
wai: 03
accept-ranges: bytes
content-length: 1443
v-ttl: 0
expires: Sun, 04 Dec 2022 00:55:20 GMT

GET
H/1.1 200
OK yit_logo_footer.png
www.vesty.co.il/images/ 1 KB
2 KB 36ms
33ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/images/yit_logo_footer.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c0546498737a8547c8529a34eefdb32c02e492e0dc5784e4211ead8d00105667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 19 Oct 2022 23:26:48 GMT
ETag: "0de24cc038d31:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1402
V-TTL: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 188 KB
66 KB 89ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a67a3614fa2e76978399365c799aabc126e02eeaceb1971bd70439c3ed904aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67173
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 10:51:34 GMT

GET
H3 200 pubads_impl_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 50ms
28ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:14:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Nov 2023 17:14:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 66 B
78 B 60ms
43ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de0529d3c675751b762e820612467f5df0c8c3d293602e0d20179e0aafcd6b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:33 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
5 KB 62ms
12ms Script
application/javascript 13.224.189.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-112.fra2.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:23:30 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
x-amz-cf-pop: FRA2-C1
age: 1704
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4240
x-amz-cf-id: RpbhXQUkEFqq1mapTuX2wtY9RnyD8VdLHnSY_y9dLKbygxo9PSCJYg==
expires: Sun, 27 Nov 2022 11:23:10 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 270ms
11ms Script
application/javascript 13.225.78.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-13.fra2.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

56416f618bcd4af6b281cc6e6b47fbfc91f9e39a6ba419d7dc0d150ecc655a0c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:21:57 GMT
content-encoding: br
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified: Sun, 27 Nov 2022 10:21:57 UTC
server: nginx/1.20.0
x-amz-cf-pop: FRA2-C2
age: 1777
x-powered-by: PHP/8.0.14
etag: W/"d24ff59b69b4e3b9a097c2a607045883"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hkQXhnoAW1H41Tklw3aJVhKai_JOC0-nqvb-5i-bvhtPNpdb7KUZGg==
x-xss-protection: 0

GET
H2 200 impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js Show response
cdn.taboola.com/libtrc/ 692 KB
144 KB 20ms
12ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5d84e8c5853347349ceb41d356393ffcffb54de397aa23ccbad73f7970e2e20a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: arjkLLTaCClgeGv0MeeohXif.U6Svc27
content-encoding: br
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: 7VWH8E916YZKH2ZG
age: 10406
x-cache: HIT
content-length: 146762
x-amz-id-2: b7nVE5ClBK3nEdSuOEpwvfqxDX+NYk3YjQT8hdtdRrTe9rbWhcHf0QtHL6wgJ1ml2yTF7ZQkHoA=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:14:33 GMT
server: AmazonS3-br
x-timer: S1669546294.061637,VS0,VE0
etag: "2fd37163cb542f6171b00d5e06882462"
vary: Accept-Encoding
content-type: application/javascript
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 16

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 20ms
12ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=visibility_test_2_var
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-hhn4057-HHN
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1669546294.061611,VS0,VE0
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
935 B 73ms
24ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2538891
x-guploader-uploadid: ADPycduLdztAz3Zp6zreifkFu5_1QrxowykP8MxCIy_wGanytb-liSOblGYBA6T_hqpeEIO_afL_r4_fEgI9WLfUW57YpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzLcGz5qb52qAxHdss6KE1F6h12652sbXGtAOEisgn6rR7ft0VoiQtomX3IpIiariqvJpXtdk%2F6uTJ%2B%2Fg9fa9fjYaLbAvp1Ff4F3KEskDlYf13spf%2FLC1yJN28kgKk4kqOrkvgA0SsbtrpqitA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 770a4f322f23996e-FRA
expires: Sat, 29 Oct 2022 02:33:10 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 766ms
7ms Image
image/x-icon 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 12:59:37 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
336 B 64ms
27ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.1356001386548238
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2538891
x-guploader-uploadid: ADPycduLdztAz3Zp6zreifkFu5_1QrxowykP8MxCIy_wGanytb-liSOblGYBA6T_hqpeEIO_afL_r4_fEgI9WLfUW57YpA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTQQoWang8fsUJ5t9bB4XWWRDXZ3JICrCpBfHk9zdsRj6yPWWBE5M5HmtMW3BeQHDN4o0V8HWBIdQbZOerqLP8M8hkEQFLAjalIFOSrm7%2BbMmYKOjVfqtchbl9wts2Zo5NOeixGsTWwJizFwng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 770a4f322f25996e-FRA
expires: Sat, 29 Oct 2022 02:33:10 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/686065/ 14 KB
5 KB 84ms
76ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/686065/3521127290410543dbe9.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

76cb1043a79bc9c7cc3993ccfbf886c5b7c8d0b5cb7c38356cba14fe0d10bafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4802
last-modified: Thu, 24 Nov 2022 17:32:48 GMT
server: nginx/1.17.9
etag: "f580e4fb62263e0a534c6cdc0440172f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 26 Nov 2052 17:24:41 GMT

GET
H2 200 efebd7081e0e74c2d574.js Show response
yastatic.net/partner-code-bundles/686065/ 107 KB
23 KB 84ms
76ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/686065/efebd7081e0e74c2d574.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

64c5bf8a92d4332b1a3a35997fcdb23ccab1701d94a35677cb0f18bfc7df729a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23481
last-modified: Thu, 24 Nov 2022 17:32:49 GMT
server: nginx/1.17.9
etag: "644dd61bd0d05e1a0b07d6dfc85ecd78"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 26 Nov 2052 17:24:41 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 93ms
86ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 26 Nov 2052 17:23:31 GMT

GET
H2 200 4f8116b905a6fa609fc5.js Show response
yastatic.net/partner-code-bundles/686065/ 477 KB
97 KB 120ms
113ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/686065/4f8116b905a6fa609fc5.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

14449da3a7190ab4eabfb58a1d1dd730bf4dbf5821a904907971a2252876d55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 99047
last-modified: Thu, 24 Nov 2022 17:32:48 GMT
server: nginx/1.17.9
etag: "63047557ad1c0a456229a95f4590ce2b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 26 Nov 2052 17:24:41 GMT

GET
H2 200 go_vesti.png
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 100ms
76ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/go_vesti.png
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f0c4029e2ea812d0f8abfa9038646761e57c3438ca491289aa2d3d628150dd5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 13 Oct 2016 08:12:52 GMT
server: Microsoft-IIS/10.0
age: 434710
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1703
x-llid: d82ff54bbe3d87623e13b2288736f71d
expires: Thu, 22 Dec 2022 10:06:24 GMT

GET
H2 200 110mainsearch_weather_bg2.gif
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 101ms
76ms Image
image/gif 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/110mainsearch_weather_bg2.gif
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 2d77263a48ea0f8d2903e95c94e176bfe23a032a627dda23077a708ffc5d854d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 13 Mar 2016 14:35:18 GMT
server: Microsoft-IIS/10.0
age: 489099
access-control-allow-methods: GET,POST
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1865
x-llid: 50f901709b46fa7a019b8dee3bdf2efd
expires: Wed, 21 Dec 2022 18:59:55 GMT

GET
H2 200 115mainsearch_weather_bg2.gif
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 104ms
63ms Image
image/gif 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/115mainsearch_weather_bg2.gif
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 0ab577cc741322a238c8c5d22617155f4d2f3351ddfcb4af5fab3f95e2ce1362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Sun, 13 Mar 2016 14:35:18 GMT
server: Microsoft-IIS/10.0
age: 329062
access-control-allow-methods: GET,POST
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1883
x-llid: a9fe2e5d0d1b80d7b8d9acf96803e6a4
expires: Fri, 23 Dec 2022 15:27:12 GMT

GET
DATA 200
OK truncated
/ 445 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d362a0ae44dd538dde9e9b2033635f45d682b5b7fe67722a258c2cd113b68c86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 small_play_new.png
ynet-images1.yit.co.il/Common/images/ 2 KB
2 KB 103ms
78ms Image
image/png 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-images1.yit.co.il/Common/images/small_play_new.png
Requested by: Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 04301d9dcfc8e3a8d664ce1d263cf5b0e1025351005046be53161e928e076adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vesty.64d196992966b7a6f5031b8a69717461.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Thu, 14 Dec 2017 14:23:17 GMT
server: Microsoft-IIS/10.0
age: 230452
access-control-allow-methods: GET,POST
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1833
x-llid: aaf8eea15077d15eca4f0606b7f7eecc
expires: Sat, 24 Dec 2022 18:50:42 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 1D6B 99 KB
29 KB 222ms
176ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15f66b5b4eec43bf947ae27cdc68eccc81eb2c43f65c8758dab6d702d2a6d7e6

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 27 Nov 2022 10:51:34 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: PgQQKXGHWZ9dn5qwQ3mhB/lsgoPwGwclBOYn/0v/Lj/Hca4YpE37QDCT8B76g3uh6lvzaiwCZ1WN1ieRbHDA6A==
x-fb-rlafr: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 364 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 054a5ef61ae64a5c377132c482b030a747fa26ff71791b5f8a421b43d699cbc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 445 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cc48e83b1f5083beee9219f7f17bf51f8ef2badf6cf9e688f253291ab5a6389

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 554 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84fe7f9f37b2656d4c257e11498b38c2d5e5e4f73b97e7eb7323f0c4c6502a87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 youtube.css
www.ynet.co.il/Common/Api/Scripts/youtube/ 21 KB
5 KB 100ms
99ms Stylesheet
text/css 2a02:26f0:3500:88f::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/youtube.css?v=03.01
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: gzip
last-modified: Tue, 04 Oct 2022 15:45:04 GMT
etag: "3edfd0279666d71:0"
vary: Accept-Encoding
content-type: text/css
vx-cache: MISS
cache-control: private, max-age=2538948
wai: 03
accept-ranges: bytes
v-ttl: 0
content-length: 4519
expires: Mon, 26 Dec 2022 20:07:22 GMT

GET
H2 200 youtube.css
www.ynet.co.il/Common/Api/Scripts/youtube/ 21 KB
5 KB 44ms
42ms Stylesheet
text/css 2a02:26f0:3500:88f::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/youtube.css
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: gzip
last-modified: Sat, 27 Aug 2022 18:59:42 GMT
etag: "3edfd0279666d71:0"
vary: Accept-Encoding
content-type: text/css
vx-cache: MISS
cache-control: private, max-age=1491519
wai: 01
accept-ranges: bytes
v-ttl: 0
content-length: 4519
expires: Wed, 14 Dec 2022 17:10:13 GMT

GET
H2 200 accessibility.js Show response
js.nagich.co.il/core/4.2.2/ 40 KB
14 KB 65ms
34ms Script
application/javascript 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181695
x-powered-by: ASP.NET
last-modified: Mon, 27 Dec 2021 12:02:00 GMT
server: cloudflare
etag: W/"0eca68d19fbd71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FD%2Fxh11V3SEvBWNtqmIRHQVUu99nTpvZoxBWDl6nqqSQ8GH0IWm71lvZjR1sZp423ijuNDhHQB1W5B2VF4jFUI%2B8LEwmMHyIbw4tiUhtzFgTlwgdulVO7scR48dTvK%2FuTaKPkH%2BSAltiRM7Nbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 770a4f329cafbb35-FRA

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/ 1 KB
2 KB 9ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/B1IMoEKb7U/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 8550ea63cdf2144d6663541355a2c22d39d55092bff6bb559b33b5596269aa34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "1ad693f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1461

GET
H/1.1 200
OK comments_menu_item_200x200_RGB.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/ 5 KB
5 KB 10ms
8ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/S16bvqZXU/comments_menu_item_200x200_RGB.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: dc4506aa970b6143b290a9fc2109bd70ccf4d1782428aedf2591b40f1434ef82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 15:17:54 GMT
Server: Microsoft-IIS/10.0
ETag: "fa8c1e99b7e1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5365

GET
H/1.1 200
OK money_menu_item.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/ 1 KB
1 KB 11ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SkezoNYWmI/money_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 2e13e2b9a9478f68c39346a7155b90321b2fb8a865eb8804781a75815b004d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "6c8fb5f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1165

GET
H/1.1 200
OK community_menu_item.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/ 22 KB
23 KB 12ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/ByMjNFbQL/community_menu_item.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 37053f01142cbe1f55a25ba58d820579027647a4da0794209783b3dd609078cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "260b8f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22990

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/ 23 KB
23 KB 10ms
9ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BJcfoNKZXU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 6b759a63aa4d7af11cf52d9e2a1910662595a3b59fc1a4b8b5e5644c39f74e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "de375f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23041

GET
H/1.1 200
OK ______.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/ 22 KB
22 KB 12ms
11ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkrfsEY11XU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e97600804f99d9b0a37ca25349cafea3ca90c75498a4967afbdc616f7133059

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "20799f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22734

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/ 1 KB
2 KB 10ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/rkpzj4tZQU/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1cc6304316c75c71feb79060ebcbdaec27b18b67a1d6fafffa7881a9655e65fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "c88171f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1454

GET
H/1.1 200
OK ______.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/ 1 KB
2 KB 12ms
12ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H12zi4Y11QU/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 62d3dc98c507a16e8dc5d9815eee29add7bfce141c25b844e0f6d57afd1cdd94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "885673f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1397

GET
H/1.1 200
OK ____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/ 22 KB
23 KB 11ms
11ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/SJzfj4tbmI/____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e1c563384b96de069dbd94b764088e9c6b4cb6031b393d8ffa775e5b44e7b781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "408baef7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22866

GET
H/1.1 200
OK ______.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/ 22 KB
23 KB 10ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/H1ifiNFWX8/______.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e92539e06df96dc2373cc3cdfe2fc0bddb434cdcbdd6216def27ed76f916408

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:47 GMT
Server: Microsoft-IIS/10.0
ETag: "94a473f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22853

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/ 23 KB
23 KB 11ms
10ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/BkwGi4t117I/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1f2fb2516957cf9e8fcba382836cd3f5ca0b6dae9446611e577b2d1dbb10ce95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "56a290f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23090

GET
H/1.1 200
OK _____.png
www.vesty.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/ 1 KB
1 KB 14ms
14ms Image
image/png 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/picserver5/wcm_upload/2020/02/12/HkmMjVtZ7L/_____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-16.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: bfac01f1e0a8417d76b572c6c01e3459e4b026c3cddbeb12a335bc033adb9a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:34 GMT
Last-Modified: Wed, 12 Feb 2020 14:01:48 GMT
Server: Microsoft-IIS/10.0
ETag: "8e33a9f7ace1d51:0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1178

GET
H/1.1 200
OK H1lS34rHzhL Show response
www.vesty.co.il/iphone/json/api/auto_ticker/ 30 KB
6 KB 16ms
12ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/auto_ticker/H1lS34rHzhL

Requested by

Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

c89abf6bcec9bf5c4cc2ea0cb26372f0bd04c8c490e85fdb9a7c2f4764b207ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
X-me: ${S_HOSTNAME}
X-version: V3
Content-Encoding: gzip
Date: Sun, 27 Nov 2022 10:51:34 GMT
VX-Cache: HIT
WAI: 03
Connection: keep-alive
V-TTL: 7
Content-Length: 5938
Last-Modified: Sun, 27 Nov 2022 10:49:51 GMT
OSV: c8
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
vg_id: 2
Accept-Ranges: bytes

GET
H/1.1 200
OK H1lS34rHzhL Show response
www.vesty.co.il/iphone/json/api/auto_ticker/ 30 KB
6 KB 14ms
10ms XHR
application/json 2.18.235.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/auto_ticker/H1lS34rHzhL

Requested by

Host: ynet-images1.yit.co.il
URL: https://ynet-images1.yit.co.il/Common/frontend/site/prod/vendors-widgets.81738138db7fbf06462f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

c89abf6bcec9bf5c4cc2ea0cb26372f0bd04c8c490e85fdb9a7c2f4764b207ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
X-me: ${S_HOSTNAME}
X-version: V3
Content-Encoding: gzip
Date: Sun, 27 Nov 2022 10:51:34 GMT
VX-Cache: HIT
WAI: 03
Connection: keep-alive
V-TTL: 7
Content-Length: 5938
Last-Modified: Sun, 27 Nov 2022 10:49:51 GMT
OSV: c8
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
vg_id: 2
Accept-Ranges: bytes

GET
H2 200 card-interference-detector.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 8ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c191fd1e74ef4cfd9cd54aeaaa2b6a3ade9fe6e6b5d2e71fe69fc5681717130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: tIKVISVgMCAdKd00IWqKYzWqXUtDL0cy
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: NRP09Y76PYJC30AV
age: 42
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2246
x-amz-id-2: 59i4WPxjup4W5shnkKlBK6XeNqxFHMEAZIsHC6ltqfZle85kNdMqT041dVZ5+4udju/MW1cjVbI=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:14:42 GMT
server: AmazonS3
x-timer: S1669546294.308202,VS0,VE1
etag: "e982f4604250260ecfe7700d48a2f09f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 json Show response
trc.taboola.com/ynet-vesty/trc/3/ 52 KB
15 KB 425ms
419ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/trc/3/json?tim=10%3A51%3A34.311&lti=visibility_test_2_var&data=%7B%22id%22%3A428%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1669286467493%2C%22vi%22%3A1669546294308%2C%22cv%22%3A%2220221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A9408%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22vpi%22%3A%22%2Fmain%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4877%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbs-hero-02%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%22%2C%22orig_uip%22%3A%22Mid%20Homepage%22%2C%22cd%22%3A1953%2C%22mw%22%3A660%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbs-feed-1x1%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A4815%2C%22mw%22%3A980%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbs-feed-1x1%3Aabp%3D0%2C%2CMid%20Homepage%3Dthumbs-hero-02%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22visibility_test_2_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a27d82c6d1155828b88d4ec00c684e2defdb293df46768f706df547deeac3d41

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 412
date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-hhn4057-HHN
server: nginx
x-timer: S1669546294.320363,VS0,VE412
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 9WyjhTS8ebc.css
static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/ Frame 1D6B 21 KB
6 KB 37ms
8ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/9WyjhTS8ebc.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7ba00ca8e8766105255226293f27ad98d9ff0eb27cbd2b3522140c71a98c6314

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3VrOV5g+BJL3nS15vb/0tg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5318
x-fb-rlafr: 0
x-fb-debug: 7Cq2Zt2U8y05fUTDF+cMPGYXwONOhAykYp+0qCj3tjq+/735TjK/Gn0tXCnMH1KoCpgAaCP4k2hXkMGaFTGYoA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 26 Nov 2023 16:07:55 GMT

GET
H2 200 k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 1D6B 2 KB
1 KB 39ms
10ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: q6bCky1+00PrRbx3auADnQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 833
x-fb-rlafr: 0
x-fb-debug: S9YS6gJexvW0N2N+24zSHUNcJNDqH1//r10w0Lt9CZpIAiIJ6wkzsU2JIQShWuIVxxKIi1QQ4vo8KKRGR9ybbA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Nov 2023 16:09:03 GMT

GET
H2 200 NZS3ML1mHxT.css
static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/ Frame 1D6B 33 KB
7 KB 38ms
10ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/NZS3ML1mHxT.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b0ddbcb04b4cdc6fa3e4e57068c308563efde9dade4583f2a2647975c1a7f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: O6mEX8FDH9tVAmuOE4iqBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6477
x-fb-rlafr: 0
x-fb-debug: BMztzuT49o+aJiisEtxvyXcRMCfT7kW9SaqQYAf5705213+2EWboNemrEhDBhQCePmh0iYtaYD9bCDsvztUr0g==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 27 Nov 2023 07:26:10 GMT

GET
H2 200 KItlCpw25cr.css
static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/ Frame 1D6B 17 KB
5 KB 40ms
11ms Stylesheet
text/css 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0,cross/KItlCpw25cr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4f7da86d3b9490ac34d71a592c138aee1cdffccd0faa69c6813995f2fb18e8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NWgwTcC2A3kwGdX33Kl4/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4520
x-fb-rlafr: 0
x-fb-debug: fPsahN07+ouI06VLSyjBtMGzMXpTZ4itcOZfhvxnLBuvvgYBxyATWOcrdMqeMA0UfRWElhjVOhJwe4CXxRwPUg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 26 Nov 2023 18:26:37 GMT

GET
H2 200 GhvHv8GRe1K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 1D6B 322 KB
87 KB 39ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/GhvHv8GRe1K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3adae0f7526cd7d75eab0b0051935733618d37e97134ddd7eceb5b6c65920904

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: e/wz4Ool7LYG5OzRyT8/8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88859
x-fb-rlafr: 0
x-fb-debug: US/ulnqw61NWguDePKbjOWkQ4JNIEBMO8LljKRnbh7GZL99FfgOZUS90LsjcBi/SsCL/oWH842G2bPDs5clBmg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 17 Nov 2023 14:56:29 GMT

GET
H2 200 8LoDHCcRMmF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 1D6B 38 KB
12 KB 39ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12369
x-fb-rlafr: 0
x-fb-debug: n57Gm/fvBGmwDiltHZyovXsGkTwv8H+QMAVjVLxI9oDoE15f4+J0qEr5SfEw/eaEs7a/y3QUwruzZzaagIfcYg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:53:55 GMT

GET
H2 200 bPhRbIw5d4Y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame 1D6B 51 KB
16 KB 54ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4412af2c62800daec868b143a3f6582da05e6f1757405f788627d6442e933e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 37KShYF/ynsGi6DsmKojkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16262
x-fb-rlafr: 0
x-fb-debug: MBeNUsmi3oSzVJiJDOU103W2oIyRkFIn+gMoEYbNnD2t5kaUxdGYY7wSjuZNEPkh+WqzxQYRn5oSu/QTQXffIw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 14 Nov 2023 01:51:05 GMT

GET
H2 200 JGSM2yXjSKh.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/ya/l/de_DE/ Frame 1D6B 84 KB
23 KB 53ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/ya/l/de_DE/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92e15851fe32a200249582d31aba6414295f0d753b254b7cd52971568e6b6d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EMtLk17lT/BWV2pt28AFSA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23505
x-fb-rlafr: 0
x-fb-debug: bc39+SyMObIdjTLyseIxIyomI5oibQt50UCpzPCxi1vtbmMz0MMpOHbm/YszrJ3F0123OvldwRmzeQ7oyDLftw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 Nov 2023 07:16:41 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 1D6B 5 KB
2 KB 53ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: D0rw7Gd7Mnx7+lXQmbBR+tV+vaPJW6tL5tEq4wugmeDMJhverGf+u8x34pt8rbuPshRqyWyb/Z6Gr06FUln0jA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Nov 2023 01:51:05 GMT

GET
H2 200 m3C9wUm7Rze.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2aq4/y3/l/de_DE/ Frame 1D6B 29 KB
8 KB 53ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2aq4/y3/l/de_DE/m3C9wUm7Rze.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9646e08df831976f27e505fc21ff71da321605b86891d0b7fa3090f4bc4bc02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FVXwQtRLePDh43fJ9dqbXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8333
x-fb-rlafr: 0
x-fb-debug: SFnU/azPBVLkvseZ6omdXKMNTo8d2+64oln5706meeqaE/6kmXyLII0qvLPcAog2ZlC2ul8/EBqaD+IQhssTQQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 Nov 2023 07:58:42 GMT

GET
H2 200 y841rZ2iNa0.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 1D6B 28 KB
9 KB 53ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdb6a994a22802d3cebc2c03d498dd340fefb6e95d1b2b462c2913112fe9b11a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cejpO15V8gEAE7CBT0465Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8748
x-fb-rlafr: 0
x-fb-debug: +6Uxn0YT4GexRnrjeoay5ArhUj6J5dwrIHwSr3tgO1CmgoIO9teVlGU6Wle7b4tQuchrFwoISvT8AytCFR5FhQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 16 Nov 2023 20:30:05 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 1D6B 588 B
532 B 54ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dvWT6EJnf3PNCgYjKHSyww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 338
x-fb-rlafr: 0
x-fb-debug: HnS+zToKSGfydQFnqiTNByXSlP8Nx/awmibfJcUJlt8FawigV5uT+njBrXEV/F2O91cHuHNxOtXzKP5Zkzg9Kw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 17 Nov 2023 01:09:34 GMT

GET
H2 200 A20WKj-I0um.js Show response
static.xx.fbcdn.net/rsrc.php/v3iiuU4/y-/l/de_DE/ Frame 1D6B 335 KB
78 KB 54ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iiuU4/y-/l/de_DE/A20WKj-I0um.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbe0ef435319ac6fbeb06d4e41ed41ef493345ecdaa249971a5c31364a5f72e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FfSHuskHPv5WJEgK8vK0Xw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80137
x-fb-rlafr: 0
x-fb-debug: sA9eYeRJKGakBTrUgO14VLdy7i6rHf+2/Ib28vHm0P8MB4WbiCCYsO2+F3u78st2MgxkczfW8k25yak9U1OJgg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 17 Nov 2023 21:02:06 GMT

GET
H2 200 6YDcW8EHjbp.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 1D6B 73 KB
19 KB 53ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/6YDcW8EHjbp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b6d9077fe964e048c4ce39162820a77b5762c848215570d8540920ad64bda4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6rTZZSuxUpc6JpNvyF8J9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19088
x-fb-rlafr: 0
x-fb-debug: oZpSozRPABEu+HHaJg3I/BLRqU52AkO1a1dwyU/acT/IDmodupHrdOXhWvg4MiZtrf+bc3S6G4azPJxYgge83A==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 18 Nov 2023 16:09:04 GMT

GET
H2 200 i8ghwFiMKf9.js Show response
static.xx.fbcdn.net/rsrc.php/v3i6WS4/y6/l/de_DE/ Frame 1D6B 156 KB
42 KB 53ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i6WS4/y6/l/de_DE/i8ghwFiMKf9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7216c9ee0a76b82d39b7ffc4cf1eec5c214b6a4ea0147705667c30b649f35b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iYPB/yf3hCSv9X7fKgRn7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 42688
x-fb-rlafr: 0
x-fb-debug: fLAlCUdaWsKZ35ObKW5IEi0s1dKl/TXoR9BTCiyDZh9O87K8mReI+c0cXLV9WOI02yzxz4sGBGpFh1Tle6j9zA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 22 Nov 2023 07:19:17 GMT

GET
H2 200 lYejkzyV906.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 1D6B 804 B
619 B 38ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/lYejkzyV906.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24bd1809a16e6a6fa6314f2efec4b7394fa49c6996dc78769581517917d72edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lTtwXiE9Z6XJ8ZO+A6+U0g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 427
x-fb-rlafr: 0
x-fb-debug: QOoP98iHoByGdD9uONsIm/peg0RNsKJ0pYpy4fhTN3+Dzqrzo4O8lCirh1tTqnsE1Txeep2e1zuRxaLB8JsXfw==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Nov 2023 17:11:46 GMT

GET
H2 200 v3CKM-Empcj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 1D6B 18 KB
7 KB 51ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/v3CKM-Empcj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dbb385cd49933c5fc1f406c31c2bcc1f0bddc6e6cdfaf5fa30e6481d6b19fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /zE4MdGJUbrFP8Q68SxySw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6499
x-fb-rlafr: 0
x-fb-debug: Bh2CqIIgr6pkSKTQcRlqnJbtQRFlco3ihphY0JrgW10kFwTWS+lbM8fX4o/s3BQGy77IsMpTJbM3r65Q1cKmEQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 26 Nov 2023 15:59:28 GMT

GET
H2 200 0aTHA2C1d6g.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 1D6B 22 KB
7 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/0aTHA2C1d6g.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

584856e883361989cbbb1c03ad142e72c537a3fb1e7a4c848884b4cf60824d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VxcAtaHo24jV15AHqRC5Yg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7238
x-fb-rlafr: 0
x-fb-debug: PgebTGREhknFgDQwOjdVxs3pz8sI81O77HMg4vuS73/ApgXqu9Gj4ZvA2jBOanIO33t1WGaBndZXpKbYtRpK8Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Nov 2023 06:50:18 GMT

GET
H2 200 NuuMTm6YpMv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 1D6B 15 KB
5 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/NuuMTm6YpMv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9268d17bceacb82031ae1e4c667453e62528b7466b62493e3640761a9ec8a7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Zk14oXlupANWXOzf08iNsw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5012
x-fb-rlafr: 0
x-fb-debug: /u31mMXQssBPFpKWkfv7TfFDKUij+QcE4n5BbefIfNAQuyI0PofBTARrRxKgZ5q+ObrjQF9GBZoXwjkoVVcT8Q==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 24 Nov 2023 18:22:24 GMT

GET
H2 200 Phl-HUfEGSW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 1D6B 232 B
421 B 51ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/Phl-HUfEGSW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf3e32d807092fa60d6a1cecb6b4d80ce20f1ce7b715a34707184bd31016e189

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
content-md5: np98efJ3O7GM9s5M36No7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 232
x-fb-rlafr: 0
x-fb-debug: nMoxeowVoMoX8RHpLhV4l3Fh0UgQdsKfhhhqE9t/ZPea/8mf3SWyJhhO2WHoqa+lEsyz8Yz0NGh+MuU0pIm/Mg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Nov 2023 18:15:36 GMT

GET
H2 200 9ofdOTrimPg.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 1D6B 212 KB
47 KB 51ms
26ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/9ofdOTrimPg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d249d89ec89617d5cae3b5e285ec3c903ce1ed27b955de835fbe7139bf29d466

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5TluU395CgV+aGFIxhm/8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 48023
x-fb-rlafr: 0
x-fb-debug: uffrYif/1gTnmXZlAz/KtjyKUX+C4W2Y/vIzURcOg6NBSPicB58kIXv9IuA7q8feWOP4nmwbAx5kynRUJAxuIg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 16 Nov 2023 23:58:34 GMT

GET
H2 200 lNQKzORH_3o.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 1D6B 22 KB
8 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/lNQKzORH_3o.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d4d6943a5309778bb0532681a50f0679334f96fdaf686dc3d0af24785f6fdd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PQT7C/7sLedvegQ7PJ04HQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7564
x-fb-rlafr: 0
x-fb-debug: JCPnYnqRR9ZX3n+5ZJyjbLsh96drGVnDl6hrFBVHA7FYatLG0bt0xc31InVZrVmD8MvzLcw/6srjrc27FY+tDA==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 14 Nov 2023 04:19:29 GMT

GET
H2 200 8GBY6WcEO-y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 1D6B 55 KB
15 KB 51ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/8GBY6WcEO-y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

626773988e3cac6415c262fd754008edb78ad140cb1233a6d16c7fea7b2e9f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GJaQlxgRmsxgwXhHT6KAFw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15175
x-fb-rlafr: 0
x-fb-debug: bx86M89uzEPRZlgjGfYwOCIGW6G3UIZXL4a72ZRou4125966WgSEHGo38zoaCNvx8wkDTr0wBoyqw4HIzhJVug==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 27 Nov 2023 06:23:18 GMT

GET
H2 200 93876918_2957339914341791_2205750677576089600_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.6435-9/ Frame 1D6B 16 KB
16 KB 37ms
10ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.6435-9/93876918_2957339914341791_2205750677576089600_n.jpg?stp=dst-jpg_p130x130&_nc_cat=109&ccb=1-7&_nc_sid=dd9801&_nc_ohc=mI8zKW2xuX0AX8-5kLj&_nc_ht=scontent-frt3-2.xx&edm=AEDRbFQEAAAA&oh=00_AfCI0xDB_K5mbBXWWK_gF7Tr4-hNDgH4Xo0fXfvqu68Yyg&oe=63AA9F6B
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 49b6f7a70ee3d7f71c178641dec7c2b4cae50de328e404d593f7318d9a8b6c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum: 438235092
date: Sun, 27 Nov 2022 10:51:34 GMT
x-fb-trip-id: 686109401
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 21 Apr 2020 17:00:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2329757484
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1347642013
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16135

GET
H2 200 10626864_696138957128576_5872423766162016244_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/ Frame 1D6B 1 KB
2 KB 30ms
9ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.18169-1/10626864_696138957128576_5872423766162016244_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=NjYCgv_SpLoAX__1iZN&_nc_ht=scontent-frx5-1.xx&edm=AEDRbFQEAAAA&oh=00_AfAlJXrmJ6bw5B2_sockv2UR_TcjkxngF8zDolc4FrMwRQ&oe=63AACA8D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ab32b2c4c4edb597ff057500e0716830305580857189e611e5b07acbba87d78a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-haystack-needlechecksum: 3674522882
date: Sun, 27 Nov 2022 10:51:34 GMT
x-fb-trip-id: 917726464
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 26 Aug 2014 15:36:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1081392817
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 439318
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1442

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 45ms
8ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Mon, 12 Sep 2022 07:37:47 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 27 Dec 2022 10:51:34 GMT

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/ynet-vesty/log/3/ 0
247 B 120ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/ynet-vesty/log/3/bulk-metrics?lti=visibility_test_2_var&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.vesty.co.il
pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 youtube.js Show response
www.ynet.co.il/Common/Api/Scripts/youtube/ 10 KB
10 KB 202ms
202ms Script
application/javascript 2a02:26f0:3500:88f::30bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ynet.co.il/Common/Api/Scripts/youtube/youtube.js?v=03.01
Requested by: Host: www.ynet.co.il
URL: https://www.ynet.co.il/Common/Api/Scripts/YitVideo.js?ver=9.85
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88f::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 749886f0c7b06a4df622b00a061a33b7b7343bc1987941c26f8b455e6a63a54c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

backend-cache-control
date: Sun, 27 Nov 2022 10:51:34 GMT
last-modified: Fri, 18 Nov 2022 16:55:29 GMT
etag: "88766456ed21d61:0"
content-type: application/javascript
vx-cache: MISS
cache-control: private, max-age=1836152
wai: 02
accept-ranges: bytes
content-length: 9815
v-ttl: 0
expires: Sun, 18 Dec 2022 16:54:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 70ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 48ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vesty.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 135 KB
30 KB 404ms
403ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=770137417371656&correlator=250618840338975&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=6870%2Cvesty%2Cdesktop%2Cinterstitial.adx%2Ctop%2Ccentral%2Cbox.1%2Cbox.2%2Cbox.3%2Cskyscraper.left%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2C%2F0%2F1%2F2%2F6%2F5%2C%2F0%2F1%2F2%2F7%2F5%2C%2F0%2F1%2F2%2F8%2F5%2C%2F0%2F1%2F2%2F9%2F5%2C%2F0%2F1%2F2%2F10%2F5&prev_iu_szs=1x1%2C970x90%7C970x250%7C770x350%7C970x350%2C300x250%2C300x250%2C300x250%2C160x600%7C160x601%2C160x600%7C160x601&ifi=1&adks=2106902652%2C4068750166%2C886418757%2C2705355219%2C3061805891%2C2736298071%2C2316061010&sfv=1-0-40&ists=64&fas=8%2C0%2C0%2C0%2C0%2C0%2C0&cust_params=ynfi%3D0%26dckw%3D0%26ngch%3D0%26yrca%3D0%26dcTag%3D%26ynch%3D50.Vesti-1.Home%26dcPath%3D50.Vesti-1.Home%26dccg%3Dmain%26ynvc%3D0%26yncd%3D50%26callType%3DGPT%26dcsch%3Dnull%26dccw%3Dhigh_res%26dcsw%3D1600%26dcunigpt%3Dview1%26charset%3DUTF-8&sc=1&cookie_enabled=1&abxe=1&dt=1669546294440&lmt=1669545801&dlt=1669546293564&idt=806&adxs=-9%2C315%2C990%2C990%2C990%2C0%2C1440&adys=-9%2C5%2C486%2C896%2C2002%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain&frm=20&vis=1&psz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C1600x4877%7C1600x4877&msz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C160x-1%7C160x-1&fws=2%2C0%2C0%2C0%2C0%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=278959557.1669546294&ga_sid=1669546294&ga_hid=2110839492&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0725e29f1b91297954b187e06e164bedcfc5adc877f40094bbf4860312115b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30207
x-xss-protection: 0
google-lineitem-id: -2,6162262009,6150798440,6154299963,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138413509403,138412118899,138412313564,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A3CD 6 KB
3 KB 80ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:34 GMT
expires: Mon, 27 Nov 2023 10:51:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022111501.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 16:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13838
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Nov 2023 16:36:20 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 107 KB
42 KB 63ms
20ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KXPKGJR

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea540906b4812d6c9f9e88b230cdea6d6958d5be159134204d0fa15d23752095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42981
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 27 Nov 2022 10:51:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
10ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 09:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 27 Nov 2022 11:15:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 43ms
23ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a2fe3388887243975a247188dd832bf1a429acc2d4fc2e4868e8cc0156a8a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Nov 2022 10:51:34 GMT

GET
H2 200 style.css Show response
js.nagich.co.il/style/ 15 KB
4 KB 19ms
18ms Fetch
text/css 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/style/style.css
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181694
x-powered-by: ASP.NET
last-modified: Wed, 15 Dec 2021 11:05:22 GMT
server: cloudflare
etag: W/"04554a7a3f1d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyDFgK4Fxdli13r7dj3RHLRM94nRKnslOB1%2FhDF0xDep9yWoaHzQuxZrvIUJFc%2FAf4NV3Zc9HYmdhzE4Ie8HgbeJIW61JFTM4su6NF%2Bu1Tsc8Z1fJhsn8OIO3w5grs187ymLw2Q%2FcCJTT9BIDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 770a4f3488c8bb35-FRA

GET
H2 200 btncolor.css Show response
js.nagich.co.il/style/ 103 B
433 B 18ms
18ms Fetch
text/css 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/style/btncolor.css
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181704
x-powered-by: ASP.NET
last-modified: Mon, 11 Feb 2019 10:07:59 GMT
server: cloudflare
etag: W/"e97d81aaf1c1d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSN7UMWJyhvycnLM1cuq517VKBMoo3Xb3OG77KxaPQPH8T5dyWZAb2EGEu%2FrNWnYITSGzYgtUq6%2F80I17Kq1tsd1N36xvCql3QLpf6tD%2FCETx%2FKdJyDCw6J8%2BcAzSgWNFUis9FR8DA1wDtktzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 770a4f3488ccbb35-FRA

GET
H2 200 ru.json Show response
js.nagich.co.il/assets/locale/ 2 KB
981 B 78ms
77ms Fetch
application/json 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/assets/locale/ru.json
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Jun 2021 15:40:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ef1e2c9fc61d71:0"
x-powered-by: ASP.NET
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QChkmmO35R7ukXvdNYr29xm39t2fS09wlVUBUGta9hv9Zm8aS%2BY%2FYMqRCbLyBwPW2XSsiRZTNgkay17FbeZ%2B6xJaHFVPrc823s%2Fkpn8BDDhAMo9vvZNY4An6gHgqpgAaJF%2BluBSKg2QkHt7TLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 770a4f3488cebb35-FRA

GET
H2 200 pdf.js Show response
js.nagich.co.il/assets/scripts/ 7 KB
2 KB 27ms
27ms Fetch
application/javascript 2606:4700:20::681a:314
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/assets/scripts/pdf.js
Requested by: Host: js.nagich.co.il
URL: https://js.nagich.co.il/core/4.2.2/accessibility.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1181704
x-powered-by: ASP.NET
last-modified: Sun, 23 Feb 2020 12:50:59 GMT
server: cloudflare
etag: W/"80fb6ce547ead51:0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnaG4OwTfRtCo%2BMGuUAFlK3UO9pkmBaswGw9uxsFpvaQX6qvQiwLDsMykZMrMqRFfSOUmh15q1v%2BuRm0oaRqTN1LERVQGPb2fk4u4kyNC2HuSSQGLzwoQARRQ8dQY53gLNLo9JJcKnJRo3J34g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2604800
access-control-allow-credentials: true
cf-ray: 770a4f3488cfbb35-FRA

GET
H2 403 6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js
cdn.permutive.com/ 0
0 318ms
43ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js?d=2022-11-27
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/vestywb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 1D6B 573 B
628 B 18ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/9WyjhTS8ebc.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yV/l/0,cross/9WyjhTS8ebc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-rlafr: 0
x-fb-debug: nOmr4YzH7TKpHdKO/E5JYnwPku81PDsqhM5ZNu+6JzcXGdMhK8TEociLvkUFcBdD9ThuXENpkxypREuujGxKWw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 Nov 2023 06:45:32 GMT

GET
H3 200 P8cvLNdJf9L.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 1D6B 323 KB
48 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/P8cvLNdJf9L.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/GhvHv8GRe1K.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae70ddc938348f4578d78f15fb0d93612f93613a9f3de47703ef718c84994cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MLqBwo2Kia5oZN51zzRaXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 49196
x-fb-rlafr: 0
x-fb-debug: ikLnV/4NsBjoVHeKUbPT3YwgnYfjIgyineVsKTcinyrjjFLVwDnUn2sLBbAnz16f1/5VaJRAJoYYDXB3IPakRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 26 Nov 2023 16:00:12 GMT

GET
H3 200 AiAzujH6oUc.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 1D6B 369 KB
79 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/AiAzujH6oUc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/GhvHv8GRe1K.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef09636415673a51dffe55d5c5fc5a6ef54f05e7a1f228019f40309ad4c9ed40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FdJbEBjQwB3ooFj9UY6TXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80522
x-fb-rlafr: 0
x-fb-debug: mkYNc61N8vbxFtwrgpe34QRPZtAMMjp3nqZeKthyjyBt9IZ7wtawf4Fraf6YmybWfJO9uo7ZAgKF7bYwUdoAWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Nov 2023 03:55:25 GMT

GET
H3 200 PZefRCP4Yg_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 1D6B 46 KB
12 KB 25ms
15ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/PZefRCP4Yg_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/GhvHv8GRe1K.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e17dd16cca1736ad14c569328a7a068cce463d36cd028527aa75944bf44fc73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YxZu6bMPDnqSYOEP+oVlgw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11818
x-fb-rlafr: 0
x-fb-debug: GEEnBgA7j/DW5/awkTqBBlNcKo2+f07JxtCVsufh9qSNGg8ZRe2baDrBP09NIrmoqHClXwBwKWDaPYErweiChw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Nov 2023 16:09:04 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
338 B 74ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=2oeb90&_p=2110839492&cid=278959557.1669546294&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669546294&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 69ms
20ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5536870-20&cid=278959557.1669546294&jid=938304749&gjid=1056375380&_gid=792274533.1669546295&_u=aCDAgEABQAAAAEAAI~&z=196813573

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 31ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2110839492&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain%3Fprof%3D50.Vesti-1.Home&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABQAAAAAAAI~&jid=938304749&gjid=1056375380&cid=278959557.1669546294&uid=0&tid=UA-5536870-20&_gid=792274533.1669546295&gtm=2wgb90NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2022%2F11%2F28%2011%3A51%3A35&cd12=Home%20Page&cd14=50.Vesti-1.Home&z=788409236

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 22:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 1D6B 896 B
566 B 121ms
110ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1025035547572247&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/ya/l/de_DE/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1d423e33955ab4c19d298ae17775da5afd5ea1ef72120d63b48e69ce7bcec0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: cHhzgpuszqWzXWs_vhHeE9
Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 10:51:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: p+6rEjroVvHMp7avqG+Wa1q61gS6Agdj0huvdB3Y12lPZdd+bUwTDV3IsiP58BbuVQiKZ6qj3NK10AZIm/LRxg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-allow-methods: OPTIONS
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ksSG7BCGzVy.png
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 1D6B 12 KB
12 KB 8ms
8ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ksSG7BCGzVy.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/NZS3ML1mHxT.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/NZS3ML1mHxT.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
content-md5: uyn8DKg02tdFYyt7qV6IBg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12111
x-fb-rlafr: 0
x-fb-debug: /onwnUXvWdAo7iMKxgZKaYnIPk/5+gDvVkZHB4uZAPj9e0DJhp6WJ2l0wAp5hy+UhGKhS9i2A5vR2RePlI4kbA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 Nov 2023 07:24:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 58ms
33ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5536870-20&cid=278959557.1669546294&jid=938304749&_u=aCDAgEABQAAAAEAAI~&z=317052751

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 63ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5536870-20&cid=278959557.1669546294&jid=938304749&_u=aCDAgEABQAAAAEAAI~&z=317052751

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feed-card-placeholder.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 9ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3183f681279dfdac57f6336981014cd4ca5a445cf94f28ce297acb02a33dda31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: xBKTw18qGLOKuZQ8FkZkee1xB.z.9JxJ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: 09DV85164JFE3C18
age: 42
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1326
x-amz-id-2: lrUQW9mOvgbtLC0QT5zHhWjWaem5tbOlYr9lrzt87qVHsySekmDavDUGLY2CW8GfPoKWPtLdtaQ=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:14:54 GMT
server: AmazonS3
x-timer: S1669546295.755683,VS0,VE1
etag: "1edec185817013e0c16d95a7636e6327"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 distance-from-article.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cea30626e12b5a68b9b91cb890401475dc6157d78d70b87edda88c2f7c2dd219

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: KDV.NKqaUbWJ6EZrrJMuV6l1.pwiSDka
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: NRP3NW7536QN29PF
age: 10
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1080
x-amz-id-2: iqY4hEtYeGrD8OJsngHiMDb9G2hiU5nQBGO2n4GNfojl3/keh3rpSGuaK19gd2FxCPDMxa3Zbkc=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:14:47 GMT
server: AmazonS3
x-timer: S1669546295.759004,VS0,VE1
etag: "cd7ab8b0cc75c358800e40d0683639f1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 article-detection.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 10ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0f68cf613a0948df6d28744e716cfb755df3eba4e5741852eec7e2669631965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: 9XTY8.SeQf0RS.NtOO3n6mrzR9A7Km_g
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: NRP7TT87GT1BGA8E
age: 8
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1305
x-amz-id-2: KKdQ+KlDpOgKyxYjslyskuH/eHYRyj9pTVSx03xlgS2wTd9AgTJMliXE4K7o4ig+Ireq3hiQamk=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:14:37 GMT
server: AmazonS3
x-timer: S1669546295.759115,VS0,VE1
etag: "e9a4019310f7030fb57e90d2932bf3d4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 userx.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 9ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ed02d42bcd8f9ebc716a2cba9309cd84c560441c9966cda1d04a9a196d114a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: PmIokHr4fdXA_OxR17w9h_sTgpZu3w_P
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: ZZ2F82V4TRK1C2M0
age: 29
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5456
x-amz-id-2: YnPfxiMLpdksh0TwnU1K7NoLaxQfMBrZtD8vGPiHKBOkhKMLtTvatl2Bd+jZaJuoRa5o9+ETbbc=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:15:42 GMT
server: AmazonS3
x-timer: S1669546295.765264,VS0,VE1
etag: "1188c602e32ac77870ef0b026d18b135"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 cta-component.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 19 KB
5 KB 11ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f04600ca36e8aa20c4f523cbc176165c79a0e84f13daf2969f6f58b6e56eea8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: _oWH.t5hUMBfEDjZSrgj6WNqSlZq3tw1
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: NRPCCZ9SZ4JBW3D0
age: 99
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5172
x-amz-id-2: yvbGQhfaLFAZA71A9HxSMHGYD1oEczH+Ii7Sku50q0pNsr7OpmK3Mp3Yv3P2ODMDp2EZVWm74C4=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:14:44 GMT
server: AmazonS3
x-timer: S1669546295.769215,VS0,VE1
etag: "0bd7f36a4a1effc6977b017783211a53"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: 01PXJKEE06S096BM
age: 5
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: GlsIH4vEcqqANkYzV1S8p6KAGukHCu2tIagk6oeA3T5UEzDPImxPlrSqNOBx5BRAttHW3ppeF4I=
x-served-by: cache-hhn4057-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1669546295.780307,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 17
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4

GET
H2 200 non-responsive-widget.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js Show response
cdn.taboola.com/libtrc/ 18 KB
6 KB 214ms
214ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/non-responsive-widget.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 506ea24f2b3cddcc725e5e7f83594c4020ba2f71fea1838e04892b740976ef70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: xuflPHhVCUgPlhrdxWPEP40uZthvz1zG
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:34 GMT
x-amz-request-id: VKEBF1QCJZMDXQ7Y
age: 0
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5724
x-amz-id-2: Bn8A4xMooynn3vCC9itKUh+ERTixw72wjv/hI97I3fkzquUnY0nXsIRm1W3Nf1YZKcGPLI/l9nw=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 15:15:09 GMT
server: AmazonS3
x-timer: S1669546295.788576,VS0,VE207
etag: "34508d1c82cb9c90398b984bf573545d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H3

200

B28360616.343678768;dc_pre=CMyY286YzvsCFYnuuwgdepYOzA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CMyY286YzvsCFYnuuwgdepYOzA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...

42 B
65 B

46ms
29ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CMyY286YzvsCFYnuuwgdepYOzA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CMyY286YzvsCFYnuuwgdepYOzA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B28680143.347829486;dc_pre=CK-W286YzvsCFUh-4AodL5MHhg;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D...
ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/B28680143.347829486;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc_rdid=;tag_for_child_directed_trea...
https://ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/B28680143.347829486;dc_pre=CK-W286YzvsCFUh-4AodL5MHhg;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc...

42 B
65 B

49ms
32ms

Image
image/gif

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/B28680143.347829486;dc_pre=CK-W286YzvsCFUh-4AodL5MHhg;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N718661.2069703TABOOLA/B28680143.347829486;dc_pre=CK-W286YzvsCFUh-4AodL5MHhg;dc_trk_aid=539034857;dc_trk_cid=179040692;ord=2022-11-27+10%3A51%3A34;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=vesty.co.il
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/ynet-vesty/log/3/ 0
246 B 16ms
15ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/ynet-vesty/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=visibility_test_2_var&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.vesty.co.il
pragma: no-cache
date: Sun, 27 Nov 2022 10:51:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 H1bNBZlvs_0_0_3000_1688_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/ 32 KB
32 KB 17ms
12ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/H1bNBZlvs_0_0_3000_1688_0_large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e29b7ad709f9a64297d83fa77cbc244a03b9f827a50eb53e0c688c45f14c3c66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/H1bNBZlvs/H1bNBZlvs_0_0_3000_1688_0_large.jpg
age: 19312
edge-cache-tag: 532145182971988959312347235004924697440,519644172745979680808998970707179062126,29ecf9b93bbf306179626feeda1fab70
cache-tag: 532145182971988959312347235004924697440,519644172745979680808998970707179062126,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 582
req-referer: https://www.vesty.co.il/
content-length: 32470
x-request-id: d9b9833468c90d2a462efd47bc3c04fd
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200144-IAD, cache-iad-kiad7000061-IAD, cache-bur-kbur8200099-BUR, cache-iad-kiad7000049-IAD, cache-hhn4057-HHN
last-modified: Sun, 27 Nov 2022 05:17:24 GMT
server: nginx
x-timer: S1669546295.820831,VS0,VE2
etag: "f29d4a9024d8f1124f7c068a6fecf688"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5, 1

GET
H2 200 d10e64bad8632e270adcb6b5425aa875.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 154 KB
155 KB 17ms
13ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d10e64bad8632e270adcb6b5425aa875.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fe9c2e5c1dd7c90df3c181042980696d2da46bc8c1b63e9ea6f5a95a9df94e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d10e64bad8632e270adcb6b5425aa875.jpg
age: 1472283
edge-cache-tag: 520483458195062292694694425091837898093,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 520483458195062292694694425091837898093,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 390
req-referer: https://d-42651048141373938609.ampproject.net/
content-length: 157674
x-request-id: f0ec51cfc648bee9b1ad501b878b7eb2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100105-IAD, cache-iad-kjyo7100038-IAD, cache-chi-klot8100085-CHI, cache-iad-kjyo7100134-IAD, cache-hhn4057-HHN
last-modified: Fri, 04 Nov 2022 16:12:41 GMT
server: nginx
x-timer: S1669546295.820894,VS0,VE2
etag: "3b2b230cd42dd5d6dc3572b60fdbc5e2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 25, 1

GET
H2 200 f871bc9a287a101882c44fb3baa82cd7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 13ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871bc9a287a101882c44fb3baa82cd7.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b140abc197e8ff39e83bf6471c05eb066c13c10f04269b0a54b0dc5aefd3929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f871bc9a287a101882c44fb3baa82cd7.png
age: 7669741
edge-cache-tag: 349391243346493919167660949251920348523,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
cache-tag: 349391243346493919167660949251920348523,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 94
expiration: expiry-date="Fri, 23 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 36912
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kcgs7200130-IAD, cache-sna10740-LGB, cache-iad-kjyo7100141-IAD, cache-hhn4057-HHN
last-modified: Tue, 23 Aug 2022 00:09:25 GMT
server: nginx
x-timer: S1669546295.820481,VS0,VE1
etag: "1f204cb95cbe0f2759764158ec5f66fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1201, 1

GET
H2 200 82bafc31140a1de7d80fc96d05e0a2aa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 15ms
11ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82bafc31140a1de7d80fc96d05e0a2aa.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b4c88e2f7068613fddfe50c1fb3f0d1348cbdbb8d8d12eb1f0adbc777741d15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/82bafc31140a1de7d80fc96d05e0a2aa.jpg
age: 3255270
edge-cache-tag: 501327987658507328905132928118164554976,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
cache-tag: 501327987658507328905132928118164554976,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 146
expiration: expiry-date="Sun, 23 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.vesty.co.il/
content-length: 35130
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100087-IAD, cache-iad-kjyo7100129-IAD, cache-lga21978-LGA, cache-iad-kiad7000048-IAD, cache-hhn4057-HHN
last-modified: Thu, 22 Sep 2022 09:36:03 GMT
server: nginx
x-timer: S1669546295.820882,VS0,VE1
etag: "b345dd5c64404fd68dd73a7ce15c6f67"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 120, 1

GET
H2 200 H1hJPURLo_0_0_2418_1525_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/H1hJPURLo/ 41 KB
42 KB 25ms
22ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/H1hJPURLo/H1hJPURLo_0_0_2418_1525_0_large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d40e246b578028fead44a469d023b37468d80277609e1ac51d48da70b191776b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 7
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_590%2Cw_1180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/25/H1hJPURLo/H1hJPURLo_0_0_2418_1525_0_large.jpg
age: 153927
edge-cache-tag: 524273361652016212712478807468596256073,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 524273361652016212712478807468596256073,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 591
req-referer: https://www.vesty.co.il/
content-length: 42092
x-request-id: 72c8157c2f65bf65d2a80876ab238e2d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200055-IAD, cache-iad-kiad7000092-IAD, cache-bur-kbur8200038-BUR, cache-iad-kjyo7100150-IAD, cache-hhn4057-HHN
last-modified: Fri, 25 Nov 2022 15:56:22 GMT
server: nginx
x-timer: S1669546295.820835,VS0,VE7
etag: "499bfeda4847b5b38cc9fafa9fbb19a3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 65de76e055e6696fc7fb6e82f0f49ee4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 11ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65de76e055e6696fc7fb6e82f0f49ee4.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 64e2a47b72df7b0cf9f64348ef1915c752638613a9b255a42bb88ca2ba7d81f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65de76e055e6696fc7fb6e82f0f49ee4.png
age: 330452
edge-cache-tag: 450097827479678964133111845113287535269,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
cache-tag: 450097827479678964133111845113287535269,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 135
req-referer: https://www.t-online.de/
content-length: 7004
x-request-id: 9b508efe7407a4011cf4834d042851cc
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200158-IAD, cache-iad-kjyo7100044-IAD, cache-sna10747-LGB, cache-iad-kjyo7100081-IAD, cache-hhn4057-HHN
last-modified: Wed, 23 Nov 2022 09:34:38 GMT
server: nginx
x-timer: S1669546295.821027,VS0,VE0
etag: "65dea3ae29ce63d8540fb232fd443160"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 2, 2

GET
H2 200 B1lfLoqLj_0_0_850_479_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/B1lfLoqLj/ 20 KB
21 KB 16ms
16ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/B1lfLoqLj/B1lfLoqLj_0_0_850_479_0_large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ecb1a1d9de53b1a7899bb6330560ee219817f133eca94ab8de2c9b723ed1c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_323%2Cw_580%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/22/B1lfLoqLj/B1lfLoqLj_0_0_850_479_0_large.jpg
age: 397582
edge-cache-tag: 328152405237844779378413155784770146558,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
cache-tag: 328152405237844779378413155784770146558,295553058743250366199386478763765990162,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 431
req-referer: https://www.ynet.co.il/
content-length: 20722
x-request-id: 0ad25e566b66d756c5290d4bbf07bb0a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000048-IAD, cache-iad-kjyo7100077-IAD, cache-bur-kbur8200035-BUR, cache-iad-kiad7000062-IAD, cache-hhn4057-HHN
last-modified: Tue, 22 Nov 2022 20:16:09 GMT
server: nginx
x-timer: S1669546295.829777,VS0,VE1
etag: "f2d7acdb3e059e2da299c52fd1d16344"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 34, 1

GET
H2 200 Sy9IRelDs_0_0_850_479_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/Sy9IRelDs/ 4 KB
4 KB 13ms
11ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/Sy9IRelDs/Sy9IRelDs_0_0_850_479_0_large.jpg
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f938fff69d6251a827b8f06946cc68b7ee1929869c7d789d566421dff4b45da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 27 Nov 2022 10:51:34 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2022/11/26/Sy9IRelDs/Sy9IRelDs_0_0_850_479_0_large.jpg
age: 27013
edge-cache-tag: 296137454373342565563104329387310187268,321085617541563633966067616710486181666,29ecf9b93bbf306179626feeda1fab70
cache-tag: 296137454373342565563104329387310187268,321085617541563633966067616710486181666,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 429
req-referer: https://m.ynet.co.il/
content-length: 3794
x-request-id: 9e0da00b44cde5f6db0c1b0055b56c82
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kcgs7200156-IAD, cache-iad-kiad7000178-IAD, cache-bur-kbur8200163-BUR, cache-iad-kcgs7200147-IAD, cache-hhn4057-HHN
last-modified: Sat, 26 Nov 2022 21:06:42 GMT
server: nginx
x-timer: S1669546295.834247,VS0,VE1
etag: "1af46202d77cf87fa73d7829c7669d16"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H3 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 1D6B 198 B
251 B 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/GhvHv8GRe1K.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
content-md5: gixzAcHA/hBBjzjO9Ez8tQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 198
x-fb-rlafr: 0
x-fb-debug: GwizcRkQx4lCSapQWGWjNEMd/r6CfVB7YuNn0vBy0j53HdDKD1ANHoIYBTJj0tgqA5wSnvXQ+8bWudsQU4Bl6Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 27 Nov 2023 04:17:53 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 620A 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFEGpdFmISxdS0g76YtlrovjGES2LwinDXiGC7nxnPby-irjxDzmI4HVreMxuXaT4WWN9bDuZBI8WMO_PRb0g2VChpFGUYeXctgWn_cc9kGhM9Gs-R8to0yzMzf4R5HjsP0-9F9iOCrIdF3IvTYfuN2vi7lWMIsdRKcecxpaAudgDeMqpmZMVP2e0QTerZZTN5cCEozwi0Ybl7pZlk5Iqya1eGww6eABvP-BoPiCdAT0NG8jAcc7y-u1E1pFugrnvg6DTG8KZBBL9A4fA4fWFDqaZpP4m1k5K1XrQeEIFo1d3qXaRq8IqpIXvYlWUqtQdFJsOsiAW6PGg&sai=AMfl-YRUe97A8LA5xyG9Ga-RhUx8Di4x_MD1dBttvFXpyd-1V62S2OlAB8OsZbuGTQsbwy1QJme3gBE-UZ8_np9Hgk3zsZIhT-_t_ZrMT4DuUCL3AZX_AXyk07hU0BremTVdsZG9cgAfnXvabAlcHic3ug&sig=Cg0ArKJSzBpmy2As_WzQEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 620A 3 KB
2 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:43:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 620A 154 KB
48 KB 169ms
125ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H2 200 3791394876636846963
tpc.googlesyndication.com/simgad/ Frame 620A 55 KB
55 KB 39ms
11ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3791394876636846963

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be45cd32c802f2d6db6f27606010726beba57a1e6a9e0e607577fdf1361defd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 06:00:32 GMT
x-content-type-options: nosniff
age: 363062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56367
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 12:23:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 Nov 2023 06:00:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B38 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJOm-WiRBrlicgSytCeJJ-AWw29xnrtvaaex7Qa1_ucbcw10LaKRmIL4fX1prnSfdprX-ejDGY8gNCt1nbI07Otxt-ISvAjcVlsN9-hCVGo-5UWKHVzcg_JZNzYK0Aj5UW1tpN4KSpnU0bdQ8dNPwXGf3M3YOe7nuIqBW3oek-Ar8RedHqZOEsyowvEN_uAfsazfw1sqFspaxtnQ0nGfg8-n4wFg8hnSMI9JhxRLJCUFeOEhKgyAhiO150J1p0MJ0nuqC0JMdaJlVblx9yAc8o2F7hfCbaQ1mkhE5JHU248YzOw5B4eaDEcJJjm20E46sQPmeS52oxlxhbsQ&sai=AMfl-YQ2vo9cgDT5z4JP07juoUyq5XsbbbWW2pI7-x7xS8btyx1cpp2wq9G8aF5BQTEf7H_FEom5L1dZeVpkPiepiJ89Hu6Gqk9rW8x4DWgFlqiKx33KDJM7Alfn3Y69J__5BSK6d6wKrNqeCKRAfKmefA&sig=Cg0ArKJSzFz7Rc4ITOBWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5B38 3 KB
1 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:43:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B38 154 KB
47 KB 170ms
135ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H2 200 9896142098063667660
tpc.googlesyndication.com/simgad/ Frame 5B38 49 KB
49 KB 37ms
18ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9896142098063667660

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f05a1c92ba23a816100919f55bbec260bd2016988aad0ac3fa2f14d36ee01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 10:00:46 GMT
x-content-type-options: nosniff
age: 89448
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50471
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 09:53:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Nov 2023 10:00:46 GMT

GET
H3 200 container.html Show response
a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B77 6 KB
3 KB 28ms
10ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:34 GMT
expires: Mon, 27 Nov 2023 10:51:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBD4 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:34 GMT
expires: Mon, 27 Nov 2023 10:51:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98CA 6 KB
3 KB 20ms
9ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:34 GMT
expires: Mon, 27 Nov 2023 10:51:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFC9 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKYVlHtYbd37zsiYW5J0bxdrqtCeeq-4KYhWWRLr_G2ipY6WUOAYGCESd-q_KGHQrK6Cv3mT2NxaXocSBZA_dBEMR9tDc2sODerX5WyOlnSVCwTbgtC0TsIZqacYjOz_VVShADTtP_GjIAbApAAStdIzXwT3QhuOVR37kvOy043zfeJP4mVIRplTu6D_1m22AcVV-v9t9unPdkaq3iF_8XRB6kTrJLBu8hP31dcZkcJ8XVX-BjvfpoQinOdkkO3UVnmyJbVfeLFh5zeglIy4VejllAsHxlu_4mLeIs1G2KfX8dl3rVVkHCdq9tXXiJqCdTkG_A6bOVIZ1fiw&sai=AMfl-YQI6u7cb6yh4W-cMFlM8Ey7CP0G5Ts_lj4FfwAUxcxc7O00ROimewBsn3XQ_PxNKItT8nsT-XAVklsqLgGWPpMSIqBOZ2M-JzDMP8-BAgvWhi0wCKc2M1m7JLGVyedR8nRt-MFNZJ-d5mf8CcIhsQ&sig=Cg0ArKJSzH5aL_TFesB2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CFC9 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Dec 2022 10:43:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFC9 154 KB
47 KB 160ms
148ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H2 200 7279384520908104388
tpc.googlesyndication.com/simgad/ Frame CFC9 41 KB
41 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7279384520908104388

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0f1a879d76bc2ce1909991e335dae0bbd33d2ffd5b0f4e0a9cd97bacbd446f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 20 Nov 2022 11:51:11 GMT
x-content-type-options: nosniff
age: 601223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41814
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 10:48:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 Nov 2023 11:51:11 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 150ms
122ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 151ms
123ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=7LgQBPzY&w=5732901039636480&o=6244355308257280&cv=2.1.0&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 10:51:35 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
DATA 200
OK truncated
/ Frame 620A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 640096266d70a97497aacff058725b3a7b78b89a3fbfe27d24a382215d73176e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5B38 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a1b9dc4f5258d06a21416c86418190c011c115fad789808a7200ac5dfd9ac28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CFC9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10ffa1a12a66c4b9fc56c7adffdecfc8c5495a9d581a822c8bc5836836e16a24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 2 KB
1 KB 47ms
38ms XHR
application/json 13.225.78.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7787&url=%2Fmain&charset=UTF-8&ch=10&ref=www.vesty.co.il&viewerId=null&referer=&_firid=1278942
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: aea1339f821f17fa13bcce299c8ef53bb88865d31259d7df310e1f818d8f0ef9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: a2qUVAJ-iOHy079SNZTPbZRX8SthrnGUvS79CSiDWrrbqHdS1pNQPw==
expires: 0

GET
H3 200 /
www.facebook.com/login/ Frame 1D6B 0
0 152ms
151ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flikebox.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fvesti-502815246460949%253Ffref%253Dts%26width%3D300%26height%3D300%26colorscheme%3Dlight%26show_faces%3Dtrue%26header%3Dtrue%26stream%3Dfalse%26show_border%3Dtrue

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/GhvHv8GRe1K.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 27 Nov 2022 10:51:35 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: RNIzZCDxSVS7/e3Fsjc6uxxg3XL/heG3tAa87n9T0SLNReAHwrgRb1/CdjkEfzcobmbCAMQ/vc0Lo8zrDpDmPA==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3E5A 624 B
285 B 93ms
58ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNWUNMUtjZgLXDdy5JG1x0UkBJi0-1uMXgwZtVpcO2FMDNmVRdem_AazqEdVTQmh5pYElpozQp1miC5pLIVlbBLDuJV8En5gf1KBnD9EAPnscDtYFPc9T0VsLCIWKOGwPbcRtMlk9fVB3NBCAX5AjNWCYeHqPjuqsUrJ3jndCVZrQgJvfSw

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CBD4 82 KB
34 KB 94ms
61ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhGl9wWatmP6LmbcSl0FSJyk0G60O1YA3yS_CzKGBW0OWUB2zT0OEWiKXyJMX3jWN1K1tPPfKtcez6CogC6QnSCpma1g&cry=1&dbm_d=AKAmf-BYtIVnFvo2Ag2TkY4rkPOcdyPe7jnpl6qSLbd21k8UwWExWLuBIW1phbMeSurPqtCXGlW65V-6jZQBFcZBUM2ZXpZY2DLFCRjaAb_iOOC0d41SKMtoWNvjxIOubvuSTU5a3qzSIQQ50jeLaIrQqURo-RGdLM_pNtDLTBysvNcF9YMHFXuP6i3XZHPY5Smrv8NNleonldcxunt6jBP9toKdSEhDEzUDHr1sp6Fk-QrGWglvn2WReCbMxkBznUaNvx23tgQmzTuui6IW5shz58by17_21yQNZVIfGsFXk4ALMg7TVicPTd4P4R_X8ouB6trmv-Mxm5Y0OYBiS0m5ChdE0wkwVBZQNgt_GZRzffIWzcmUE4GJbLLKa2wK9eROQN8LUc-2johcJV_YUYu1JneAZog9gLquK3vtcoe5FfhVAHbLHWYqz3ggOzlWjsa0UXeUsHDFWtnL7QAy2G0vhDAE1m7Qg_W5brk_oVLyPB1RLXlICknJcqqJnESPkX4-j80Yu6Wo6STUEXMacAAQSI84uxozQjQUg0xsDlGqpIKWhKk6BsXjBYhgOvbh4HtEXOKT3BW59n2kKgifrRfWvKXEdy9s6x_vgHVPO-eAInJfhIDPY8JMpxU7KpgjkuUdYljs47ek8LxWzAN_eSrWWVk6GGRSYErhpQwgnp0ejXB0Mw0eMnCBLIM73sJjOlzRuBmmeEyBKtbTT6XkZw2tSHgVu08QU-w9RvmIzjQ1k62VRxLXu55R7JLltU6ZrTauT-073oyRJDt1wFz1UnNI-sLyvG1pz-rUFgORhhQutzlynMmMoBpPxCCIQ09H3syMZFSsLeOuK6W5LopJmUznMFWfgDCKP7utWPb3xEPTSpZ05T_FAhn_hBodwcETDF1v_CzOtdATVqY5SiX9OFmd0Mi7AVdEEASurDjqHQrNB9rNUTGPmXLixHhiA7EF9EnqE7TdaeGi5gPZLWk9CC9OF85ueGHcxL2DDOe8H3vaegY126azthbxTnT6CBmdiwWYtkLr-ZjY8xfoC__fpJYXppboQDrCAwBd-E21rBGQ0PpX4yhQhch4NRZ-CPsX2OKUEVHzmUH7bRwIbTKrSNm8rXqM58zUh7VxjkwevGxw73SjuGd57hVYR1uNMCsVC9HFSm7Vq3bNpVEq3ZvBdFqCmA3jWZW5c3Exfr5KrJxrpkkxjKn2RHu26tU-7Yg6jJmNwkZgoEC8ZDSs0BaZYOtGTyEslYhk9Uyp8p9FYrOGVgNVKwAb-T7OPelO_QsUFDxAlbSktJvM58lsNd_jbAkubAC0nCqgzs9Sljq0i1-LQFhoWFqFL9i1sdWTiPhS_wOedMz_InbaWyev4njtOsJdrlKpSVjRaL0BEjrRKeMuxf1Yc-4FXvW-qUcaFnqj7ea4ysCD7bk4JMDKGrU2F-cEBH59AOqsKhRhWi-8pko53oAqh5gV-bFHDc99YxR7zGdOfRI6NZSUK-qDw-H3rMliZY_-KgIFmvc7pgDzmGm-4UQBeg7jkRIr-ws7eUoF_Z3twiJ3Hp8uA93lbJjua8b0Pq7qKH2tGi9WPXF_pQmSk7Ew3FbxmpLMFWjoCQ5RKjOYZ1de3X7RJCcF6QKFV9v1BfxgfrzjH4SU1-HjWqym2U2VRXbO807By7pEZ-0R2iwBrrz8IG9_maptNjfK10vasYtAWJI_XW62HzJs79RmB8uaKWCVGHFrg4noS-HJvj_05u43DLnMV0XK7-F0Y4DWKeCX-GLqc8uxMesaFVBYIa8-TSaP5RUssWs8xgaRfT7r0J641k4AboCuHwPFeISHI9d93aIhpv3dMHN0o_XPqwaDM9ZeBfCjAJ76c6Pjkahk16FQcFp72OTghU6mxTcW7Q0rjesWfiTYdwpldUwkNyLo2CRMpmP6aYZ0iJJll1FqO-OOpqsnYYDdmRviZYR6r6uTv0obnauyGl6CPzrs7HQLsVVq9m1O11aJPnyWsdN7y4j-hNWWqSJ93qlWU54aYm9umkQZLpbEhtc67hJLBCTFk3rwV5YK7MaxnoPfVVwz4CELnuW8wPNLIJL6O6dXrpAGPa49-bH9I0cHr-bzUrzXyfGQnyXiJovkmRCaNqXbE6k3fambD74vE-g9Fp423WaBifRm1-dFFeVQZGgG6fgOQZt25hH1fKLCAdWuZPAZKMX46_MKoE1uX2yQKbIxRQ3FeHe29KGmdYP2riFFdZXaVcX9-SdS_obUfDISVLOeL8UhtIFUOg3OQHajKmUZsqByrhZ9SGOOjw4cM2uXLg8UotbzRboP8f48R5bE-MfxOKvihVMefy97P402Z7J2-LD1draEEgbAY8cXNZB5gx4tfrMCB8hZrQg_7_-idLmwS78xrro5ov7GErs1ofT_W3OL73T-g7KdZ1E5Sgd0sfETx7cu_wjxGL3Qzlv25XF-oGfiK_k4O8qj4FIYJhYUKNQFacaLgE6i0GS6HdrrxILO75kJIqrWr7vQyCMrmmzxoRotru4vRcwJOiH_16KsCBmK4zEJoDFRmY0p042toMXKI-wg67M6ZhGbapOfAVSVVGZ_UbIWaNh5aSAMlctvDz5FerC9PaIPM9QozcsjSMA4KBF3ZHH1aF2XR-Zn_5U4xR1IxrLcsLz35NsQ7rTB3r9Yuxtvawj5pVG2fTdWyJutSkgUHbmr6NuELQHKgzYPI6a0zkin1GNuxJ1Jy155_lNM1U42XFStdq0JbiHEngh1IdZ49hYko1UCZqGJV0wZSXWYnia4irPJq5DadMPwUYVwXGpA0rEeBfbNwYP-IW4bAE9xIFyqPypCpCPN905J1u9rhSeJ70Se1g4Enkriew4379-JJY88w-BZ1v7HKFkMCTwF_CvVsEDLPRPREQM-L1TtuBaJVjmzZr_COIlTBCcXguuKa9VKIzm69WG_jqNdhXP2RFK0kiDohFh0OouJxwrFDVmjPvBpPgThTJ6Pch0CVXfBuqlM9lOhLGbAUdpsJkpcURKekKmeQSsWf_Fe868j3V1upQtQ2G4yeaKCuP0-2SBnzC8X6DbcxhkCs2k5cHYG5x1_qxIwS69przmAK8NmqQQSKyxJ32CIC0rKdwtbswqfD2c49JTbjSJvdxh5vV6d0KO8n3hDoJTsl54Gm02juOuvMMBtH0wKtTIxcmKpi7ACMVvFelxjRkddPbhbUHiErb-I_59eXEkuSlfKXeN3jP4uJ38OvEtyx8Z0xz6vX2w9N373K99gL58Dk0aD2YnTVc9gppPIvymsGAqZ3A3AFsAHXKv5b46aEud-Rkx7Ul8QbHoITd9EgNuMt5O26oYJWwOR-kKJeRWeyS6rCV_ToPscDgTLEsJZXfmLHM4WJF5cua0wis3D7B2EaKY-vne3rCwcYhqKW0cfuLByxg5UUkbkDjDUdEF0yIdTqL_EdwDF5_tIQXg2RdMF8oQXFbKjSW-ChXiTHRlpOkYjLeXAfHGVrvlzY8yKEVHp9DwHpLjDcsNdrppP5Xp3IIGHntIZpNe5TdJWVeWIvgfsN1Hj5R7r61PV2pYNpd3LWWCOt4ENVDe5ExihkdUdYn59jSS-GWA2AjhraF63KOZkAoK6o8Dc9EbxGblVdlOK-3rAhE_r07_zzgq3cSsI0Onzc6i6GYhwFibI4gIeDCno198-jIkkcDP0ydPUXqFZG-4u49mFKA&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a99504e1f01f960943de16b80d47ca58cd97c480375707e492290e9e78a83738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBD4 42 B
107 B 81ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A50ESF6_BDc3qLAnJGz6OrdJ4OwvwLvxKqc7pGFE4U-rw5XO3Bg6I07ZkffWMLiDy69QaZU8zJkWwruaVwt1Loatz2dFoGrF1XyzZ3qe85rlOuf6U

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CBD4 3 KB
2 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CBD4 18 KB
8 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBD4 154 KB
47 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7F0A 624 B
307 B 84ms
57ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNUUgJ-qMZoYh2AoMnBHDlo5XKtuIfY6Uuqa7bmywfsoVmg-Hx6l5CvcGuExIxJPZReGLLquwYrQi-kSsl1qqy65Rocq566VZaCl501fXZ4jk5aqB0TDz5nEHiDC4w6xt-yiYaL__GNdd0fRkVHIjU_srsbh7r4cSvpZc5H576ZVOyujfh8

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 98CA 82 KB
35 KB 78ms
50ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfanhB0YjsGjAG6KU8GatfdpoVS_3G0JjU3ITFOKvA-HVZ85GTxBD9UJKcYSgMlMiuelJjzi7VBvIkJ0y-HI9GYClBEg&cry=1&dbm_d=AKAmf-C_eu2v-JVGcI6ht4k7CfayZFHq8PBhqDA8lsb1Zdpvw0tNThke_4fsvip0xj7tk2SPiWvkHNF3hCo-g5RxPkPcql6JICKsA-6-ZbFfYgrshW5B1qGSAR8kPm5OCL7-EH27iH9jIATqqBCGBkKkEl6RkIfHSJ3zPoc6AzLD0XsJeWXZ_WgNwd6fyZu7p67K3jcteWzQeqpBKYqfpLkTf2yxih-Kt7jOMqFS0C3u6ikuAw_5DowHyCSvuSP5MReYLfsdvXGDonSFaBmcIi4-A5RUrtpoLbdl0DuhcdDcEaKTimH2SU3OQFY9dDVDWgv11BBimeUAKRxCghu04yJHlkztA5ekUKVR4Ca24mfTvjtdCrDwbhJSMKSJytmQbg_qioDQLLDg0GWrfvuXtfGxliwt7pCdjMnMK2KGmHDsyy9npwhOMpQiAdMj77SoJEMG7pcMQbq2XtzYvz7mcKwU6fMAtZW-rm_GzOI0oKoeGLQ6xlFnTFMZFgCu8etniDIWDfuIdRPgtGVZ0GGBektP-qNbU2tSOd-nhZlda5MKnxBYS6o76m9shnf9fbpZ4grlaSjW34hPke-8j8DifIqp2p9bM-gOcsiAYPyw0I04SU-FNtZNsi3-NQHcY3bzgGnTn8JEdV3XQEQiE_LgFyg-gpFeCqQiovJInsWVPCoA6NeShRodk7aVVWAKRiI3_YaA-7pmRz2VXK9K7vS018IsP7l4K-H88frMjz6DxOIw0Cb_aAfqJJklPnSczKdVpZq31JG3iaP9pR4HGR_B8zXdkIbKCSPnjEdm4DuL_EEAhpBkKNv0M85qJ8JYw33dC_3e5HN6QA7GPJGI50RRVTbGBbejokIo6zKGn-w_SKNw32gZPvhiPyClmUUoeMShEi_AS80V7ItaS05wwhz7SMzviHtEdG_YPh3k4Y2-MCSSoIYAPf5zyR0lLKnpdGYzgi0i_9IKnpFw5-6xex7kvteDhoZKkgO4FQBUdjqBDm4SrQiwi44qtaj5EyTBLgNSJ5zTNT9-h_6sRVTvz3SmXye8l6sbLZZB8-Zyk-PDJluvXCbKtWJ3hGvD33I1lbIO1_8IficIC91cW8TzMSgLBTDwYNDuoXIOeVRXlgPi2YbqyJCEtPAttGKNZW1rRT5FMOcbB3YnMbuFXya14XBKxi5qYp7ZMYS_b5yilNEwojnEPXuMpFG2yMkQhdiTPFfQwL8wpFVdWWlZm5R48PYtfj-Vw4r0ATeuY8gNzXSU0DQIlAvmiVlSqXOi2lydQ4PBgik2Yz1QNX43jx4r-DmS34F-bBdIaRNN9cBufQND-elKZMepDE61RLToPRC9ivvOVyaq-9qpmr5HGCY7Sh2FPCg2t6JQIZR88Uyz9c2WsAC2cOOvP11B36jEOu1cgklS0Znd0BihimkDRk31FWBc6AzapfGHP0gOdv_vOtl-0MnRP_v-HT8iseuLDGMbzQ-XzaktjhIGaPyIyQy0173XBUU74_RE8iD0WjpR3gytMpE4A5MQK0pgJVkiUlUsCbN99dM5HmvoRqMn4h8kNcFJPMAANAoUuVBVP_XDiksMORf4psXOer4camp8OLRgCo2Go-fNfc6vlDzMyUsNNUN-LsgUZRq9YsPn0zpnXsEfqwqxgxQaSPj2oGYFxhb8rU87P7JjwznMzPP6BuFkeOKpeggdRQp_ey8T-koja6DfWmSfkjONqOR82oHAblct2r4mNFvmebHhdmBYTc2i3OElLqs4Eebm3kCNN2t-Ml5Eg8cejBEPauUq_EMUi08Cjw0X02_HFYz6oJo4NY3yScYPx8snhQB-JQc6rMh4ivNUhI6cRxHeI2HGeWStjDISQlGRlaXFdU3FDB9poGbRzpB59jBkBs2eI2zkYwpOipd4yrstCNb4hMDQ2DsH31VFHxQj4XQLCshZNmuhET9CA71JvDkPW6ADhRsN-aTD3E9vRUlXPeeVMw1K4xtrxTwoNKMm2rggs0_qlWU-1feFEe0k3nRSfbfVzpxclGRLbwmraH_neWL0IgWLWb5-pTheWBufKUFjzARvtMqO4MDiWzWemVKlzcvP09tky_Hvi1bAC5XYrdv5NoKqlChUI270oDXIShDy0kCOUqbt_UvHaRxoJQxEwa0eytzCmuoDfJK4aT9hp43xS-be-zZdyJketstVB4Ev0_ysKfmHY96H8vRuuJvRKrTAnrA2_UtmqzjKmYPSbW4ViSGowcqHJ19CYl4-SnX6jbWktwl7Dk9k6VPAaHGigIbIQR8kY8oAdNxuVC8fktbTDnUHuupNnyEP0L5i1a7u_MVpd4DqTPQNpfQtUKk6W69LgnZtpNL8j7uZbHfd-vpXylxWlQtb1uzawETvja5P9FoOQiWRCXD9y4wIMAdJWsZzqVEJBOif0Gy2StagFRHs1Y87qwwvQfHr18ety0Tgb1MUjC_9CCFLWUDE1kI2f1EMyof22FLCBMRtZYYt_GEqE2jo3uLCFwg0tfAxW37GSI71eceIM2S6oLwM-upbffueZw4j9EfmOtyP3vQZkIlTDPgA_r9Hv-h7hMPFC-EwRnN4T-K8L_fpUFYG4KfW3kUbTPqNgqseXjasHVZZ9UVrnEmLVO5CTivIGEnATpTESmBpXVvn_b-DJi9NNq78u0yimaOnh8H46WbKtDdUfeiibymRmnzgUcMwe5zFliHwve23YbAFnSc0ketJ0pKgi8HHZTmOo5TGSaxFlnOP8s7Vymn6L8Zew1laJHbbe5xwVt4DIlknzH_LuRI19eErtAVSLokt9G-SPJa807wQxu3qOaU4WOWExJX_Vl5wg0wy7oxsBq1Zuf4i2muCtgp9E6272vIXqGw_Xx-dsvktaltfEGlwryOeD2VKZyP_6Xu_PMPKOH2B5j6ZHI3hcUzfcL_p2vSFYZykvrXcSyGey9J_bvbqzNSIe1NtiQ-JAnnirkcMi05UD0AAodVQlW5pg-pNRFTOqJdVFYD4sGXYZKOe4N6-J4OCOuwYZD6WDTEGm7suR9daasJpYHSZFa8eAkca1ktov1Kh_1TRG-Q1d-9v3ot40sdy9yszK_So0VaV1dcoI9H6i6wrsl-ZpnjzXQOqSzQoq5R9_4eAqu2fD7eifJsi6V1VAgkHuWbZSdpuaqb-t8WVGbacUmiNJMGBFjP8AXbUWiIumApvRFwpAsK89lcaT8eXpbUKqvo_udrOcFunnmDDs6dev0MPXNeJsFcUt61uqNpHLGfIJBfSGHOrF5bSNkNSGOXC0Gq9BBy17XIPDkAx3OukykVSYBl9Ci2bogiMtPpMG5kA8E0nyOiMrL1o_EfxabKVngJyfo50DEW9eX26GXEQTqW9Onj27LE25JyI10KOfpZ5fxkbl7dKyIEfHGsYwdSsUzN35grCxDUqBWuD_bPi-hit4iPeIs_Zk8UPo1zbPdojCOdEA414BHfhSzSS_nRUcpDchtqubK9OoMdqA8NJjzAXJDB_SEDgyxS1stfpASaECXx6Mb4dWbRfiJH9m0_habwb6zVSZMNmWSbnAXOp27PW6SjRnGFezbrN-pkPh2hzVzLk-54jqd2pTBgPXAkww18QmH4rVcK1RTcw6VJvc3JdDYiCFkGqxE7MDen7kmg1hP-M_Nv5-s6tI0bOG5bHX3_wMU6JWeIp6mmd2MieML69g2BbRvob4AMPyA&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e8296b4d7093701e989e49dfd07dba1369158367ac9bb34a60b63327410b65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35277
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98CA 42 B
107 B 74ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0v4lf3tWvroUl45k7SAaAW0Ashbt3Q8XF1jZOTKOIR40RS_8oP9gMyXwz3HmSRSRCpnpGbvzSfyfWkfEDF0YYNbsrvEZ7_7SzCRX4_ptt1sk8r_s

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 98CA 3 KB
2 KB 34ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 98CA 18 KB
8 KB 32ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98CA 154 KB
47 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2A3F 624 B
285 B 83ms
58ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYkp6m1AEwAQ&v=APEucNV2blzh8nroFRqZXuBYA45XARGfNOTApHktiKCE2A0CTlODXwiLGCoCBoFJnz7Bup2QNqe98UCM1TxJGSMb01eWZkl0ZY-hq3FeonQkIwAfqeipCgFGmt3GyaAwn_ugbaguSGpeI93N8Mji2g0MU5_Hge4DimwZtYcqpBCwVfW_9xbGGWg

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0B77 82 KB
35 KB 94ms
69ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHfvt6zcypzd-g0HeXgwrrCMeRV3r40qcrtxgH5ZBp4ysGm6Y5M4d9y3fuZACvxivrPA6e2jOuoaBKo73_PohkWgYVW0WkoF3o0_bwNbCi8enuSnupYJQRMtY2eG6qaaBrjciXlJlwjcJTy_DR93bg-N0dqaYN6WRx5Igx90M2xWD36Rk&dbm_d=AKAmf-D09nTAm7djlOE72CMo8sfirkLfmkivA1HYpRxix-rDYZ62h6nHWJ-IQi0mwP6HHVIRyaD1cSWZmvQXdfkvY3YxOlSIm8blh6nDCDNOeW9rdYzFIlNF9GCN0y6ye1YgxClf_2Lu4fOmO3SDFDy9w2Dd1yzcfEMrcQ7s4pqUof0AIM7jaOCS1FDSgAvV3HvFtY0QD8SzDLg8XojAUonKGhM5IQataIry6VHiDW8uFpOh74VJMaLHzLES3G9M0AQZnwxUoKhJnZkfSwLv1EG0diwK55qBmJkXaCRAWPYUrKH-INubM5YqYQr9Aag2P2wY7xkkjnOAqDFgUpP7z6DpkpNLsN02YWeDwNg2pEiy5kOvx6sKoXWuREIQ9E3hXQ7iS7BbiL24gMGuCd6S0VaEARN5d-tKP5F5ucVPI-XwwOrWy28WyfpZFZsyGKFIMsUUHLcLjFY3D9CWZUlqi14Cp3MzDJ1PKy-ERMsXf0pZ60AElai9wCK5oK6OvcNVyKnlkWaXFt2WweFX8t4tXLw1YZcqd5TQym1ve5mUTRYs902bfkQ6kuHc6fG-wAcMk2yQwAi1-03jBK_C7_vnbXzkaDU0spV8ED_1Kphg5wVAPzvi0Rnmi5JWgfnUL1JbDjbhA_hqo4RbZCB96aRYhcw-aUF1nvX-KegoSeneg9PvTmOdgDZtOxrluAXXtzFuoe0x-19VYzDZaQSLhMvnjpgG-PtjHzTR9-N1c_jBK4LlB-w9Fb41yMrz5dudqZbXgrE6G8Eul1EHYJO8hDbUlfNLYBkg892Qvm_PUS2mvlQNStwtq4jglsMIvzTda_FtYWrzXLTljBzdgaQnHjXAfN9NSSS1R7xGgHU3zH2gj_5cEYlt74BrvJIOpnXhACjkk7TZuyzHh1YydvshguYkmnM1tvb1OEUOVKLS1tvV0SeYWAwLD9UVd9rfWIt-IcjoQLDb7pZTyDI3pBTQVTpsmi-3lOZJzvvzUB6IsDrttZH9FkHcGsy9BIgU6Pn6s3ZgI9VbU9hUfhVwdfESzURFMFihNxzJV_KyQblCIH-yUPYE0Tbyo0UoECqzWz2_N8GDzn_t2YCIG-wHJJQKHuKzNa5SYEUVE-jmIfA1E5Ix_6pn4F4uZ0ZnwzWarKgYnHyXIaERbcwGYpjhfaz4edcBYwR-R9Dep5jKBvg46H-psBu31gOVHhKylmQCGFrToOyBKzwMIEqVvPv0g9TkGKtsReEDjhBSVrPB-o0_k3ntJjHKt5RyKJRi349YE9WTNZuKtf2l1BWNkLA1obCLR_-5GgB8so_AXRuQyPfcUjbP3sW3K8Odxiz0LPaafMM3oENn-N9fGQk0ZPaLkv56VEE8OvroOmBwb6oYQ-e8S-jsn5yZkRXlrz7iKRQIBBZfsHcvjmpC4Fj8dNMKVfL_na8ByV9pf0QFUGlt7dZrdSnwhrp_l-pdsFB2lYSBQGxcAI_0Noe8INfinWAkkcRU4b6hGmaW_PfOVQ0YDGJoP0iUAUF9NuOJjxKf2q54kLUGEJPb89L6v-5hxxzeQFe8QgXpI7rpPA0wzowjmIULCG0ZnvFUzeXDHpw1nzGGXm8Xce6LsDNaol8isRK1R-L3kn93VPXFeib2K9sMYnmC_rHMIQ2gdt0o1q9oii6Y95nuVzDpJeptQphTwUnLvKF-W32aIgiB9aNvX-JFOgsykRdxlzOpGquD4x841fVRWniJoWbz-6t3cupSSq9yRJCpGZ1portzJ0A2MveS-vfdfb4P3TKamn89NCLaXlFyAt8Vbfs3AJmuUc-IafgF6F3Zil6R7QTE9i8ssVp3h_YL1x0CNpoZw8XvOi-5rsyBBSByENM4ZXWnc0qvG1MvOuoF9J-muKbNaGuzhnBjkDsJUaiiHgpLJLN4i2Bo0pD29-MUEFJgjj2d0QD5V7XmT37dFTvDODx9ly0BQVgbn-NhUGuIoId68S9K2msOdTiVJECXZLrl8ES_ArJ5EN1LVdMJSnHzW78hjqOhEfzpWJIP6enHpdlEvSlFdn87YSCaO04PZfD5fOZXGCw592GYmM89SIZRH2f8W8vc_O0YvDMevijoIr-koKkmoFAyTx0rTO3Ej5bJdKfAnMjHNcfKi4l_XSyNtMZwkcFEyx1ATpkkHUeVhN2Vx0yjSmY43YNk9M5tcwHLqrl2_A7fswMbAPwhKSV3ncDSUC3onoLPbR6FnaovI9TpGbYHtgI2FlJ5efIQnhKfeNlAXdiWubVrnZTGoKQ9S6fLuuexIMqD3dUABTBeGNInF1RQTpHCG-siHN23FSoiGW1zMuAMaKNvSl2coJlHb4yNrsY75wsZPpeHZLt-GhsOc1I5L4oFQq4iTfLgEMBDn7oUW33ChxxpArM8KRzQaR3GsqH1VULqltURM4hiuiZb3Kc6Jupxk1mXuZlF8v6SBynyAzKNTZ8HvEzimxddxuFOSyal28CGCQuqTxIiiyvuKlBR3ejSFOlnQCLKeVqZv1Syd_hahpeB5eytqENemKdBnLQ5VCOFVQy8fX6aVndoTP-QaVOx2KOY_dw6Aai7ArN2qmrfg3pbyUm1jephUkmU_R_q181PNsEyuZVYgcuXr-XpPFmDJJkLOVQPyPW6boqjq_ig0wWyacUHQ06JncjYzhkianbEj9_MT1-tHsyyrzreZseYi5EfkM749Wl0UU3X5wlvOAU-bBZu6EtYz9xCYju1rseCBEAkNUzlCZ42dHn2EbBKdS9G6tXMzOLxpQmAnzW0ZNOjmfYozX3IGmko3AZ2ZKVd5oFCqya9LlhJbPLcMau8Ye1BaYj04izTvNWpKbIv02yxRE_vUkccnv4Gd-EcPN5oJr7mBRlAxBX8mTIWvgJIHMDxvtie784-Bt8FDXxSHVUjcyQ_I2e_6oL64uWgOuAwVhejz4LYvScZ7XtYnNE3PtNpFBOjTBXVcwvGye3zsllFO-QDEb0iivc5i4AfG4VkmoIF4TQNy2WY5wWPd1ojP8JLtCKkgUMwjUM5-yyLgboHY6ECT61NpaFO9CbxoSVhzmWJBZpXnF0DMS1VUt1cRoIZJ3etd-wGl4S0T-8F5bHo9Q8jiA0biPwA_VxUmAv8rl3yIc0LNXSbSb_hC_iDktZA22AH5GmMOlI-PCF8Nam-_1B8bXOdYmRhbXmIQHFysx4ilpuSK9EtpXuS8h9RF8kOxpxWNk84Na-9qN_G5VQFzQ7UYuyGjuHLOG6luAHbrvd9rs73IMEF0esmRHrU9vMXGIaGNe2E1jSX2pghL74P5vbf6lBIe9RWaXVd1mwFc_P0SpLK6e6pheNsBKwICd2bm0owoxlfSJ2PrUoF4ce0cTUvKKLzDfrb-xKNia2gLlBqnQQqg7FncQV6UjQRM0Sq4Brxy7Pae62N1axLOGL8VtDYl_EEvHxprvRFy1aJbAIrcaOFYlyxMBdr8D3nUx9TwcrjBVMS53hZRZl7DxnK&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1bc9a81f0c03a10c2829bfc10b6788c9a7366c3931a0f182716b7006fbe8f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35323
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B77 42 B
494 B 72ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMGhbJmGLaURP6vGybNkRpVQEfMTpGrwm6ubcFuB5u4nDLynyPs-bIhrDDiK3N76U2nEMNkuK6iQSapvyYPKHa7Q7z38eXJB8ovqq45PUkOaTYuRg

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0B77 3 KB
2 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0B77 18 KB
8 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80867
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B77 154 KB
47 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 103 KB
40 KB 154ms
38ms Script
text/javascript 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.vesty.co.il&type=display&cust=7787&sid=direct&c=&cust2=direct

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8e75d1398a51e488df67825d9f5fa32e03417030b4f5f3325728997e66833635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Oct 2022 20:34:23 GMT
Server: Apache
ETag: "19a5c-5ebcdb78011c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 40309
X-XSS-Protection: 1; mode=block

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7028ce246826b7ed6bb35f54c2cd43b0c851b84278f8b8b64b03b95190e24356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 620A 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGQEMbctaSTWT8rlNnyXOnir--HrymH5s_M6MdyphDd6Q2Y8vRlE8rE35EXJx2irzEReKs7zja1VbPj9XnuZJDOO7M0QihknyeZCuOgqklRoQ_24jgcvRKeDGuCa5gjFHurkZb7jSU78YvhdGrPpHXvYPnNKpbHF4_0ZKHcUalzj4AFYU1whwqhBmg816mWYLzKzJ9fJkp7R3cHy0UDvx296ApaAWZf3djhd4DmqSXoojqbSlgFDKMMWgyzD4vXg6Iynd6klXgWvBgMvnAgWvLVgT88gc69Rdq7osC4SiJnpFOA62P27IMSUobQrt0xId9LdGkmaDH_L2Uwg&sai=AMfl-YTTQhizcrtJMlmAluqWXlTAezlEAhAtobTz7edndKcG77V__jfwXmL4ljHtMEEbbZyregB7nsRqqKkz4LZW_ltzSAbcB0vVLu14jcgLa9bz8A_xbEYyNR_8d57NP8J3QCmlo7p14pn8n-jVMC_QPA&sig=Cg0ArKJSzH3v7VI40LH_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5B38 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukWUykCm_V8OD8KNGK--1AU90WqpA7m5gsVUzMJCJT4bW5kLv3Ud0kxv0AMqI6UuP3W0kj0auOIHQ07qWchQAA5I4yMv6zAeLX-P8VJRfpE1eu8u-uY0tR1DDd8ZkdMv4tcE7ntOakfgigdtZbgX3bOb87zGUcSqjOtuN9TGg7wfjyA3RtI5ZmeH43dEixi2Gb8vaZ6CXYnglfuwIMndF8odihQzEc4ARl2QSi1SZj6UVp6-tNjfwmM4DqUNoQcg4mUyayhhBME8oqBoMI6pZ1qRiMzs2yI-rpm9bU8_jUeG8mRkKMpfyEkwiNHK-YhPp_HX8x5WcGcEXZ8imx&sai=AMfl-YSn-0XS8mVu9YKo15_o3SE4NwfraESYn5ekdaeEDuofCIwcTsvDYYRuvOhWANB4H-NvFLA-WVgPxIzl7K_6hG2qL-_l83Xi_azxpaT6IO3eX7c7OEJiGi5D_ggJZ0AyzEpfVSIg7O4qfMfo5YAgYA&sig=Cg0ArKJSzPUDaNP1QIA3EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7F0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1

43 B
894 B

12ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNUUgJ-qMZoYh2AoMnBHDlo5XKtuIfY6Uuqa7bmywfsoVmg-Hx6l5CvcGuExIxJPZReGLLquwYrQi-kSsl1qqy65Rocq566VZaCl501fXZ4jk5aqB0TDz5nEHiDC4w6xt-yiYaL__GNdd0fRkVHIjU_srsbh7r4cSvpZc5H576ZVOyujfh8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7F0A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4NBN1u-gADxzetEZRPPrQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNUUgJ-qMZoYh2AoMnBHDlo5XKtuIfY6Uuqa7bmywfsoVmg-Hx6l5CvcGuExIxJPZReGLLquwYrQi-kSsl1qqy65Rocq566VZaCl501fXZ4jk5aqB0TDz5nEHiDC4w6xt-yiYaL__GNdd0fRkVHIjU_srsbh7r4cSvpZc5H576ZVOyujfh8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7F0A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1

43 B
1009 B

87ms
49ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNUUgJ-qMZoYh2AoMnBHDlo5XKtuIfY6Uuqa7bmywfsoVmg-Hx6l5CvcGuExIxJPZReGLLquwYrQi-kSsl1qqy65Rocq566VZaCl501fXZ4jk5aqB0TDz5nEHiDC4w6xt-yiYaL__GNdd0fRkVHIjU_srsbh7r4cSvpZc5H576ZVOyujfh8

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: 19805d5a-fba5-4e05-8531-0e3ad1d722c0
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7F0A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

170 B
188 B

23ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: 609cca4f-f760-4496-a270-4f57994438f9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNWUNMUtjZgLXDdy5JG1x0UkBJi0-1uMXgwZtVpcO2FMDNmVRdem_AazqEdVTQmh5pYElpozQp1miC5pLIVlbBLDuJV8En5gf1KBnD9EAPnscDtYFPc9T0VsLCIWKOGwPbcRtMlk9fVB3NBCAX5AjNWCYeHqPjuqsUrJ3jndCVZrQgJvfSw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3E5A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4NBN1u-gADxzetEZRPPrQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1

43 B
766 B

9ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNWUNMUtjZgLXDdy5JG1x0UkBJi0-1uMXgwZtVpcO2FMDNmVRdem_AazqEdVTQmh5pYElpozQp1miC5pLIVlbBLDuJV8En5gf1KBnD9EAPnscDtYFPc9T0VsLCIWKOGwPbcRtMlk9fVB3NBCAX5AjNWCYeHqPjuqsUrJ3jndCVZrQgJvfSw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3E5A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPKDcLbE-rZ140gbleoQNH8%26google_cver%3D1

43 B
1 KB

18ms
15ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPKDcLbE-rZ140gbleoQNH8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGMCYv9oBMAE&v=APEucNWUNMUtjZgLXDdy5JG1x0UkBJi0-1uMXgwZtVpcO2FMDNmVRdem_AazqEdVTQmh5pYElpozQp1miC5pLIVlbBLDuJV8En5gf1KBnD9EAPnscDtYFPc9T0VsLCIWKOGwPbcRtMlk9fVB3NBCAX5AjNWCYeHqPjuqsUrJ3jndCVZrQgJvfSw

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: 44fbf822-daf6-4ab9-84b1-c55cd0a0cd34
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: 0216e50a-35fa-4bed-a65d-e1b491363ecb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPKDcLbE-rZ140gbleoQNH8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E5A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

170 B
188 B

19ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: 758d5304-978a-4a3a-acbb-e1d47f354bf3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2A3F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1

43 B
766 B

11ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYkp6m1AEwAQ&v=APEucNV2blzh8nroFRqZXuBYA45XARGfNOTApHktiKCE2A0CTlODXwiLGCoCBoFJnz7Bup2QNqe98UCM1TxJGSMb01eWZkl0ZY-hq3FeonQkIwAfqeipCgFGmt3GyaAwn_ugbaguSGpeI93N8Mji2g0MU5_Hge4DimwZtYcqpBCwVfW_9xbGGWg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2A3F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4NBN1u-gADxzetEZRPPrQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYkp6m1AEwAQ&v=APEucNV2blzh8nroFRqZXuBYA45XARGfNOTApHktiKCE2A0CTlODXwiLGCoCBoFJnz7Bup2QNqe98UCM1TxJGSMb01eWZkl0ZY-hq3FeonQkIwAfqeipCgFGmt3GyaAwn_ugbaguSGpeI93N8Mji2g0MU5_Hge4DimwZtYcqpBCwVfW_9xbGGWg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM72csxK-Icc60ukOJ43-_w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2A3F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1

43 B
1009 B

47ms
16ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYkp6m1AEwAQ&v=APEucNV2blzh8nroFRqZXuBYA45XARGfNOTApHktiKCE2A0CTlODXwiLGCoCBoFJnz7Bup2QNqe98UCM1TxJGSMb01eWZkl0ZY-hq3FeonQkIwAfqeipCgFGmt3GyaAwn_ugbaguSGpeI93N8Mji2g0MU5_Hge4DimwZtYcqpBCwVfW_9xbGGWg

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: fca902ed-db7d-4bc1-a8da-8409554238d8
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPKDcLbE-rZ140gbleoQNH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2A3F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Nov 2022 10:51:35 GMT
AN-X-Request-Uuid: 2344737d-e3c8-41ee-bf8f-e04983ac85a9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIwMjgzNzEyMDU0NDM2NzQ3
Connection: keep-alive
X-Proxy-Origin: 81.95.5.43; 81.95.5.43; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 98CA 106 KB
38 KB 61ms
11ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Origin: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 98CA 8 KB
3 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfanhB0YjsGjAG6KU8GatfdpoVS_3G0JjU3ITFOKvA-HVZ85GTxBD9UJKcYSgMlMiuelJjzi7VBvIkJ0y-HI9GYClBEg&cry=1&dbm_d=AKAmf-C_eu2v-JVGcI6ht4k7CfayZFHq8PBhqDA8lsb1Zdpvw0tNThke_4fsvip0xj7tk2SPiWvkHNF3hCo-g5RxPkPcql6JICKsA-6-ZbFfYgrshW5B1qGSAR8kPm5OCL7-EH27iH9jIATqqBCGBkKkEl6RkIfHSJ3zPoc6AzLD0XsJeWXZ_WgNwd6fyZu7p67K3jcteWzQeqpBKYqfpLkTf2yxih-Kt7jOMqFS0C3u6ikuAw_5DowHyCSvuSP5MReYLfsdvXGDonSFaBmcIi4-A5RUrtpoLbdl0DuhcdDcEaKTimH2SU3OQFY9dDVDWgv11BBimeUAKRxCghu04yJHlkztA5ekUKVR4Ca24mfTvjtdCrDwbhJSMKSJytmQbg_qioDQLLDg0GWrfvuXtfGxliwt7pCdjMnMK2KGmHDsyy9npwhOMpQiAdMj77SoJEMG7pcMQbq2XtzYvz7mcKwU6fMAtZW-rm_GzOI0oKoeGLQ6xlFnTFMZFgCu8etniDIWDfuIdRPgtGVZ0GGBektP-qNbU2tSOd-nhZlda5MKnxBYS6o76m9shnf9fbpZ4grlaSjW34hPke-8j8DifIqp2p9bM-gOcsiAYPyw0I04SU-FNtZNsi3-NQHcY3bzgGnTn8JEdV3XQEQiE_LgFyg-gpFeCqQiovJInsWVPCoA6NeShRodk7aVVWAKRiI3_YaA-7pmRz2VXK9K7vS018IsP7l4K-H88frMjz6DxOIw0Cb_aAfqJJklPnSczKdVpZq31JG3iaP9pR4HGR_B8zXdkIbKCSPnjEdm4DuL_EEAhpBkKNv0M85qJ8JYw33dC_3e5HN6QA7GPJGI50RRVTbGBbejokIo6zKGn-w_SKNw32gZPvhiPyClmUUoeMShEi_AS80V7ItaS05wwhz7SMzviHtEdG_YPh3k4Y2-MCSSoIYAPf5zyR0lLKnpdGYzgi0i_9IKnpFw5-6xex7kvteDhoZKkgO4FQBUdjqBDm4SrQiwi44qtaj5EyTBLgNSJ5zTNT9-h_6sRVTvz3SmXye8l6sbLZZB8-Zyk-PDJluvXCbKtWJ3hGvD33I1lbIO1_8IficIC91cW8TzMSgLBTDwYNDuoXIOeVRXlgPi2YbqyJCEtPAttGKNZW1rRT5FMOcbB3YnMbuFXya14XBKxi5qYp7ZMYS_b5yilNEwojnEPXuMpFG2yMkQhdiTPFfQwL8wpFVdWWlZm5R48PYtfj-Vw4r0ATeuY8gNzXSU0DQIlAvmiVlSqXOi2lydQ4PBgik2Yz1QNX43jx4r-DmS34F-bBdIaRNN9cBufQND-elKZMepDE61RLToPRC9ivvOVyaq-9qpmr5HGCY7Sh2FPCg2t6JQIZR88Uyz9c2WsAC2cOOvP11B36jEOu1cgklS0Znd0BihimkDRk31FWBc6AzapfGHP0gOdv_vOtl-0MnRP_v-HT8iseuLDGMbzQ-XzaktjhIGaPyIyQy0173XBUU74_RE8iD0WjpR3gytMpE4A5MQK0pgJVkiUlUsCbN99dM5HmvoRqMn4h8kNcFJPMAANAoUuVBVP_XDiksMORf4psXOer4camp8OLRgCo2Go-fNfc6vlDzMyUsNNUN-LsgUZRq9YsPn0zpnXsEfqwqxgxQaSPj2oGYFxhb8rU87P7JjwznMzPP6BuFkeOKpeggdRQp_ey8T-koja6DfWmSfkjONqOR82oHAblct2r4mNFvmebHhdmBYTc2i3OElLqs4Eebm3kCNN2t-Ml5Eg8cejBEPauUq_EMUi08Cjw0X02_HFYz6oJo4NY3yScYPx8snhQB-JQc6rMh4ivNUhI6cRxHeI2HGeWStjDISQlGRlaXFdU3FDB9poGbRzpB59jBkBs2eI2zkYwpOipd4yrstCNb4hMDQ2DsH31VFHxQj4XQLCshZNmuhET9CA71JvDkPW6ADhRsN-aTD3E9vRUlXPeeVMw1K4xtrxTwoNKMm2rggs0_qlWU-1feFEe0k3nRSfbfVzpxclGRLbwmraH_neWL0IgWLWb5-pTheWBufKUFjzARvtMqO4MDiWzWemVKlzcvP09tky_Hvi1bAC5XYrdv5NoKqlChUI270oDXIShDy0kCOUqbt_UvHaRxoJQxEwa0eytzCmuoDfJK4aT9hp43xS-be-zZdyJketstVB4Ev0_ysKfmHY96H8vRuuJvRKrTAnrA2_UtmqzjKmYPSbW4ViSGowcqHJ19CYl4-SnX6jbWktwl7Dk9k6VPAaHGigIbIQR8kY8oAdNxuVC8fktbTDnUHuupNnyEP0L5i1a7u_MVpd4DqTPQNpfQtUKk6W69LgnZtpNL8j7uZbHfd-vpXylxWlQtb1uzawETvja5P9FoOQiWRCXD9y4wIMAdJWsZzqVEJBOif0Gy2StagFRHs1Y87qwwvQfHr18ety0Tgb1MUjC_9CCFLWUDE1kI2f1EMyof22FLCBMRtZYYt_GEqE2jo3uLCFwg0tfAxW37GSI71eceIM2S6oLwM-upbffueZw4j9EfmOtyP3vQZkIlTDPgA_r9Hv-h7hMPFC-EwRnN4T-K8L_fpUFYG4KfW3kUbTPqNgqseXjasHVZZ9UVrnEmLVO5CTivIGEnATpTESmBpXVvn_b-DJi9NNq78u0yimaOnh8H46WbKtDdUfeiibymRmnzgUcMwe5zFliHwve23YbAFnSc0ketJ0pKgi8HHZTmOo5TGSaxFlnOP8s7Vymn6L8Zew1laJHbbe5xwVt4DIlknzH_LuRI19eErtAVSLokt9G-SPJa807wQxu3qOaU4WOWExJX_Vl5wg0wy7oxsBq1Zuf4i2muCtgp9E6272vIXqGw_Xx-dsvktaltfEGlwryOeD2VKZyP_6Xu_PMPKOH2B5j6ZHI3hcUzfcL_p2vSFYZykvrXcSyGey9J_bvbqzNSIe1NtiQ-JAnnirkcMi05UD0AAodVQlW5pg-pNRFTOqJdVFYD4sGXYZKOe4N6-J4OCOuwYZD6WDTEGm7suR9daasJpYHSZFa8eAkca1ktov1Kh_1TRG-Q1d-9v3ot40sdy9yszK_So0VaV1dcoI9H6i6wrsl-ZpnjzXQOqSzQoq5R9_4eAqu2fD7eifJsi6V1VAgkHuWbZSdpuaqb-t8WVGbacUmiNJMGBFjP8AXbUWiIumApvRFwpAsK89lcaT8eXpbUKqvo_udrOcFunnmDDs6dev0MPXNeJsFcUt61uqNpHLGfIJBfSGHOrF5bSNkNSGOXC0Gq9BBy17XIPDkAx3OukykVSYBl9Ci2bogiMtPpMG5kA8E0nyOiMrL1o_EfxabKVngJyfo50DEW9eX26GXEQTqW9Onj27LE25JyI10KOfpZ5fxkbl7dKyIEfHGsYwdSsUzN35grCxDUqBWuD_bPi-hit4iPeIs_Zk8UPo1zbPdojCOdEA414BHfhSzSS_nRUcpDchtqubK9OoMdqA8NJjzAXJDB_SEDgyxS1stfpASaECXx6Mb4dWbRfiJH9m0_habwb6zVSZMNmWSbnAXOp27PW6SjRnGFezbrN-pkPh2hzVzLk-54jqd2pTBgPXAkww18QmH4rVcK1RTcw6VJvc3JdDYiCFkGqxE7MDen7kmg1hP-M_Nv5-s6tI0bOG5bHX3_wMU6JWeIp6mmd2MieML69g2BbRvob4AMPyA&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 98CA 29 KB
11 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:51:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFC9 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyIHkKs9x11uZ_lCqGVBQIYj5PDCNysQwkwyAPCvQmmAOIf61_bInzxybGJab0xn4XTRVBNT01h4OUrjHFIAeamHXPGkvW7RabpZ-rgrPbDyJCAYXedXyGS1iYUTmYtHFApXP-KYKYcyMYQrho7RTAWx7toRTJ1B90KM8w5KxcgiBB9xCI62Ypwdhr9QjsOxFHovOkLKEbdr3hH8gNT81KLMBsA5Bujl56FI0TDjDYNMKM-RWj4xFdw9l5zOFgGKK3BCtb3aEb9F6ASFSRQDKok5J8T66KD4kn_cuHGDNIVbFq57dlTwaDLSZNjZRp0oGJHfMoYCjcTuycb3td&sai=AMfl-YREqCIfB4Uklut7lt6bacbyl5KCWVmBUjrnqt2q0iz2Pp7Cq4q5NI1CbhJg11PSfJAnYZYK5qQyN3UV6wmEf-BqN_ndmC5wfCnO-nZsVylrXGeONI07WwojbB_M9ewQ5PsUjkh7R4sV-AON0nkSRg&sig=Cg0ArKJSzPmUyM-B4gcUEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame CBD4 106 KB
37 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Origin: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame CBD4 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AhGl9wWatmP6LmbcSl0FSJyk0G60O1YA3yS_CzKGBW0OWUB2zT0OEWiKXyJMX3jWN1K1tPPfKtcez6CogC6QnSCpma1g&cry=1&dbm_d=AKAmf-BYtIVnFvo2Ag2TkY4rkPOcdyPe7jnpl6qSLbd21k8UwWExWLuBIW1phbMeSurPqtCXGlW65V-6jZQBFcZBUM2ZXpZY2DLFCRjaAb_iOOC0d41SKMtoWNvjxIOubvuSTU5a3qzSIQQ50jeLaIrQqURo-RGdLM_pNtDLTBysvNcF9YMHFXuP6i3XZHPY5Smrv8NNleonldcxunt6jBP9toKdSEhDEzUDHr1sp6Fk-QrGWglvn2WReCbMxkBznUaNvx23tgQmzTuui6IW5shz58by17_21yQNZVIfGsFXk4ALMg7TVicPTd4P4R_X8ouB6trmv-Mxm5Y0OYBiS0m5ChdE0wkwVBZQNgt_GZRzffIWzcmUE4GJbLLKa2wK9eROQN8LUc-2johcJV_YUYu1JneAZog9gLquK3vtcoe5FfhVAHbLHWYqz3ggOzlWjsa0UXeUsHDFWtnL7QAy2G0vhDAE1m7Qg_W5brk_oVLyPB1RLXlICknJcqqJnESPkX4-j80Yu6Wo6STUEXMacAAQSI84uxozQjQUg0xsDlGqpIKWhKk6BsXjBYhgOvbh4HtEXOKT3BW59n2kKgifrRfWvKXEdy9s6x_vgHVPO-eAInJfhIDPY8JMpxU7KpgjkuUdYljs47ek8LxWzAN_eSrWWVk6GGRSYErhpQwgnp0ejXB0Mw0eMnCBLIM73sJjOlzRuBmmeEyBKtbTT6XkZw2tSHgVu08QU-w9RvmIzjQ1k62VRxLXu55R7JLltU6ZrTauT-073oyRJDt1wFz1UnNI-sLyvG1pz-rUFgORhhQutzlynMmMoBpPxCCIQ09H3syMZFSsLeOuK6W5LopJmUznMFWfgDCKP7utWPb3xEPTSpZ05T_FAhn_hBodwcETDF1v_CzOtdATVqY5SiX9OFmd0Mi7AVdEEASurDjqHQrNB9rNUTGPmXLixHhiA7EF9EnqE7TdaeGi5gPZLWk9CC9OF85ueGHcxL2DDOe8H3vaegY126azthbxTnT6CBmdiwWYtkLr-ZjY8xfoC__fpJYXppboQDrCAwBd-E21rBGQ0PpX4yhQhch4NRZ-CPsX2OKUEVHzmUH7bRwIbTKrSNm8rXqM58zUh7VxjkwevGxw73SjuGd57hVYR1uNMCsVC9HFSm7Vq3bNpVEq3ZvBdFqCmA3jWZW5c3Exfr5KrJxrpkkxjKn2RHu26tU-7Yg6jJmNwkZgoEC8ZDSs0BaZYOtGTyEslYhk9Uyp8p9FYrOGVgNVKwAb-T7OPelO_QsUFDxAlbSktJvM58lsNd_jbAkubAC0nCqgzs9Sljq0i1-LQFhoWFqFL9i1sdWTiPhS_wOedMz_InbaWyev4njtOsJdrlKpSVjRaL0BEjrRKeMuxf1Yc-4FXvW-qUcaFnqj7ea4ysCD7bk4JMDKGrU2F-cEBH59AOqsKhRhWi-8pko53oAqh5gV-bFHDc99YxR7zGdOfRI6NZSUK-qDw-H3rMliZY_-KgIFmvc7pgDzmGm-4UQBeg7jkRIr-ws7eUoF_Z3twiJ3Hp8uA93lbJjua8b0Pq7qKH2tGi9WPXF_pQmSk7Ew3FbxmpLMFWjoCQ5RKjOYZ1de3X7RJCcF6QKFV9v1BfxgfrzjH4SU1-HjWqym2U2VRXbO807By7pEZ-0R2iwBrrz8IG9_maptNjfK10vasYtAWJI_XW62HzJs79RmB8uaKWCVGHFrg4noS-HJvj_05u43DLnMV0XK7-F0Y4DWKeCX-GLqc8uxMesaFVBYIa8-TSaP5RUssWs8xgaRfT7r0J641k4AboCuHwPFeISHI9d93aIhpv3dMHN0o_XPqwaDM9ZeBfCjAJ76c6Pjkahk16FQcFp72OTghU6mxTcW7Q0rjesWfiTYdwpldUwkNyLo2CRMpmP6aYZ0iJJll1FqO-OOpqsnYYDdmRviZYR6r6uTv0obnauyGl6CPzrs7HQLsVVq9m1O11aJPnyWsdN7y4j-hNWWqSJ93qlWU54aYm9umkQZLpbEhtc67hJLBCTFk3rwV5YK7MaxnoPfVVwz4CELnuW8wPNLIJL6O6dXrpAGPa49-bH9I0cHr-bzUrzXyfGQnyXiJovkmRCaNqXbE6k3fambD74vE-g9Fp423WaBifRm1-dFFeVQZGgG6fgOQZt25hH1fKLCAdWuZPAZKMX46_MKoE1uX2yQKbIxRQ3FeHe29KGmdYP2riFFdZXaVcX9-SdS_obUfDISVLOeL8UhtIFUOg3OQHajKmUZsqByrhZ9SGOOjw4cM2uXLg8UotbzRboP8f48R5bE-MfxOKvihVMefy97P402Z7J2-LD1draEEgbAY8cXNZB5gx4tfrMCB8hZrQg_7_-idLmwS78xrro5ov7GErs1ofT_W3OL73T-g7KdZ1E5Sgd0sfETx7cu_wjxGL3Qzlv25XF-oGfiK_k4O8qj4FIYJhYUKNQFacaLgE6i0GS6HdrrxILO75kJIqrWr7vQyCMrmmzxoRotru4vRcwJOiH_16KsCBmK4zEJoDFRmY0p042toMXKI-wg67M6ZhGbapOfAVSVVGZ_UbIWaNh5aSAMlctvDz5FerC9PaIPM9QozcsjSMA4KBF3ZHH1aF2XR-Zn_5U4xR1IxrLcsLz35NsQ7rTB3r9Yuxtvawj5pVG2fTdWyJutSkgUHbmr6NuELQHKgzYPI6a0zkin1GNuxJ1Jy155_lNM1U42XFStdq0JbiHEngh1IdZ49hYko1UCZqGJV0wZSXWYnia4irPJq5DadMPwUYVwXGpA0rEeBfbNwYP-IW4bAE9xIFyqPypCpCPN905J1u9rhSeJ70Se1g4Enkriew4379-JJY88w-BZ1v7HKFkMCTwF_CvVsEDLPRPREQM-L1TtuBaJVjmzZr_COIlTBCcXguuKa9VKIzm69WG_jqNdhXP2RFK0kiDohFh0OouJxwrFDVmjPvBpPgThTJ6Pch0CVXfBuqlM9lOhLGbAUdpsJkpcURKekKmeQSsWf_Fe868j3V1upQtQ2G4yeaKCuP0-2SBnzC8X6DbcxhkCs2k5cHYG5x1_qxIwS69przmAK8NmqQQSKyxJ32CIC0rKdwtbswqfD2c49JTbjSJvdxh5vV6d0KO8n3hDoJTsl54Gm02juOuvMMBtH0wKtTIxcmKpi7ACMVvFelxjRkddPbhbUHiErb-I_59eXEkuSlfKXeN3jP4uJ38OvEtyx8Z0xz6vX2w9N373K99gL58Dk0aD2YnTVc9gppPIvymsGAqZ3A3AFsAHXKv5b46aEud-Rkx7Ul8QbHoITd9EgNuMt5O26oYJWwOR-kKJeRWeyS6rCV_ToPscDgTLEsJZXfmLHM4WJF5cua0wis3D7B2EaKY-vne3rCwcYhqKW0cfuLByxg5UUkbkDjDUdEF0yIdTqL_EdwDF5_tIQXg2RdMF8oQXFbKjSW-ChXiTHRlpOkYjLeXAfHGVrvlzY8yKEVHp9DwHpLjDcsNdrppP5Xp3IIGHntIZpNe5TdJWVeWIvgfsN1Hj5R7r61PV2pYNpd3LWWCOt4ENVDe5ExihkdUdYn59jSS-GWA2AjhraF63KOZkAoK6o8Dc9EbxGblVdlOK-3rAhE_r07_zzgq3cSsI0Onzc6i6GYhwFibI4gIeDCno198-jIkkcDP0ydPUXqFZG-4u49mFKA&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame CBD4 29 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:51:11 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0B77 106 KB
37 KB 38ms
27ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Origin: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 0B77 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHfvt6zcypzd-g0HeXgwrrCMeRV3r40qcrtxgH5ZBp4ysGm6Y5M4d9y3fuZACvxivrPA6e2jOuoaBKo73_PohkWgYVW0WkoF3o0_bwNbCi8enuSnupYJQRMtY2eG6qaaBrjciXlJlwjcJTy_DR93bg-N0dqaYN6WRx5Igx90M2xWD36Rk&dbm_d=AKAmf-D09nTAm7djlOE72CMo8sfirkLfmkivA1HYpRxix-rDYZ62h6nHWJ-IQi0mwP6HHVIRyaD1cSWZmvQXdfkvY3YxOlSIm8blh6nDCDNOeW9rdYzFIlNF9GCN0y6ye1YgxClf_2Lu4fOmO3SDFDy9w2Dd1yzcfEMrcQ7s4pqUof0AIM7jaOCS1FDSgAvV3HvFtY0QD8SzDLg8XojAUonKGhM5IQataIry6VHiDW8uFpOh74VJMaLHzLES3G9M0AQZnwxUoKhJnZkfSwLv1EG0diwK55qBmJkXaCRAWPYUrKH-INubM5YqYQr9Aag2P2wY7xkkjnOAqDFgUpP7z6DpkpNLsN02YWeDwNg2pEiy5kOvx6sKoXWuREIQ9E3hXQ7iS7BbiL24gMGuCd6S0VaEARN5d-tKP5F5ucVPI-XwwOrWy28WyfpZFZsyGKFIMsUUHLcLjFY3D9CWZUlqi14Cp3MzDJ1PKy-ERMsXf0pZ60AElai9wCK5oK6OvcNVyKnlkWaXFt2WweFX8t4tXLw1YZcqd5TQym1ve5mUTRYs902bfkQ6kuHc6fG-wAcMk2yQwAi1-03jBK_C7_vnbXzkaDU0spV8ED_1Kphg5wVAPzvi0Rnmi5JWgfnUL1JbDjbhA_hqo4RbZCB96aRYhcw-aUF1nvX-KegoSeneg9PvTmOdgDZtOxrluAXXtzFuoe0x-19VYzDZaQSLhMvnjpgG-PtjHzTR9-N1c_jBK4LlB-w9Fb41yMrz5dudqZbXgrE6G8Eul1EHYJO8hDbUlfNLYBkg892Qvm_PUS2mvlQNStwtq4jglsMIvzTda_FtYWrzXLTljBzdgaQnHjXAfN9NSSS1R7xGgHU3zH2gj_5cEYlt74BrvJIOpnXhACjkk7TZuyzHh1YydvshguYkmnM1tvb1OEUOVKLS1tvV0SeYWAwLD9UVd9rfWIt-IcjoQLDb7pZTyDI3pBTQVTpsmi-3lOZJzvvzUB6IsDrttZH9FkHcGsy9BIgU6Pn6s3ZgI9VbU9hUfhVwdfESzURFMFihNxzJV_KyQblCIH-yUPYE0Tbyo0UoECqzWz2_N8GDzn_t2YCIG-wHJJQKHuKzNa5SYEUVE-jmIfA1E5Ix_6pn4F4uZ0ZnwzWarKgYnHyXIaERbcwGYpjhfaz4edcBYwR-R9Dep5jKBvg46H-psBu31gOVHhKylmQCGFrToOyBKzwMIEqVvPv0g9TkGKtsReEDjhBSVrPB-o0_k3ntJjHKt5RyKJRi349YE9WTNZuKtf2l1BWNkLA1obCLR_-5GgB8so_AXRuQyPfcUjbP3sW3K8Odxiz0LPaafMM3oENn-N9fGQk0ZPaLkv56VEE8OvroOmBwb6oYQ-e8S-jsn5yZkRXlrz7iKRQIBBZfsHcvjmpC4Fj8dNMKVfL_na8ByV9pf0QFUGlt7dZrdSnwhrp_l-pdsFB2lYSBQGxcAI_0Noe8INfinWAkkcRU4b6hGmaW_PfOVQ0YDGJoP0iUAUF9NuOJjxKf2q54kLUGEJPb89L6v-5hxxzeQFe8QgXpI7rpPA0wzowjmIULCG0ZnvFUzeXDHpw1nzGGXm8Xce6LsDNaol8isRK1R-L3kn93VPXFeib2K9sMYnmC_rHMIQ2gdt0o1q9oii6Y95nuVzDpJeptQphTwUnLvKF-W32aIgiB9aNvX-JFOgsykRdxlzOpGquD4x841fVRWniJoWbz-6t3cupSSq9yRJCpGZ1portzJ0A2MveS-vfdfb4P3TKamn89NCLaXlFyAt8Vbfs3AJmuUc-IafgF6F3Zil6R7QTE9i8ssVp3h_YL1x0CNpoZw8XvOi-5rsyBBSByENM4ZXWnc0qvG1MvOuoF9J-muKbNaGuzhnBjkDsJUaiiHgpLJLN4i2Bo0pD29-MUEFJgjj2d0QD5V7XmT37dFTvDODx9ly0BQVgbn-NhUGuIoId68S9K2msOdTiVJECXZLrl8ES_ArJ5EN1LVdMJSnHzW78hjqOhEfzpWJIP6enHpdlEvSlFdn87YSCaO04PZfD5fOZXGCw592GYmM89SIZRH2f8W8vc_O0YvDMevijoIr-koKkmoFAyTx0rTO3Ej5bJdKfAnMjHNcfKi4l_XSyNtMZwkcFEyx1ATpkkHUeVhN2Vx0yjSmY43YNk9M5tcwHLqrl2_A7fswMbAPwhKSV3ncDSUC3onoLPbR6FnaovI9TpGbYHtgI2FlJ5efIQnhKfeNlAXdiWubVrnZTGoKQ9S6fLuuexIMqD3dUABTBeGNInF1RQTpHCG-siHN23FSoiGW1zMuAMaKNvSl2coJlHb4yNrsY75wsZPpeHZLt-GhsOc1I5L4oFQq4iTfLgEMBDn7oUW33ChxxpArM8KRzQaR3GsqH1VULqltURM4hiuiZb3Kc6Jupxk1mXuZlF8v6SBynyAzKNTZ8HvEzimxddxuFOSyal28CGCQuqTxIiiyvuKlBR3ejSFOlnQCLKeVqZv1Syd_hahpeB5eytqENemKdBnLQ5VCOFVQy8fX6aVndoTP-QaVOx2KOY_dw6Aai7ArN2qmrfg3pbyUm1jephUkmU_R_q181PNsEyuZVYgcuXr-XpPFmDJJkLOVQPyPW6boqjq_ig0wWyacUHQ06JncjYzhkianbEj9_MT1-tHsyyrzreZseYi5EfkM749Wl0UU3X5wlvOAU-bBZu6EtYz9xCYju1rseCBEAkNUzlCZ42dHn2EbBKdS9G6tXMzOLxpQmAnzW0ZNOjmfYozX3IGmko3AZ2ZKVd5oFCqya9LlhJbPLcMau8Ye1BaYj04izTvNWpKbIv02yxRE_vUkccnv4Gd-EcPN5oJr7mBRlAxBX8mTIWvgJIHMDxvtie784-Bt8FDXxSHVUjcyQ_I2e_6oL64uWgOuAwVhejz4LYvScZ7XtYnNE3PtNpFBOjTBXVcwvGye3zsllFO-QDEb0iivc5i4AfG4VkmoIF4TQNy2WY5wWPd1ojP8JLtCKkgUMwjUM5-yyLgboHY6ECT61NpaFO9CbxoSVhzmWJBZpXnF0DMS1VUt1cRoIZJ3etd-wGl4S0T-8F5bHo9Q8jiA0biPwA_VxUmAv8rl3yIc0LNXSbSb_hC_iDktZA22AH5GmMOlI-PCF8Nam-_1B8bXOdYmRhbXmIQHFysx4ilpuSK9EtpXuS8h9RF8kOxpxWNk84Na-9qN_G5VQFzQ7UYuyGjuHLOG6luAHbrvd9rs73IMEF0esmRHrU9vMXGIaGNe2E1jSX2pghL74P5vbf6lBIe9RWaXVd1mwFc_P0SpLK6e6pheNsBKwICd2bm0owoxlfSJ2PrUoF4ce0cTUvKKLzDfrb-xKNia2gLlBqnQQqg7FncQV6UjQRM0Sq4Brxy7Pae62N1axLOGL8VtDYl_EEvHxprvRFy1aJbAIrcaOFYlyxMBdr8D3nUx9TwcrjBVMS53hZRZl7DxnK&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.vesty.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82575
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0B77 29 KB
11 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:51:11 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/ 161 KB
53 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eb6b35d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54014
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 27 Nov 2023 09:42:14 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B77 41 KB
15 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
DATA 200
OK truncated
/ Frame 0B77 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c873c9be6a57a35ad111172fefbbbf5acd08e763ef62360cab0daf354fed81c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CBD4 41 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
DATA 200
OK truncated
/ Frame CBD4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5231f786044c027ef7ebca85d728e5c378bcc72c9f6e953ec4ee97057a655122

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 98CA 41 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128354
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
DATA 200
OK truncated
/ Frame 98CA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 830762f680cd9559c7fd93685b8f7759e09320c1929739403f24db6b4664fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 378bb21d-a3d2-4980-8fd5-211a8b92e61f.css
cdn.taboola.com/static/37/ 2 KB
1021 B 8ms
7ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/37/378bb21d-a3d2-4980-8fd5-211a8b92e61f.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41bf82b7fcf28ff777e3ee2735df3763a0424d119ce578645e32af670db9699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: sOSE6KZxaKkHEKpOUZS9dUpkWzvnpLNh
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:35 GMT
x-amz-request-id: V7W8HY9KFA9C2M3J
age: 8346
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 731
x-amz-id-2: hecxAttB0qnu9c8n23kDGzlZY4MtIdufen7AQJ03h/ZdJJdnETda4V7cpAxcl5bRZ3l6vNusXGk=
x-served-by: cache-hhn4057-HHN
last-modified: Tue, 23 Jan 2018 13:15:44 GMT
server: AmazonS3
x-timer: S1669546295.334203,VS0,VE0
etag: "de94e1d7365c8ca777e6a488bc365087"
vary: Accept-Encoding
content-type: text/css
abp: 17
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 14

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 147 KB
25 KB 32ms
13ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755755b2ae8ce85732c114029eb2ae8c759e2f9abf36a37847e7e02d1ca0be40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25122
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:00:01 GMT
expires: Fri, 24 Nov 2023 15:00:01 GMT
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 98CA 0
0 107ms
54ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEeHAi8Ca4DMvmGao0jxTn4KHaqMv8ikatgswRG0noLSOQlRxyuZ6PqDoDrVJ68jdbgWz3zp_CX5YxPkMcgVWDV4s6spzoUY4bVHjWqSaTygbELlnF2BhoPb-FGoiR2Seheln8MQzjXwl4PImV7pKaaT3i2DVP39i5jB79uFXLTPyF5cIcDwbRRkiNzt0BUWsCt1NN0XXf0FSa8-5AI2jGO0oGVOttGd2Dy-WCWsiRIGGYkHJP6lnDaGERFIHupyRAmCX7RuIK431CVe-nYmbZHHuObbt8rZA00xE97HOl4bnmzEqdl4QY58A_mpoPhz6-yZ4XtkgOub_MwM1jZeixCvJRJX7mpMW_7NrSC8wOocpy05ytEmHDnB2cYufanU6PatmC2_w3jhEUywsXyFMhR5u-9L0cltr4wKNousyBTazHrfyrYbsNSSK8PD5X_p08sITZ3OBbWSY041I10lDf_6Z_0gFSIh4phOcc2VoYJ1qE24Ts6TbOObYHms_EFD-jm-kj_Iw1txsjGBR0VVWnGujNRgOwMyiVRfcsCENjK6IUmybhb4RfjY6dWOYMVVTfi_Ld7uwINV6ksm4Vp6RzopKaJL3beGgROX65lbd8zEALhA2ROEG5lbmEmNri5lYMpSdGyrfbFYxDSkKzzSmNtG3rd9PE3u4ZmBM7EqPE4nPt0kbLjFAYHXAVqY65AGFqxXRdOffOdf4NXnZk6qS-KiN_1jOq8e6L3arVksSg3FLtKME67iOheyCbhIbHzVUt-rv4r6kXB2uvmsNAfQ03blEtkWo_dDCk1aFEcfCQ4o5easpqjcrU_Fp88XSma7jkdkI7PrxREXoki-Dvhiyduk96PvmLlwdSSxAoBVpPCIn0ABXgPzfs0eJEFNfUPCNmFsquh-Yp6oaIesLy29I7QYLntO3ikvOTFM29c43hYnQn2dV0rRCjkqLMqfbFZDiHrJg8MpNz2fUDD8QDDJm11IPpjHwWGCRixNFYljfcHugQRkuuOAvrq05IbFx6T05f3RaarXvzubJRi3JL0ViP6M1eTIqBIcbfvuUvCTQq7XN7W98HEGwMN4iXyWP3sxew_aSuCmSlHj3_2PkTVyK1Lv4UY-kXBgitT4Y3mawwRQEL42UpOzQMRUR7hdFtsY2H85UDBZh8aoVFbYyApajotRwSv790wy26TA10YegML40gyVG6qr1YPk9jAQgMY0C4yf2ii4xEiFgdoVM79DJUw5Nkad_APvfHhI325qZ2SCJ6wbl7G-NjLkHjz8QSOXIr1d33BEisnOQ&sai=AMfl-YRnHn5Pga6J0o4H8xWs3VEkAv_uCW_8SjBR5fDWiQZBquc2jTK3o43_UDRog6NmKdPd1St06haWWk5qSAzjWB-VKJdEX7Tw0AiyJHIMYwJLIf7C6ULPJFmDGJV7RKJ1hom_zX5oqU7G4HSXNKN1CWmUJXA4xYnVcZzubWu0KBtgbveIsOf4sHa5uebxeLMtUHlIjez4TaDucR1b5IWJcHcnSWjEHmIYH2Dbsah9ZRwgNclhLuUfm6c0d7alnrxV12o-1HIxwTofOtZ3vV_0VzoddpsmCk6NG0FhfLM&sig=Cg0ArKJSzECBrgrqBuLDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cstd=183&cisv=r20221110.98817&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 98CA 43 B
1 KB 94ms
30ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=31180-dfa&extLi=28980195&extCr=182883609&extPm=352965138&gdpr=&gdpr_consent=

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Bad Krozingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 27 Nov 2022 10:51:35 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 27 Nov 2022 10:51:35 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1645
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 147 KB
25 KB 19ms
9ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755755b2ae8ce85732c114029eb2ae8c759e2f9abf36a37847e7e02d1ca0be40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 244294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25122
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:00:01 GMT
expires: Fri, 24 Nov 2023 15:00:01 GMT
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CBD4 0
0 98ms
53ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubOjkaiNpXERyV-THsUlK1vUGnMQ4OhaMvTfTC2YD6ikgX-1YXU_jIZ1weqd9piUT0T3p_4ZhR1yPTXidYHCI0qlViZnLkt7rMWKbFGFZAbc0gF7ZoWGShJVKATMqM2AtmySrwV8HJI6KJjl6ZWZC-0NO4IJTx417tezJFPHbD5K9elSR4eBUfUNIvf3Cn6ViB2Zwcjcs3EbeuT7Q8sCJzYyITtScDTxYfEzjrg8oZ7Nl3kicTLbFfwOwG9G_Kj_NhVRCpJUhqQTIuftjzY3YgZl2OjJxaKMaSHnCu4aLNI_Fhvmo-KTCjx6gfNI1KnIgf1KEnoEeRCfiKY206Sqq1iVt9clBEO4xNDEJrzrt2lrBnR7Ylr6EoWCL3bmX1mm2M7bJ_cc7YCr22oEHkTqQncx1ZznuePuAPw3kU3o4ONQYySDME0FbCrmgvlAfUMpqK0oWCTCAjGFDvzDzLVJuUplnNNWqaSphCIXk625pypuvuzjZxUrwictIrta2d7jqqgAzA2ZIVwlZ3oO5rdbWKPj1T1yO4hvKDDrMNIlwGZipixjQ81_pOg6u7bQUfj6VdPDEIGs-id_xvcOavOOysdQbThHun-3AJhQnmu7kDX3byPINgzZd-allw7xPeg2H8IGd48R7JL2oqep_1g0gVr45Rwi13J54AT2drXcuYvzZT-GbaxekAMJ-5Gk7nZU2_HC-rXzFTxDC9t2ZwMpBY2obsd3lIFMw6nyaIdO8r2oyYJtC5MblrbG7ABxyYXt-CnMfxdboB4z2QAgNquymeA_A7pngZKiQk4eQfyzp5NcV2jmlM1gt9vIX8aBtesaYjLfG-3qhFvV-HApweu2I5r-2W7ipvje93KumG1-Nzma-b429F6pfOb3FYJ2NMYF-q3wFz4whYqs-ZQZo5PFrUd5GgkWelclON5rIcbuWzLMgG0YnJAb6CKLG4nAmga-ZChHZ4agLTtKe_sLTUuZxEsWx_1KbODTM0PbtthQseQnzi7vZGZVnC6sX8Kb2rpXkVeCmAC6eQ1JAA_6SMIihLOitFCRGDRywZClRRmoHcMEfhhcwnvgfSi0aL--1PthawWS1POT9Zv2iFVyiCmXfN5WmYoQIf0da5iw_paqDlsYoRdN12l86NO1dbc3zBttq9tkIglpQ6DzwVuNDt0OG82xdYmnBg1fbUflSHKLDiUVgwj0yOEFormvoz6mCIaQ-gNl6auF5q_ZMSr2I2LLaoes8Lxtuk2iaFlbWbLiCI7kO2PwhHriquFJIw9NX2Ya89woJVw1TMHeU&sai=AMfl-YRrpdbQwWRwBdSXAVW5N5m7LHaD5FuxiV2sQJjg0pm6qicxZnkYatj3XsJW8ueJvtgvzXi7Hvpi3xoTW38iOed6Qo7p3_-QxcAcuoaJ2xqee_pQG_FknqxcQNfB0PJ037LZXjNZlQrdM-KNzOOCPggw4RfzNp7YMzL19uiQ6vsRoOqjsLxcjsHA64_KGWmNvfkRbak1QiVIEBN-r42Q51pxg7ccTQKboV528iEheOXM52rmTgUx8LGzJbL33vKsq7Y2tRvNCkP6t2SjiC3pWHgoxwbOOyNxGs9OINA&sig=Cg0ArKJSzPAOVRvPNpOQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=161&cbvp=1&cstd=160&cisv=r20221110.67056&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame CBD4 43 B
1 KB 84ms
25ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=31180-dfa&extLi=28980195&extCr=182883609&extPm=352965138&gdpr=&gdpr_consent=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Bad Krozingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 27 Nov 2022 10:51:35 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: So, 27 Nov 2022 10:51:35 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1645
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 4 KB
1 KB 17ms
11ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44575f1096e2e0ba9c152676c8e65150604bafe21ddcc7925481b0224d505c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 149917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1503
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 17:12:58 GMT
expires: Sat, 25 Nov 2023 17:12:58 GMT
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0B77 0
0 92ms
51ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2hI8Fs8Mnpg8vT93uJtgqzNeg2dLFGExyz0NU06hvgoCt7C3re5_xN-A2JXk75_Rmpyf6ysOT6xwB5pN8HkrI4f661zIdl_lwCuYA4QLgc2lgroYjJoJ4KSbz71J_m8189O9frYmsAVu6WfVapVaV1qtBOCuQk60ay-Ree41bD1cZOa_z0h4p0mafHdNQ0HrgnK26861qxD2JIIaTfYUkxOVy5ELpZMKLpH7h-2f3XeqiHR0E37fFfixiTK_nDAFGop_Y6OWWfRNppJhmX69PsaXGN6FViNJybVBODDNj8uxYT-0XvDgbqaa1pFKSH_IloM-wf09c0TQHgp44T0UN_X48LEZCqPAqSkc9GOTnvHBXsl0Tyz8d-poqzeV9cDMuxJ8rcAd7pFsP5fbygUUfVe61RRhDFrOtX5pkcHFED-yNIg7PFzfDzExAHrkmebLehJBL-CmI9bGytZAPxds8LLy84Wgi63Lt5BoOx3jGKP4afgHonQcAlNekxtSgrzrSeZPCjP-9QAtB9Ty0d-UxFQATNm4mfvctWzsDMfnm6-Ugpw3QGi1rxxyymR0UkdmZ_mO9mTIcW4t4K_o9rp2eMDvJURHtNiVMYm2nV4lKFf_7ceVEBqgKkCW-0raM0NdMLd-umJCWMKu5Nt4y431V0K5FVk17nHK9VNn5gWeXvhi1L3pOSkCSk2iyQt-fZLAeTERvgmLaYs87j-5SaacOzEjw9irWUYLFjwj2QZh3n554pEXPQr2N-BwM5o18H8NJULXoXls6JXOsANfMnM_UycNeMSne8O6XDfCIYWU_8tMJnj6nNcOfnicw13nC3vOyVC4ooyLMJ8RAKdV1tfCHSHDhCTMOipb5Cwnrio1wGvEAUpGRvWRt6UwgDY8DFp_WjPAesHXFJbPrHJH4xzU9VF_Tz5ZHi2oHgvsGgqvn4b_AXY8mHOyL9U5NTGvPwKeKUmTDagNUP0jXaj9ky5HIAVVGBUGMPBg5xEpK3TAT9Ke8zXrgUK9ZIHIOWtZh2FBtJ6VRZDiWLGA7Cpc62rKNDc4b8MnvA6C8V1Eurj3FAfJFwHLQ4xZS-e1Xt8IQ4C9IMGHmK4v8iAj2vyWqXCAqb96DVwKuVCG_nzuF9p3BAPv_xvUPMPog_vwfZhQkreX8ZHmvnXnVjqOSbLo-6B5U8Yi-1AJQSIEQCK4fqrx__DSTvJPvP7MFiEAB2X4VsfhyzeMPHJxDWQzigP4csoXl2WGgrSbzAhD8LEbK_Uc_ElA8RnsRdBk_mrfAsEczaSMyykX-ZWVJIYb0ANxXWza71xMNPmo7bmOh8fPU8hy2Lg&sai=AMfl-YTuktdPjYcJi9gFgyKeniTP5y_p8FtPcemS1mQ-20r_XxCDJ9cRgR0WGXF812RfMyFzue9uUCXLkowNmWXTxEeyYdWQKXRJy2elqhTEhTHCz13hoHA-G5GfTAe4L1syTiM8yzMW00oDVWjOnRqLt6cwKMzxPGQxLEq4g8uasIKLC565Bv9ZU3YX7HngP7MoD8yDwhxatki6CFivM5bWMBCqQpEj6LUGIxri6KoanLjO1Rc14STExJvRWsuLWF5RXFc_2VdQdiDGn9Mf96USvC2T95Ob5LApehia8GA&sig=Cg0ArKJSzDG5Rg2CZSljEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=157&cisv=r20221110.81218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 0B77
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347634703&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

12ms
12ms

Image
image/gif

3.73.210.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 3.73.210.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-210-71.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sun, 27 Nov 2022 10:51:35 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Sun, 27 Nov 2022 10:51:35 GMT
Last-Modified: Sun, 27 Nov 2022 10:51:35 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D0A 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 625B 22 KB
8 KB 12ms
10ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0A12 22 KB
8 KB 12ms
11ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 04B7 29 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 787 B
427 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ff45cee003e657eb1e3cf5000c957e00839770700efad0fb965fb01efd43cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402435
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:04:20 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame ECE3 109 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 4 KB
1 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76c30daab3145c1c7643cbe30b58786f26dee3480ae0a17205aa95ff3795ec02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269254
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 08:04:01 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A870 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 31 B
464 B 143ms
46ms Fetch
application/json 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.vesty.co.il&type=display&cust=7787&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7b1d77153cd55fc5b3085fabd7b5b468ea6294bfdde84821afcabbc274ffd549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Nov 2022 10:51:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: close
Access-Control-Allow-Headers: content-type
Content-Length: 51
X-XSS-Protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D0A 36 KB
16 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 09:22:53 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 625B 36 KB
16 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 09:22:53 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A12 36 KB
16 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 09:22:53 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CBD4 0
0 67ms
45ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubOjkaiNpXERyV-THsUlK1vUGnMQ4OhaMvTfTC2YD6ikgX-1YXU_jIZ1weqd9piUT0T3p_4ZhR1yPTXidYHCI0qlViZnLkt7rMWKbFGFZAbc0gF7ZoWGShJVKATMqM2AtmySrwV8HJI6KJjl6ZWZC-0NO4IJTx417tezJFPHbD5K9elSR4eBUfUNIvf3Cn6ViB2Zwcjcs3EbeuT7Q8sCJzYyITtScDTxYfEzjrg8oZ7Nl3kicTLbFfwOwG9G_Kj_NhVRCpJUhqQTIuftjzY3YgZl2OjJxaKMaSHnCu4aLNI_Fhvmo-KTCjx6gfNI1KnIgf1KEnoEeRCfiKY206Sqq1iVt9clBEO4xNDEJrzrt2lrBnR7Ylr6EoWCL3bmX1mm2M7bJ_cc7YCr22oEHkTqQncx1ZznuePuAPw3kU3o4ONQYySDME0FbCrmgvlAfUMpqK0oWCTCAjGFDvzDzLVJuUplnNNWqaSphCIXk625pypuvuzjZxUrwictIrta2d7jqqgAzA2ZIVwlZ3oO5rdbWKPj1T1yO4hvKDDrMNIlwGZipixjQ81_pOg6u7bQUfj6VdPDEIGs-id_xvcOavOOysdQbThHun-3AJhQnmu7kDX3byPINgzZd-allw7xPeg2H8IGd48R7JL2oqep_1g0gVr45Rwi13J54AT2drXcuYvzZT-GbaxekAMJ-5Gk7nZU2_HC-rXzFTxDC9t2ZwMpBY2obsd3lIFMw6nyaIdO8r2oyYJtC5MblrbG7ABxyYXt-CnMfxdboB4z2QAgNquymeA_A7pngZKiQk4eQfyzp5NcV2jmlM1gt9vIX8aBtesaYjLfG-3qhFvV-HApweu2I5r-2W7ipvje93KumG1-Nzma-b429F6pfOb3FYJ2NMYF-q3wFz4whYqs-ZQZo5PFrUd5GgkWelclON5rIcbuWzLMgG0YnJAb6CKLG4nAmga-ZChHZ4agLTtKe_sLTUuZxEsWx_1KbODTM0PbtthQseQnzi7vZGZVnC6sX8Kb2rpXkVeCmAC6eQ1JAA_6SMIihLOitFCRGDRywZClRRmoHcMEfhhcwnvgfSi0aL--1PthawWS1POT9Zv2iFVyiCmXfN5WmYoQIf0da5iw_paqDlsYoRdN12l86NO1dbc3zBttq9tkIglpQ6DzwVuNDt0OG82xdYmnBg1fbUflSHKLDiUVgwj0yOEFormvoz6mCIaQ-gNl6auF5q_ZMSr2I2LLaoes8Lxtuk2iaFlbWbLiCI7kO2PwhHriquFJIw9NX2Ya89woJVw1TMHeU&sai=AMfl-YRrpdbQwWRwBdSXAVW5N5m7LHaD5FuxiV2sQJjg0pm6qicxZnkYatj3XsJW8ueJvtgvzXi7Hvpi3xoTW38iOed6Qo7p3_-QxcAcuoaJ2xqee_pQG_FknqxcQNfB0PJ037LZXjNZlQrdM-KNzOOCPggw4RfzNp7YMzL19uiQ6vsRoOqjsLxcjsHA64_KGWmNvfkRbak1QiVIEBN-r42Q51pxg7ccTQKboV528iEheOXM52rmTgUx8LGzJbL33vKsq7Y2tRvNCkP6t2SjiC3pWHgoxwbOOyNxGs9OINA&sig=Cg0ArKJSzPAOVRvPNpOQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=299&vt=11&dtpt=138&dett=3&cstd=160&cisv=r20221110.67056&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 13 KB
13 KB 11ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/bg.jpg

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ddd19e8fa8e78e2a3c9bfa56bf23090cf6d2226ec761e5bf8572cbdfb19174a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:17:32 GMT
x-content-type-options: nosniff
age: 254043
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13497
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 12:17:32 GMT

GET
H3 200 band.png
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 4 KB
4 KB 12ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/band.png

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e83c30425a81b46bc5e33559fe9f4d54ebdec60d971e102a24b4be93e1f3d14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:32:36 GMT
x-content-type-options: nosniff
age: 400739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3886
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:32:36 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 7 KB
7 KB 12ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/text2.png

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35c8d3bd235c15fb2247b46b0ad4d30fb32a2086a8a00cfd6a85ed27fc58e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:15:28 GMT
x-content-type-options: nosniff
age: 149767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6687
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 17:15:28 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 5 KB
5 KB 13ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/text3.png

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b37e964fbc078a120779f473cda5de46a8815e04aa55c32e76cc6657d3636799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:29:22 GMT
x-content-type-options: nosniff
age: 400933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5444
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:29:22 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 2 KB
2 KB 14ms
11ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/cta.png

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d936d9624705fd9b647f71698dc09a8d239243fd5db3b158447592a73f598cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 05:41:26 GMT
x-content-type-options: nosniff
age: 364209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2440
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Nov 2023 05:41:26 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12447958449953322892/ Frame ECE3 3 KB
3 KB 13ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12447958449953322892/logo.png

Requested by

Host: a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
URL: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484cd03e2e42a773e2bb8cb2fad723cb08844f3f7766990173542d88c8af3d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12447958449953322892/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:39:24 GMT
x-content-type-options: nosniff
age: 267131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3305
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:45:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 08:39:24 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0B77 0
0 62ms
45ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst2hI8Fs8Mnpg8vT93uJtgqzNeg2dLFGExyz0NU06hvgoCt7C3re5_xN-A2JXk75_Rmpyf6ysOT6xwB5pN8HkrI4f661zIdl_lwCuYA4QLgc2lgroYjJoJ4KSbz71J_m8189O9frYmsAVu6WfVapVaV1qtBOCuQk60ay-Ree41bD1cZOa_z0h4p0mafHdNQ0HrgnK26861qxD2JIIaTfYUkxOVy5ELpZMKLpH7h-2f3XeqiHR0E37fFfixiTK_nDAFGop_Y6OWWfRNppJhmX69PsaXGN6FViNJybVBODDNj8uxYT-0XvDgbqaa1pFKSH_IloM-wf09c0TQHgp44T0UN_X48LEZCqPAqSkc9GOTnvHBXsl0Tyz8d-poqzeV9cDMuxJ8rcAd7pFsP5fbygUUfVe61RRhDFrOtX5pkcHFED-yNIg7PFzfDzExAHrkmebLehJBL-CmI9bGytZAPxds8LLy84Wgi63Lt5BoOx3jGKP4afgHonQcAlNekxtSgrzrSeZPCjP-9QAtB9Ty0d-UxFQATNm4mfvctWzsDMfnm6-Ugpw3QGi1rxxyymR0UkdmZ_mO9mTIcW4t4K_o9rp2eMDvJURHtNiVMYm2nV4lKFf_7ceVEBqgKkCW-0raM0NdMLd-umJCWMKu5Nt4y431V0K5FVk17nHK9VNn5gWeXvhi1L3pOSkCSk2iyQt-fZLAeTERvgmLaYs87j-5SaacOzEjw9irWUYLFjwj2QZh3n554pEXPQr2N-BwM5o18H8NJULXoXls6JXOsANfMnM_UycNeMSne8O6XDfCIYWU_8tMJnj6nNcOfnicw13nC3vOyVC4ooyLMJ8RAKdV1tfCHSHDhCTMOipb5Cwnrio1wGvEAUpGRvWRt6UwgDY8DFp_WjPAesHXFJbPrHJH4xzU9VF_Tz5ZHi2oHgvsGgqvn4b_AXY8mHOyL9U5NTGvPwKeKUmTDagNUP0jXaj9ky5HIAVVGBUGMPBg5xEpK3TAT9Ke8zXrgUK9ZIHIOWtZh2FBtJ6VRZDiWLGA7Cpc62rKNDc4b8MnvA6C8V1Eurj3FAfJFwHLQ4xZS-e1Xt8IQ4C9IMGHmK4v8iAj2vyWqXCAqb96DVwKuVCG_nzuF9p3BAPv_xvUPMPog_vwfZhQkreX8ZHmvnXnVjqOSbLo-6B5U8Yi-1AJQSIEQCK4fqrx__DSTvJPvP7MFiEAB2X4VsfhyzeMPHJxDWQzigP4csoXl2WGgrSbzAhD8LEbK_Uc_ElA8RnsRdBk_mrfAsEczaSMyykX-ZWVJIYb0ANxXWza71xMNPmo7bmOh8fPU8hy2Lg&sai=AMfl-YTuktdPjYcJi9gFgyKeniTP5y_p8FtPcemS1mQ-20r_XxCDJ9cRgR0WGXF812RfMyFzue9uUCXLkowNmWXTxEeyYdWQKXRJy2elqhTEhTHCz13hoHA-G5GfTAe4L1syTiM8yzMW00oDVWjOnRqLt6cwKMzxPGQxLEq4g8uasIKLC565Bv9ZU3YX7HngP7MoD8yDwhxatki6CFivM5bWMBCqQpEj6LUGIxri6KoanLjO1Rc14STExJvRWsuLWF5RXFc_2VdQdiDGn9Mf96USvC2T95Ob5LApehia8GA&sig=Cg0ArKJSzDG5Rg2CZSljEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&vt=11&dtpt=138&dett=3&cstd=157&cisv=r20221110.81218&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 98CA 0
0 57ms
45ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEeHAi8Ca4DMvmGao0jxTn4KHaqMv8ikatgswRG0noLSOQlRxyuZ6PqDoDrVJ68jdbgWz3zp_CX5YxPkMcgVWDV4s6spzoUY4bVHjWqSaTygbELlnF2BhoPb-FGoiR2Seheln8MQzjXwl4PImV7pKaaT3i2DVP39i5jB79uFXLTPyF5cIcDwbRRkiNzt0BUWsCt1NN0XXf0FSa8-5AI2jGO0oGVOttGd2Dy-WCWsiRIGGYkHJP6lnDaGERFIHupyRAmCX7RuIK431CVe-nYmbZHHuObbt8rZA00xE97HOl4bnmzEqdl4QY58A_mpoPhz6-yZ4XtkgOub_MwM1jZeixCvJRJX7mpMW_7NrSC8wOocpy05ytEmHDnB2cYufanU6PatmC2_w3jhEUywsXyFMhR5u-9L0cltr4wKNousyBTazHrfyrYbsNSSK8PD5X_p08sITZ3OBbWSY041I10lDf_6Z_0gFSIh4phOcc2VoYJ1qE24Ts6TbOObYHms_EFD-jm-kj_Iw1txsjGBR0VVWnGujNRgOwMyiVRfcsCENjK6IUmybhb4RfjY6dWOYMVVTfi_Ld7uwINV6ksm4Vp6RzopKaJL3beGgROX65lbd8zEALhA2ROEG5lbmEmNri5lYMpSdGyrfbFYxDSkKzzSmNtG3rd9PE3u4ZmBM7EqPE4nPt0kbLjFAYHXAVqY65AGFqxXRdOffOdf4NXnZk6qS-KiN_1jOq8e6L3arVksSg3FLtKME67iOheyCbhIbHzVUt-rv4r6kXB2uvmsNAfQ03blEtkWo_dDCk1aFEcfCQ4o5easpqjcrU_Fp88XSma7jkdkI7PrxREXoki-Dvhiyduk96PvmLlwdSSxAoBVpPCIn0ABXgPzfs0eJEFNfUPCNmFsquh-Yp6oaIesLy29I7QYLntO3ikvOTFM29c43hYnQn2dV0rRCjkqLMqfbFZDiHrJg8MpNz2fUDD8QDDJm11IPpjHwWGCRixNFYljfcHugQRkuuOAvrq05IbFx6T05f3RaarXvzubJRi3JL0ViP6M1eTIqBIcbfvuUvCTQq7XN7W98HEGwMN4iXyWP3sxew_aSuCmSlHj3_2PkTVyK1Lv4UY-kXBgitT4Y3mawwRQEL42UpOzQMRUR7hdFtsY2H85UDBZh8aoVFbYyApajotRwSv790wy26TA10YegML40gyVG6qr1YPk9jAQgMY0C4yf2ii4xEiFgdoVM79DJUw5Nkad_APvfHhI325qZ2SCJ6wbl7G-NjLkHjz8QSOXIr1d33BEisnOQ&sai=AMfl-YRnHn5Pga6J0o4H8xWs3VEkAv_uCW_8SjBR5fDWiQZBquc2jTK3o43_UDRog6NmKdPd1St06haWWk5qSAzjWB-VKJdEX7Tw0AiyJHIMYwJLIf7C6ULPJFmDGJV7RKJ1hom_zX5oqU7G4HSXNKN1CWmUJXA4xYnVcZzubWu0KBtgbveIsOf4sHa5uebxeLMtUHlIjez4TaDucR1b5IWJcHcnSWjEHmIYH2Dbsah9ZRwgNclhLuUfm6c0d7alnrxV12o-1HIxwTofOtZ3vV_0VzoddpsmCk6NG0FhfLM&sig=Cg0ArKJSzECBrgrqBuLDEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&vt=11&dtpt=155&dett=3&cstd=183&cisv=r20221110.98817&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 86ms
68ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727faa38e5e5a293cfdf47f34d3767ffababd89d876aea2c864cb13793e2ef24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11269
x-xss-protection: 0

GET
H3 200 stoerer.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 6 KB
6 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/stoerer.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d222b73fe28847b9da7b7fd08444c24e904444a7fcc4665ef8e064b54fb7ff2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5831
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 cta_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 1 KB
2 KB 16ms
13ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/cta_cw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca30a16f3dd187a78e4cecf950ebf9b1775e1314dc08743b44d0e3b5cb309bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1535
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 txt2_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt2_cw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb64140ea9d00a641377e446e7345b4c910a9e15b05cb89d4a72794c263c491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1815
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 txt1_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt1_cw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa9874d982a3556938e00965a80fdb5731f52147ee3cc6a41c4d508dda84b711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1411
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 Logo_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 3 KB
3 KB 23ms
22ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/Logo_cw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48735dbd111d5b4586260790fc2293b8715ce5c4e1e45b91eaf4867f7058332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2652
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 txt_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 8 KB
8 KB 24ms
22ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt_cw.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

330d2f914bb48eedd911b2a2c5edff6f44b9058bcbdfc86d05f6a9c39b9d7258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 pink_flaech.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 38 KB
38 KB 21ms
19ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/pink_flaech.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0075e45807dd231ef50860b0d885b2827f9ad07ab7c3d83332587eb21ddb25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39284
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 bg_visual_2.jpg
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 19 KB
19 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/bg_visual_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6564fd75e0a63e3b26a1e186e686166d482316587e966c43cfe4669139278bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19160
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3199f6eb828e167c3ebaff8bf04026fdca4717a3412e76351a18dcd35ce70c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1549
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 3 KB
3 KB 22ms
20ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf980d5d3225688d4f755b921027c17ae6cc1025de5888a53dff8b63575350b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2600
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 black_flaech.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 7 KB
7 KB 19ms
18ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/black_flaech.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff21097d241c16ace85ac3722924f3094db12f83d3444d563b0cbb52407264eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6719
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 bg_visual_1.jpg
s0.2mdn.net/sadbundle/10791178212822234659/ Frame 04B7 19 KB
19 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/bg_visual_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ef8328558e0c525489227e99eca54c0bddd453f04a2d1299f8c4ed4ed605c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19118
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 stoerer.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 6 KB
6 KB 11ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d222b73fe28847b9da7b7fd08444c24e904444a7fcc4665ef8e064b54fb7ff2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5831
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 cta_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 1 KB
2 KB 11ms
9ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/cta_cw.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca30a16f3dd187a78e4cecf950ebf9b1775e1314dc08743b44d0e3b5cb309bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1535
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 txt2_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt2_cw.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5eb64140ea9d00a641377e446e7345b4c910a9e15b05cb89d4a72794c263c491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1815
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 txt1_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 1 KB
1 KB 13ms
11ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt1_cw.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa9874d982a3556938e00965a80fdb5731f52147ee3cc6a41c4d508dda84b711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1411
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 Logo_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 3 KB
3 KB 14ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/Logo_cw.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d48735dbd111d5b4586260790fc2293b8715ce5c4e1e45b91eaf4867f7058332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2652
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 txt_cw.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 8 KB
8 KB 14ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt_cw.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

330d2f914bb48eedd911b2a2c5edff6f44b9058bcbdfc86d05f6a9c39b9d7258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8199
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 pink_flaech.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 38 KB
38 KB 14ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/pink_flaech.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0075e45807dd231ef50860b0d885b2827f9ad07ab7c3d83332587eb21ddb25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39284
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 bg_visual_2.jpg
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 19 KB
19 KB 15ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/bg_visual_2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6564fd75e0a63e3b26a1e186e686166d482316587e966c43cfe4669139278bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19160
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 2 KB
2 KB 15ms
13ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3199f6eb828e167c3ebaff8bf04026fdca4717a3412e76351a18dcd35ce70c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1549
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 txt1.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/txt1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bf980d5d3225688d4f755b921027c17ae6cc1025de5888a53dff8b63575350b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2600
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 black_flaech.png
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 7 KB
7 KB 15ms
14ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/black_flaech.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff21097d241c16ace85ac3722924f3094db12f83d3444d563b0cbb52407264eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:00:01 GMT
x-content-type-options: nosniff
age: 244294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6719
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 15:00:01 GMT

GET
H3 200 bg_visual_1.jpg
s0.2mdn.net/sadbundle/10791178212822234659/ Frame A870 19 KB
19 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10791178212822234659/bg_visual_1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13ef8328558e0c525489227e99eca54c0bddd453f04a2d1299f8c4ed4ed605c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10791178212822234659/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:11:51 GMT
x-content-type-options: nosniff
age: 401984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19118
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 16:10:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:11:51 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2110839492&t=timing&_s=2&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain%3Fprof%3D50.Vesti-1.Home&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2027&pdt=11&dns=43&rrt=0&srt=15&tcp=18&dit=714&clt=798&_gst=980&_gbt=1108&_cst=155&_cbt=936&_u=aCDAgEABQAAAAEAAI~&jid=&gjid=&cid=278959557.1669546294&uid=0&tid=UA-5536870-20&_gid=792274533.1669546295&gtm=2wgb90NB9MN6&cd1=false&cd2=0&cd3=0&cd4=2022%2F11%2F28%2011%3A51%3A35&cd12=Home%20Page&cd14=50.Vesti-1.Home&z=2107314591

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 22:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43700
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Nov 2022 10:51:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 78CD 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:06:10 GMT
expires: Mon, 27 Nov 2023 10:06:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 261D 783 B
533 B 36ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

663e938025867b7b3d9d6f5e33ee6e91192d6e80f7a26a735a0a406ef6abf014

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nxf-FzbTvSEiPsDbmfBgVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-nxf-FzbTvSEiPsDbmfBgVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 10:51:35 GMT
expires: Sun, 27 Nov 2022 10:51:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 bulk Show response
trc.taboola.com/ynet-vesty/log/3/ 0
264 B 25ms
24ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/ynet-vesty/log/3/bulk?route=AM%3AAM%3AV&lti=visibility_test_2_var&bulkSize=7
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
via: 1.1 varnish
x-served-by: cache-hhn4057-HHN
server: nginx
x-timer: S1669546296.817254,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.vesty.co.il
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D0A 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeRD8N0GDY8jlA_2wx_AP_v6ysAkAAAAAOAHgBAI&bg=!iYqlis7NAAbvMpMzzzI7ACkAdvg8WnPg2wXNVzcqB4ZRV9fIs4hy4da8ww8DHyWiiUWrwfxWNOz2PQIAAADpUgAAAAFoAQcKAKnTXAEdHwTY1g2c0-6QndbxEjdBBhKAiv1w44J85KmD0A9qwhxsgDnoA3CrHJpHkdDgJ5x6SgSZUupsEa2EkCqpu48OG0dCi0pcHabIYpx3sdNhwzy4jj2H_GFBT9ZufPoARDXpwt1eM38L-x4Wzy0F5AwCpzM3bYRwFQq8Ejttni3paGYCNFSq3V38R5ZUhyGbXII8o1eimWc5nbNnqJwQkStr-PeTFY00mQLwo4pOQAPQ8szq7AfmSw67p0KvhfE6h4p79pagHSnlKQX2CTBQ_Ew1TpYK-x3jPzw4FiUwI-h-_wao7UxiYYBTQeVTqvCjOTUWj5WEcWF_rWia58KQjJKTlULAEPou3bPjCQdn4J2sriQ9ZOsTfqImLGKwRYF4zYxucR-S0Iuady51iNHPI7_DkF7lvdpjq1nWMS6RQipS_6Es84TV9pSC9RGaIeX8GxR_RXOwBC6rw1qy2hA2kCHXPTsg4_iC9fXIl4UMb92JUlNFK3wkxEa0ZFd-3JYAw7Hl5Kez2t6g5sysrW5dXV17S4BbF-JKfom8Ss5wxrvOi6DBzL_S_EDav8GW0Vo5stXYNOV4Fb9QTcNyLSBBuU1NWE4jKVXTZxHQRpSIuhk6d01-EYH-A6WG_KlsvTyC8LERn0TIVbxzfq5a817tT1mAOH2WscDmj8Ig01N_tgBuzjamj-az0_o-sY1N8rLE_fUS3mKKvEJKT2azkVMzYANZr4IC52pR3V5ls249nDDn_CPcscCxV950MWSlDt8FJvvSuQ1c880GANcslYnoObuBuV0uN5DcRZ9J8WvD2Gh4p5CbTghmbGl0mpcBG1QM7pvMWrpqm6HYTikkdfgLWmAHUo38-dV8Fe6S5Vq7skWpz75lNe8eAgExFD57KQLAv9yAPBdm7-UK9eVyGtzRisTCmr449XkEdrE6zFdb9LYdWAKDL3vHQq2RVxtUhS91uFosXQ_5RBZ6GFuWUFsRMKkbyk3Cg5zpFzQNR9OfWKb0s4fo_wkLULsPvDI7aRPPhytr7VIol1rtQxMF6ry3FyzJzk5Y_S-vJx9HxWcn9wmF9-PRnJHP9n11C08WUs8JQJYKLKLmRdeNUpBTQaz8hst8Q7pD2xQ9kWnHdQ6_E2jLnC9m0Hmxt8RvQU6YMmyyxJeprcSvnsOHFKzuK5K9TxAQxaiajz9zhccQFhRIvLZvtRj_qrwEJGW6hMCdj0-Mye-SpImqLy4ney8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 261D 0
0 41ms
41ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=770137417371656&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A12 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsQmsN0GDY9fcA8fYx_APmtOEwAYAAAAAOAHgBAI&bg=!YmGlYSXNAAbvMpMzzzI7ACkAdvg8WnyKEIy-iHdU1Q9c9h4w52_yNCdq6hUs-RJiyurB9hFIosH8-gIAAADjUgAAAAJoAQeZAuO--qbRakPIrJjgoElAwaQOmUOH5a4xI0BGHGHKnh5ZhASE8BuPMSEOxaAzIVzRPcNCCufzLdwwXECjnkJAI_uZ5HYTlyTAwGp1Y_vPgzzU8Dfn-WcU_7uAAEgMXEGoyVeJvpTcwhurx6E3Uf8z2hi8hyQAV25GVllRpXHYoeIGGztjIHBqFHXnaTLY8AI41Bp_mcgsDv_D3eQrDLtdQIVIuQdW8ZBxQvFijz1yBImkQKWJ2Hej9bDg8yFMSb-e551oNw6X1d8aUjfnpRYZhNlebKcnowBRuwrmrGYdQYRtmimc9H94H02Q6d0k2kLaFTbgQj82XIorNHDkU6vKAmo5yL3PjTYFJdQ16Q2hqN7hFuOCjyIDIszL9I37VNxSh__UWGGutgvAPgkpc0SV4mdbd7qfD2rR2KKDmyekhB02VfoYtboSZqEOzNhZcoZVY3Z66vjrNZg7UcSu8r0BhdwAYhNSWpwdbEe7aC5gjB1OfSbwqp6pkaw6zM8y4psGPnsD3Y8nws3V0xhQRqdD6F8NviI9feU0p0WR-w2PWs2pEkanHaGQuOK1eB0Bc0yFavOH5ySAh-30UaoNxyoaEjalL4OmyUGv2DYOyXmMdYImno7aEg_TP_lAqybOzmAv2FKmST6ltfnHFM0rm5NHbnJXmHXb4BhYqU0QPySbZIpmyVRmcb9IiVOnmPcS2ubStgjWjXLebRPhTjjDNiM3Xr0N6ft3Wpa3o1Ykm-n92KDx26X3oRwaRfACiF-w7xLmqRedoSfpC6LF26vQ7UaSRRFsyYZu6RxvZAksUkno0fOEdQRizynM_pNNDlgpmpIybNe--lSwK0vHivA2Z-pxJ16FKIkJeO4hUUaKWGbDJJV9CZCPg_nIYhYwIDE9XVc7L_2_zxXPbPTMXEvmoRhtkGVq0QfB3R5LrrZCd_RCBGJBBi0cFfHB8PR31SYob0Jf-ucY3-BRRzdzcjFWipDo-VBkgt1-

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 78CD 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 09:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 09:22:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 625B 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9rnLN0GDY_GKBIizx_APw6ek8A0AAAAAOAHgBAI&bg=!JiWlJWHNAAbvMpMzzzI7ACkAdvg8WhCk8BWe9T8Pgvhsf3lxo2Q7yJKc57CICMrU_61k29PGs2yK7gIAAAEFUgAAAAJoAQcKAFLAT2t2DKeFYBXQDbBJ7CuxO1z7BtDiHPBrQviYsL9pqPEzeEtXYW2m0TBn3J_GfsVu9k6kUjVMXzP8kcqP2AqdGl3Q6z21J7BaOXZ2vmZF71exmQLueJ_zrC_gvGTQixqJuVS6iRZqNXCs2FuGKXeNFygF9f6i3-Y2WTZC9zdnCms2jsBz1qnc_Ua7iKnCvrnywlnGoJlyyXu8digx-M-Dr5lRCfgJMRvqVHD1CKns4Iaowpfqb6wjeQkscm8rsIK3gElZJ8Gcvj9QTr-9pAH8j3BCEnLU3mpnLCcNzhvz22dd97StcGGaujCwpozhLLHwO0BheH_uX52qKzpuKdl7jEfPhwO_N7luZBVcvir0ix4Xos-hWXTvWd9ASVqaQDOhbrGJvNQq7OilrZeT4b2XaISCL-3buA_JluNQghr-uBlCrExW9b3CkucywAXr4dKQ7ReHwiMAItioIN5q_-UcCEWM2nVzaaMM8C-B-vNYBPDSw-Lu6psxlCvw8pmObf268NBkTm7PfjAdYV4EXLIVMRd-IlsAnO-emPmDnC1A18AZqy8YrrmZBMbHPlGCvHUYGGgDyk1mEcJgjIWDGWOo2WXaHtufR_PONa5GJBt2V8GpxjmDhSK_Z5mDWpfhaCaRjVmt39cpcdgPLm7eLuvRuGFqKIiyjSZNzKV0JxwUgQRPUCwicxuBBbXGWFMGudKFxyr6O3i58Um2m9e2YMuGrq6umusRsvIhdPKZ9mWJ9qzRbN6vpfLqFON2fqL5f376Qp1iLqA8NARLi8NBzzjZ0M4Zm1iPkM-ygEte2FVaNjn0TBynYwPNrlj8bVHcZEDQ3RugdgHmK8TGxuLtWXHDO-tjKwnCFcyqaLlRur0i5i11ONbwWv4R4O5TqBlhyeW5pR-hMlL4HDTZfIli8MR4mr4p8iPAc0oMY85cSfwRPziJIaGiEnT9rgo50Vzi-prsjbhaqayfHWzLviQmwOGsI53m-EEDEIRmhuP29Bbne43zcCkgBSynzwhWKcaOV-QWgY0v1P2A7lOnUiKOrPiV933_SGO1k10Yq-yDgVBmmj8m_Frz47IFil5Gs8P_ynr7HRKK5rWbqM_aQo-pn7A1zIuu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
664 B 9ms
8ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sun, 27 Nov 2022 10:51:35 GMT
via: 1.1 varnish
x-amz-request-id: QQBJB95DTC5C6ET8
age: 12697
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by: cache-hhn4057-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1669546296.870492,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 17
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1469

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 78CD 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0gawBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sun, 27 Nov 2022 10:51:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 620A 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWdW3oWzGxs9rJMCGmgW0r__UHshhi28Y5IpTehX473Ht6fLYq842W4ME9gu2k-N65wb0h8CHl-lCEKSBAlfRBc-yoNXCslLCq6_zwRO4BsvdesrXw&sig=Cg0ArKJSzCo_vMrqltgMEAE&id=lidar2&mcvt=1003&p=5,315,255,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4068750166&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669546294894&rpt=218&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B38 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu26xxBLhaDI1gMrgiiEt4xsid1mEw09VkhYInt5fuqD-rUr2U2zMNgkGTU6H2sxWYHVo2GFGHvgxCkVN-ARm5GNMCuV93M7OGrkHn2olPmpjGfiTYQ&sig=Cg0ArKJSzFjA1iLtg0mEEAE&id=lidar2&mcvt=1005&p=736,990,986,1290&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221110&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=886418757&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669546294903&rpt=231&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98CA 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ4jcwE_IRHODix39MWwWJZAgx9IvYgmUVlQTzExvOSFLBzqZI8YhoTSg_WKwPr_dBF8R_QTu8M_nSh2wtUKF45M6d2IZumxVkMDsiVCVnxVqkAnI54ckCJt65_cl5gpsWDbu9Sw&sai=AMfl-YS0hscACgiOp2FBxpG9TYTH5RAZB6YGpccJW7jGss0sDHFrYTjm4qBRpdcCDJ6UBespe31botCHLb4jEgzcusfxDqLUMbzPaYc_jdgOVIDugO09B3zr7Rv1zgasEToNpFP7KIZl61yKEjBWCIs&sig=Cg0ArKJSzMm9fmipXMTqEAE&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&id=lidar2&mcvt=1001&p=0,1559,40,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2316061010&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669546294922&rpt=372&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CBD4 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQFv2rduCnttYH-y702kq20-ERiTBVQDkinrffLaUkHBYJG7G31E161CN7wCirbEqmvF40GWjLBLoBqpmFZPM6-A6Umum1hvCiv2tN095y4RzHwx1FrFYoWiVOEaWvvmsikXlh2w&sai=AMfl-YSrL10ktNdIQFni1GmVn5-HbLES1cupuB82nemdKo_PLsQcJADHDVw71ETcABJAXEmgq4yXVlrURbuwYpafRYeva-ZhPk6tZyLd1e_-j6WkIma5crSQCL5UZEzy3FD1NErI54EgvginMVqrE5A&sig=Cg0ArKJSzGw4FXAWtQvEEAE&cid=CAQSSwDq26N9Q2nCzM_pKQe8jr9E-V66iMxRa3u_sskvktvZZfYMIWb0E_1xkQCwo4sA6tx2efb9xgYu0pdwS9qBo6Q2-FVj7lgfoxBmfBgBIBM&id=lidar2&mcvt=1002&p=0,119,40,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2736298071&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669546294918&rpt=362&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Nov 2022 10:51:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=770137417371656&bg=!lZalltLNAAbvMpMzzzI7ACkAdvg8WvCQ4zwHxrGp23k_9KmX5OQnWLiC6hUfdlZIdzZNQXtmhLorSAIAAAB1UgAAAAJoAQcKAHiP-AuQlZL2uMAngb-GkmPDMWSY9ZtbOOfZkSxg2LHo-JPIFGxKoZlJYTMO6sg3rn9rOqjHUFsI4LTDm27Pm3uYwoB6tVyB3Gk7b3AwSl1xsoRIBoPAq09RNbV3UA5N7QMwm1DJngBn7Jm2em6R1ensRTnhSYE_tzKZAqQ5NrmoLUqKEajaYANddxNFObcyeq2L3i-z_LYBR6iqnjCkJoplBtjVQOcuBnoLfeh_jsxcgR63WjtAIP747QVmYUBQp2b9sbAjCm2XVGU2ViosQ0AWFsC4OLXEbcn6KMPzrMmdiUqnJuwPlbStM5yZ-PrI38JDZvefu5Kkni-oWNIy2rXZSQTAOT23x2Ingva3MDyQMv8YekydmnUVcv_fZLGMrZKvHNBl_SQD7tc9L2XFinSqAzj0JZ9XiwAd1tXAaeqiT5DMsON1Xe-gqxYzz6jcv5QAz1VTNqSNoa2L3Ye-E56UdxV2Oxk-uTTOhmohuNUa1BuYpIZNxkmjEcu8AnnKv0kzRkVgVn1mpm-FknR-bgN4uy8_pOyBByamhKqa2TGzIVXDV8055tX-c8IjLj9CHEMwFTYwAmtuLdzXDmy8GhxZpEdijtQO70PxWnC5Rbm_qMk8IPcaRLk6R358trLG1urDlPkKW6mQW1DTtFy-xnZT7Qi5gMRI4BWqJkAxzRoZ-lytJTv36EcWmW-672FPkSAuFbrlvEE8xiQXd_1MnaYKqoqEudEy-u1ViY7qCcRh6c7LcY6rCHk0Qlj6g7VIOZgYmW3iRQr99wiaXgTfhl213oHaVHbzaDM8xtd8tzYJvwCtB1H3wE1vgascNLlJYhBERnCOK3inPBZf8jM-OB8g6qBW5pbmjcVm4YuMg92OhXn14es4QxDOP_zerf2SFyMl5Ol6lCD1FYWySZlF4iYYXrCH8UMf8686kr4cXOIjN3t5WxyFUZoZFlTifF7PKvRjOyAjoaceFjLLVxz4ZJwvensd49WvkmgSZVF9dJ45PWDNH256i9v6Ww9GerhBolaZEvaATE-ABWvyswRHqokO0JgquY035wZ3hFPB1t69
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221122-15_b1-PR-50508-DEV-122809-rbox-fix-visibility-reporting-after-1s-but-not-having-50-visible-c7abfbe6291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sun, 27 Nov 2022 10:51:36 GMT
x-amz-request-id: V61E4N6NGWRZQH85
age: 1883
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: ljPcn8+9QxUU/ST0/RYP8Glf092k+yXW9clNcA7rI1THHCAI4QzrF+YmLiYfD47mQSokXXNfXQk=
x-served-by: cache-hhn4057-HHN
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1669546297.753967,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 17
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 3166

GET
H2 200 / Show response
pips.taboola.com/ 64 B
242 B 497ms
160ms XHR
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 1a983d69d9a6f4eadb8a6604dc63ce79c5f7fb2dcf550e4d7a87658bd78dae38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-served-by: cache-bog2260026-BOG
date: Sun, 27 Nov 2022 10:51:37 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 364ms
113ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=ba64f561-c2e5-48b5-9473-8764e5005e89-tucta7cc6b6&uad=9181a6929147959668b1f69b492b777a5b60d239d9ab4bf2774c335e66389eae&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Nov 2022 10:51:37 GMT
cache-control: no-store
server: nginx

GET
H2 200 4e619fd4-0514-49e1-9a52-cfa21d5b03b3.png
cdn.taboola.com/static/4e/ 1 KB
2 KB 10ms
10ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/4e/4e619fd4-0514-49e1-9a52-cfa21d5b03b3.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c9c8fdfce46e567be13f3c2069ab3d6de3deb66237932fcfd82bb04f4709208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: iWR1n3DijIvSzCUI6xYfaTNDNzGYr_ki
date: Sun, 27 Nov 2022 10:51:38 GMT
via: 1.1 varnish
x-amz-request-id: PXTKM3KK5VATSA9D
age: 1235
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1443
x-amz-id-2: xLbYGu3635Ll9psRizRpzr905aeMN5/gGZv1vG3kSgJc4aWtJejL9/HKXGl8FegIGiqbCtQ4oZQ=
x-served-by: cache-hhn4057-HHN
last-modified: Fri, 01 Mar 2019 11:14:26 GMT
server: AmazonS3
x-timer: S1669546298.346736,VS0,VE2
etag: "cf73003025b3821e7dffc8917b695ab5"
content-type: image/png
abp: 17
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 55e43555-55f1-472e-904f-ab9ec4f02bda.png
cdn.taboola.com/static/55/ 1 KB
2 KB 9ms
9ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/55/55e43555-55f1-472e-904f-ab9ec4f02bda.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0546498737a8547c8529a34eefdb32c02e492e0dc5784e4211ead8d00105667

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: BVzxtBLsXxK1nFGVPSr4NbSnjsEzqRi.
date: Sun, 27 Nov 2022 10:51:38 GMT
via: 1.1 varnish
x-amz-request-id: MB884Q7QE8TFYXT6
age: 4062
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1402
x-amz-id-2: kSlD384ZvCyB8FHXoMVV7UugQN/x/fOfZDLpdAJ8o25jWHEU8ca6pGeQPsMRiKAZHy1/LpRkRHE=
x-served-by: cache-hhn4057-HHN
last-modified: Thu, 28 Feb 2019 17:40:12 GMT
server: AmazonS3
x-timer: S1669546298.346835,VS0,VE1
etag: "f01fa3ab463718db5186cbf03faa52a9"
content-type: image/png
abp: 17
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vesty.co.il/	1970-01-20 16:31:22	Name: ab-checking Value: 47
www.vesty.co.il/	1970-01-20 16:24:10	Name: dcsyncundefined Value: true
www.vesty.co.il/	1970-01-20 16:24:10	Name: tmcundefined Value: 1
.vesty.co.il/	1970-01-20 09:55:22	Name: _gcl_au Value: 1.1.1829905346.1669546294
.vesty.co.il/	1970-01-20 17:21:46	Name: _ga_HBGSDK9P6D Value: GS1.1.1669546294.1.0.1669546294.0.0.0
.vesty.co.il/	1970-01-20 17:21:46	Name: _ga Value: GA1.3.278959557.1669546294
.vesty.co.il/	1970-01-20 07:47:12	Name: _gid Value: GA1.3.792274533.1669546295
.vesty.co.il/	1970-01-20 07:45:46	Name: _dc_gtm_UA-5536870-20 Value: 1
.vesty.co.il/	1970-01-20 17:07:22	Name: __gads Value: ID=2229035cb649eaea:T=1669546294:S=ALNI_MY2L4THMF5mJyjuOLKeKQ0uIdRyJQ
.vesty.co.il/	1970-01-20 17:07:22	Name: __gpi Value: UID=00000b88f0807be3:T=1669546294:RT=1669546294:S=ALNI_MaLwfrb57HNWmN0C2RytthVpvR5lw
.doubleclick.net/	1970-01-20 17:07:22	Name: IDE Value: AHWqTUlH54FNZtr9vrOg5EpgoTAzKwJO335VhWMREaTiH8jvP3etAxqoG5tyAdGWWHg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7ZkGjsqEWjc
.youtube.com/	1970-01-20 12:04:58	Name: VISITOR_INFO1_LIVE Value: 6aBjkTiTaXE
.casalemedia.com/	1970-01-20 09:55:22	Name: CMPS Value: 3211
.casalemedia.com/	1970-01-20 09:55:22	Name: CMPRO Value: 3211
.casalemedia.com/	1970-01-20 16:31:22	Name: CMID Value: Y4NBN1u-gADxzetEZRPPrQAA
.adnxs.com/	1970-01-20 09:55:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImUEd'B7!@wnfH8K6pQK`!5=E<*L5>xj'lIpR$fb8jzg3a)P7]mf=8PDet9AB1Arn77qP(hw9P-HC_#ttLQ)d??+
.adnxs.com/	1970-01-20 09:55:22	Name: uuid2 Value: 420283712054436747
.casalemedia.com/	1970-01-20 09:55:22	Name: CMTS Value: 2207
.adtriba.com/	1970-01-20 17:21:46	Name: atbgdid Value: 0136623e-7bf4-4c97-b413-60ab0caedfe8
m.exactag.com/	1970-01-20 09:55:22	Name: exactag_new_gk Value: d8f915a5509b4471bbb9e7c6fa2a58c8%7c26.01.2023+10%3a51%3a35
m.exactag.com/	1970-01-20 12:04:58	Name: exactag_new_uk Value: e239bfbadb624fc6ab6579b6380200a7%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 0dd80b012d3249e8a6a6b3f2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.permutive.com/6f7c8ec7-588a-46ef-95d2-ff36e0a39e58-web.js?d=2022-11-27 Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a7c889ab26a1fbcefe9958b1c0dcd8c8.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
api.btloader.com
btloader.com
cdn.firstimpression.io
cdn.permutive.com
cdn.taboola.com
cds.taboola.com
cf.dxmcdn.com
cm.g.doubleclick.net
d.adtriba.com
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.taboola.com
images1.ynet.co.il
js.nagich.co.il
m.exactag.com
mrb.upapi.net
pagead2.googlesyndication.com
pips.taboola.com
region1.google-analytics.com
s0.2mdn.net
scontent-frt3-2.xx.fbcdn.net
scontent-frx5-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tag.escalated.io
totalmedia2.ynet.co.il
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.vesty.co.il
www.ynet.co.il
www.ynetnews.com
www.youtube.com
yandex.ru
yastatic.net
ynet-images1.yit.co.il
104.19.149.54
13.224.189.112
13.225.78.13
130.211.23.194
141.226.224.32
141.226.228.48
142.250.185.226
151.101.65.44
172.217.16.194
172.217.16.198
178.79.242.16
185.80.39.216
185.89.211.12
2.18.235.16
2001:4860:4802:34::36
213.202.235.9
23.35.237.86
2600:9000:20eb:4000:11:da61:a100:93a1
2606:4700:20::681a:314
2606:4700:20::681a:68b
2606:4700:20::ac43:4513
2606:4700:20::ac43:464d
2a00:1450:4001:801::2001
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:88f::30bc
2a02:6b8:20::215
2a02:6b8:a::a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
3.73.210.71
54.78.253.158
0016393da9ef1a445e63bc833c3806423336f0c85926cb3035cdd55fdc702052
016b77c03bfe182b8073e11381d7bb5520f80ef823d61bd47602b8b541f2686c
017548d3f15c9368a68936c5429db26e02796e75873c3a834b33f4bf2dcd2acb
02667aa3bd07697317268811a1e06d552af7f188eac4412afe75cdcadc918ef5
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
04301d9dcfc8e3a8d664ce1d263cf5b0e1025351005046be53161e928e076adc
047a9ce403f5c99ce5a62cdc5f171bd018a7524bdb40508b991c0818d08b6930
054a5ef61ae64a5c377132c482b030a747fa26ff71791b5f8a421b43d699cbc6
0725e29f1b91297954b187e06e164bedcfc5adc877f40094bbf4860312115b88
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09ac8ea119cbed16f5beadbc0f9264d0d9eb1b8c154459db6828d22f008ab4a3
0ab577cc741322a238c8c5d22617155f4d2f3351ddfcb4af5fab3f95e2ce1362
0b5643d26d01cdd2f502a877252f473d362bf546c8584f6b765ef0f4438b1fc7
0b6d9077fe964e048c4ce39162820a77b5762c848215570d8540920ad64bda4d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bee4c9e7d95bff09cdb62f99827e332dfb6e986a30ec3d32894e55f4b7107d4
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0d4bef38d102f950ca16ac71a8fb77eac9840c6bbbd85cd1fc43ce12578ff8ba
0f6d069ba4d434d13fa047412280d51baa1ae1d16f9da719716753bdcdea6ae3
10ffa1a12a66c4b9fc56c7adffdecfc8c5495a9d581a822c8bc5836836e16a24
118a3dd1ef084c64c8009edddbbc259f57cb41c79ea6274afa43a0f8f9def78c
125e6b9ca120fa2bc4892544dda8f20226f26c5bbf550fae4be07b80612982fc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ed8aa0e9ecccd60202cc5c966b654c6330ac29be05f7d51ae1b67d96a3bb41
13ef8328558e0c525489227e99eca54c0bddd453f04a2d1299f8c4ed4ed605c2
141c84ef67068f649c2fe2af34d4051e3e4e100e5725b35c021643d19a0ff02e
14449da3a7190ab4eabfb58a1d1dd730bf4dbf5821a904907971a2252876d55b
15f66b5b4eec43bf947ae27cdc68eccc81eb2c43f65c8758dab6d702d2a6d7e6
18e3e5a436c079aedceaa2ad41862438a6b9daa7e1411a6fa85664381dde2a77
1a983d69d9a6f4eadb8a6604dc63ce79c5f7fb2dcf550e4d7a87658bd78dae38
1aead1520a37b98565359b49261d2d513cefe2c6df0a1e7bdb023b46df01d537
1c191fd1e74ef4cfd9cd54aeaaa2b6a3ade9fe6e6b5d2e71fe69fc5681717130
1c62b11af11f2be4eda6712d1279e4cbe2a8a25f02050ffc8f7d02ebb3f6ee27
1cc6304316c75c71feb79060ebcbdaec27b18b67a1d6fafffa7881a9655e65fd
1d4d6943a5309778bb0532681a50f0679334f96fdaf686dc3d0af24785f6fdd4
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e92539e06df96dc2373cc3cdfe2fc0bddb434cdcbdd6216def27ed76f916408
1f2fb2516957cf9e8fcba382836cd3f5ca0b6dae9446611e577b2d1dbb10ce95
1fd94e175b5127d3acfbd7ce7374954bc24f58f9ef8121ab585f50041f2ce8f9
2013acee4c440c6356cc8d98990e956750b48b68fd56823b741d353d82c5f341
2436d29de150accd2c12d8d0d9573a1a9eb737cf7d3367399c0cb16373350ab2
24bd1809a16e6a6fa6314f2efec4b7394fa49c6996dc78769581517917d72edd
24f3e8be1c01c35430c72d53ed4c2c4b587349b5ddeef0acf860150d18522868
252aaf79a9e0cade2d691e567f7afd04b93fdc690df56bf7ece6b9690395b6e8
2a1b9dc4f5258d06a21416c86418190c011c115fad789808a7200ac5dfd9ac28
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2b0f1a879d76bc2ce1909991e335dae0bbd33d2ffd5b0f4e0a9cd97bacbd446f
2ba18611f8e8fe9e8bb7181b28400147ca3192f4ec702f7bf0f98757468843c9
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2c9c8fdfce46e567be13f3c2069ab3d6de3deb66237932fcfd82bb04f4709208
2d77263a48ea0f8d2903e95c94e176bfe23a032a627dda23077a708ffc5d854d
2e13e2b9a9478f68c39346a7155b90321b2fb8a865eb8804781a75815b004d83
2e8296b4d7093701e989e49dfd07dba1369158367ac9bb34a60b63327410b65c
2ef9e4403c0feb424778d6c77af1d5783fe8c31e720938b5a0a79599a4c29696
2ff45cee003e657eb1e3cf5000c957e00839770700efad0fb965fb01efd43cdd
30e1e1d33b62566b6f3c89eebeeb185997643c6a91e1fdce3083a603576c8f6c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3183f681279dfdac57f6336981014cd4ca5a445cf94f28ce297acb02a33dda31
3199f6eb828e167c3ebaff8bf04026fdca4717a3412e76351a18dcd35ce70c08
31f2f76d99d19fe98a0917f2b785a37c683b85fae29d66dd476ffa84c9a999fb
330d2f914bb48eedd911b2a2c5edff6f44b9058bcbdfc86d05f6a9c39b9d7258
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
358b4c2bc2ff1c98c5e75a041ddd3cb4abeba9d3f461acfe3b95c627ca5a3e29
3649435a40194f5315dcd5dcaa05c7755216c9bc6ae2b4066a0f3b180fe140f7
366779676004418787e9ec5c31f55d5a6446199dd1fc7310d6ffef10c864cf97
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
37053f01142cbe1f55a25ba58d820579027647a4da0794209783b3dd609078cc
38631374aeeb8a8af2dfa93d29fb928b2f023904d968abbc401ad33d817a40c0
38c833266654605601adc1c5b265157d520f8b9775383f7a2dfde6a6b85b9780
38edeadf2ecc3a24cf531e245de9470510ebb5cd3efa34bf9d539bf5a98e6f8f
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a2fe3388887243975a247188dd832bf1a429acc2d4fc2e4868e8cc0156a8a4f
3adae0f7526cd7d75eab0b0051935733618d37e97134ddd7eceb5b6c65920904
3b7309744ad5853f506edb9354e4d3dd672153284f38b1ae92c2c08a5410657d
3da550d33721ae136835c223328e06a02f9377a1415d16869bbff8360b699f8c
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
43b7e084089678e9daeaf79e1893db33e7d29ef097e8f7f9c1f337f392f2265d
43f3dc398082108e0f834b28e030129e907d638f89f8afeb532760102c432484
4412af2c62800daec868b143a3f6582da05e6f1757405f788627d6442e933e6b
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119
44575f1096e2e0ba9c152676c8e65150604bafe21ddcc7925481b0224d505c35
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47879e9a46a232ac6fa8931b17f3dbe8a09ea02497c2394abf2e45c431b9b5ac
484cd03e2e42a773e2bb8cb2fad723cb08844f3f7766990173542d88c8af3d15
4952317dbd95b98f51594e4030f3ec23900d9b3bb501d50e09928127f1d02f08
49b6f7a70ee3d7f71c178641dec7c2b4cae50de328e404d593f7318d9a8b6c9b
4ac4bba0aba4ecc5214737c59ad1bc793f8e32a0befabd240048b84ddd3a530c
4b140abc197e8ff39e83bf6471c05eb066c13c10f04269b0a54b0dc5aefd3929
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d55eead6a0169c36b3642cf5fecf934f49b718e7c4c1425e9dd66e854798755
4e97600804f99d9b0a37ca25349cafea3ca90c75498a4967afbdc616f7133059
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506ea24f2b3cddcc725e5e7f83594c4020ba2f71fea1838e04892b740976ef70
5231f786044c027ef7ebca85d728e5c378bcc72c9f6e953ec4ee97057a655122
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e8c619d20bc3f1a22efd0fec83dba0d8bd9e898f0d5847eaff094f0887fad3
55f7554cc7b33c97e2cda88237977f58ee7bdec0006d1db1579f9debe8321bbe
56416f618bcd4af6b281cc6e6b47fbfc91f9e39a6ba419d7dc0d150ecc655a0c
581d447eb6b75fffeb4a8fc041bebca5158f0f41aa368fb6ef0c1690ae5000a9
584856e883361989cbbb1c03ad142e72c537a3fb1e7a4c848884b4cf60824d95
58eb6039ba4cf05d9af866ee663ee3c48a5c81d4ff2a648b7f1aab46fa150fc1
5bf980d5d3225688d4f755b921027c17ae6cc1025de5888a53dff8b63575350b
5d537a4d64fa02ad51b8141332fefde0cbaae44b8200c43913751e9e64592281
5d84e8c5853347349ceb41d356393ffcffb54de397aa23ccbad73f7970e2e20a
5dbb385cd49933c5fc1f406c31c2bcc1f0bddc6e6cdfaf5fa30e6481d6b19fca
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5eb64140ea9d00a641377e446e7345b4c910a9e15b05cb89d4a72794c263c491
5f564d4e49a3bf12304677ca4d9f94b3f760fc9ea139a05618af4886d137acd2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626773988e3cac6415c262fd754008edb78ad140cb1233a6d16c7fea7b2e9f21
62b6987d45b03c5af619443ee3a7ac8707e097df093fd770b61ed95ad071f9ce
62d3dc98c507a16e8dc5d9815eee29add7bfce141c25b844e0f6d57afd1cdd94
640096266d70a97497aacff058725b3a7b78b89a3fbfe27d24a382215d73176e
64c5bf8a92d4332b1a3a35997fcdb23ccab1701d94a35677cb0f18bfc7df729a
64e2a47b72df7b0cf9f64348ef1915c752638613a9b255a42bb88ca2ba7d81f6
65408ab3bcd5f77832ac9d0be849e7cb7ec418d5d7ce46b9c452c32b78c2c221
6564fd75e0a63e3b26a1e186e686166d482316587e966c43cfe4669139278bee
663e938025867b7b3d9d6f5e33ee6e91192d6e80f7a26a735a0a406ef6abf014
674578c38ff08214f62f4ea0e46fa7b5b936554bfe5b26ef5926c235be8bd088
6a8437f8eb353b0da20b48e51ad0cc9ea9e8842e192f4d119d61fdf79cd5c839
6b4c88e2f7068613fddfe50c1fb3f0d1348cbdbb8d8d12eb1f0adbc777741d15
6b759a63aa4d7af11cf52d9e2a1910662595a3b59fc1a4b8b5e5644c39f74e1c
6b862ad8d490559b37103ad2dd3c914073d6a13aa81ed9cd2ef8205753376d44
6c873c9be6a57a35ad111172fefbbbf5acd08e763ef62360cab0daf354fed81c
6dc573261f23fb7cec50d10b4a28dde3660fb13aebb3c30a18c4811307c2d4bb
6df6d48d0e35371970c99da551fbef58e2c0c54de93243a98e42f2a1ddfb69c7
6dfd2e20bf43dcecc0dab12281a86bbc3dfde6730bb7fce26e977450c251b7e3
6ecb1a1d9de53b1a7899bb6330560ee219817f133eca94ab8de2c9b723ed1c6e
6ed02d42bcd8f9ebc716a2cba9309cd84c560441c9966cda1d04a9a196d114a0
7028ce246826b7ed6bb35f54c2cd43b0c851b84278f8b8b64b03b95190e24356
70bc7e8fbdb99b0e8333b0fc8292fc4661d01327f2998f6872d781f6cd59356d
713de754c3a7cc1dacd4c001c5ff41e3d693ef0d3ab633c5d0b59c8a9b115b11
727faa38e5e5a293cfdf47f34d3767ffababd89d876aea2c864cb13793e2ef24
738b9cd36fe5bcf159ab463801ed5f9791d64629cb7b51defcc7061485a98500
73a3fdb7e55ca9443679b0c78d1cf850cbc8d5baee05f5cb2fbe18a1c3da8ab2
749886f0c7b06a4df622b00a061a33b7b7343bc1987941c26f8b455e6a63a54c
752d586dc5ea8b7da2cf19aef56b66c6515c2ded7b7cb4b16843163773a4c166
755755b2ae8ce85732c114029eb2ae8c759e2f9abf36a37847e7e02d1ca0be40
76c30daab3145c1c7643cbe30b58786f26dee3480ae0a17205aa95ff3795ec02
76cb1043a79bc9c7cc3993ccfbf886c5b7c8d0b5cb7c38356cba14fe0d10bafd
76e4769c77c0216fca6021da45e170b8c024efeff279f79907f18f237855a2dc
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
797a32714b7b358cce4ae7a79d60412b0107d5606cab8d49884a72811ce112dd
7b0c5a7e99fc34a3f01ed2fbf6c15c3c385307d671b05b58237359214dc68e99
7b1d77153cd55fc5b3085fabd7b5b468ea6294bfdde84821afcabbc274ffd549
7ba00ca8e8766105255226293f27ad98d9ff0eb27cbd2b3522140c71a98c6314
7be3f93a947032ead2533412ecf067e904b3547fe2251dbbc456c0d96ce32df0
7be45cd32c802f2d6db6f27606010726beba57a1e6a9e0e607577fdf1361defd
7c0fa62ff2fb1c6a0df76b6e66ccdcf47f1a77c459e843540b5d1b02e7ea3505
7c6af8c526cd3a43ab60854951a8242537c47b71cc27506224394693593e047c
7ddd19e8fa8e78e2a3c9bfa56bf23090cf6d2226ec761e5bf8572cbdfb19174a
7e73a4f6b285389945ee8c7dc8489186a60e1e05fefd44ed39362d1f2183275f
7eb3ac194a04bde86dc6b5065f6471cfc52103a20028c5a5e9b72545ad3b2c76
811f51799efb8dad8ace1c59f5de2b6e51e4216665af9461898b4b6ce42bfe6c
8263feb69af1064f3198bca035f45dd590afa147500310f826da0ad3c7178c97
830762f680cd9559c7fd93685b8f7759e09320c1929739403f24db6b4664fe6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8384d2d648438d8f64ddb9b79177042f72fa515897354d046d0f0d5d7bf621db
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fe7f9f37b2656d4c257e11498b38c2d5e5e4f73b97e7eb7323f0c4c6502a87
8550ea63cdf2144d6663541355a2c22d39d55092bff6bb559b33b5596269aa34
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8565f8971d59afce1dc8380e08b8fcd9b83a7083d6b8b5bd38aae6ce293ce1cf
8998df8a63ed0f8ba73793ac630c120cf5c575e535f88d93aa14602526b333cf
8a5dfeefb54a0d7f4034c83fd72fd88fc2b9eeb749d1b92d35a761928fc79407
8b0ddbcb04b4cdc6fa3e4e57068c308563efde9dade4583f2a2647975c1a7f35
8cc48e83b1f5083beee9219f7f17bf51f8ef2badf6cf9e688f253291ab5a6389
8d375c088fe5edceffe6852ba17e2639339c7f91a99f2d653c84fc2c9aa74348
8e1568d7ac8e890ad66d0d6f47b3801c0ab5ea66a2fd7f0d3215c33943626027
8e75d1398a51e488df67825d9f5fa32e03417030b4f5f3325728997e66833635
8fe9c2e5c1dd7c90df3c181042980696d2da46bc8c1b63e9ea6f5a95a9df94e6
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
913e6aeadf5845369a71ce21634068e11de45bab3e06d311df348cf2693f75a6
9268d17bceacb82031ae1e4c667453e62528b7466b62493e3640761a9ec8a7ca
9282f5f0d6e35dc972ca1d6e9dd93706ee7d5c54ad442d841d2573c38b20459e
92a85f93f18ea572688b8fd7b5c5ff1b9e69c4a61464d72764d833c42dc41c58
92e15851fe32a200249582d31aba6414295f0d753b254b7cd52971568e6b6d4d
9397b8cde68ae4c9eae42daae2c7380f3a4c36220e4850ee583ee97c9dad0c73
939f2861ff23094b6ba90ae0002c62f49da08c6359735dda6959e781e942e94c
93aae7c061382138a7ec0b3d7e0689235d9975725214c0f167737ae94acf7ca1
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
998eecacb60099ced55ad36ed26f11195b9743dc7d93dce4c05167469c2e1bab
9cca851b32120fcd364ca06660d60714ce8e5ba532ed32b7f2ce503cee7ac2e2
9de7f60db798ad4bb03f406a9c1ab0eb4a7ae4c1182572161d0e608c0634adb1
9e17dd16cca1736ad14c569328a7a068cce463d36cd028527aa75944bf44fc73
9f9601a8a22316b5e779726fed7c902ff7ac1a9d7930bdf8855314f332e668e9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0075e45807dd231ef50860b0d885b2827f9ad07ab7c3d83332587eb21ddb25d
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a04d2bd54f657fe4f656aa6bf305fff2ccd0bf48724dc694420d49a2dc5cf8e1
a0f68cf613a0948df6d28744e716cfb755df3eba4e5741852eec7e2669631965
a27d82c6d1155828b88d4ec00c684e2defdb293df46768f706df547deeac3d41
a35c8d3bd235c15fb2247b46b0ad4d30fb32a2086a8a00cfd6a85ed27fc58e9f
a3fdb0fc14e53dfccf40a70ebd4bbdd124c6234cc556f8cad25fa395d787b7b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a4f7da86d3b9490ac34d71a592c138aee1cdffccd0faa69c6813995f2fb18e8c
a5d46a3aec6cdde85198eef50041bf346ecf8dc3b5a06e03329da7998f475143
a67a3614fa2e76978399365c799aabc126e02eeaceb1971bd70439c3ed904aeb
a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e
a99504e1f01f960943de16b80d47ca58cd97c480375707e492290e9e78a83738
aa467d7d858d1ea11f5ab2d7dfd688edb739533becd1337d3a7b68a6414f1b1c
ab32b2c4c4edb597ff057500e0716830305580857189e611e5b07acbba87d78a
abae23f621043a092e981e98c86d0a36a5571f23891a8f13f3c46bc8d55df089
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
ae70ddc938348f4578d78f15fb0d93612f93613a9f3de47703ef718c84994cb9
aea1339f821f17fa13bcce299c8ef53bb88865d31259d7df310e1f818d8f0ef9
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b304e1cae3388fb99554905bc4b8acb1cd3c28217b74ec8d9effb301893c849c
b37e964fbc078a120779f473cda5de46a8815e04aa55c32e76cc6657d3636799
b3e3b07b23a2b54d76706fb529133b3e8dd83cab740d40a3b11be103c6b2af42
b41bf82b7fcf28ff777e3ee2735df3763a0424d119ce578645e32af670db9699
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b561bfa244697b8ab4dc84d418433e008320813e1db67c0001fa71467597f6f7
b64fd0cdb93fca43e09ea43029256f3e804d59759fc49630e93d1d5e705848c2
b69fb0fd0c3b54b066414688628f5df5a1b242ac75f42b5b27b6f08d293160a2
b81870c09e4546205428647dffb99435bfaeea2a481b8932dfd37b76a0654b1b
b8c1c250227d7dc898cd6b3883f01f86c4bdd6aaeb99c46e235ac9ecdacff259
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bba3c1ed2ff6c383c0600b2c76bd2d001df3c26c3f5002966f4ec54914d64eca
be63677319df5219352f91eb1a7d84c8d06307e8cf0cd408015a6153aaf70ea0
bf3e32d807092fa60d6a1cecb6b4d80ce20f1ce7b715a34707184bd31016e189
bfac01f1e0a8417d76b572c6c01e3459e4b026c3cddbeb12a335bc033adb9a5c
c0546498737a8547c8529a34eefdb32c02e492e0dc5784e4211ead8d00105667
c11ff825e313163e17e5e7b8520b82fff5926d4be86c44fa0ea9b7dbc9468216
c76e2af2500b3a3234346e50de6a5e349ab765b2e28232d75792f86cb4324ced
c89abf6bcec9bf5c4cc2ea0cb26372f0bd04c8c490e85fdb9a7c2f4764b207ab
c9646e08df831976f27e505fc21ff71da321605b86891d0b7fa3090f4bc4bc02
ca30a16f3dd187a78e4cecf950ebf9b1775e1314dc08743b44d0e3b5cb309bd6
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cc106ba0afcdd9264bc897deb19a78b1ed31dce1117e90c94dcf54c561678bae
cdb6a994a22802d3cebc2c03d498dd340fefb6e95d1b2b462c2913112fe9b11a
cea30626e12b5a68b9b91cb890401475dc6157d78d70b87edda88c2f7c2dd219
ceea7f36965ca2f13039ba4edea7c1c7cba5b224916d819f7833f73dad74e723
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d222b73fe28847b9da7b7fd08444c24e904444a7fcc4665ef8e064b54fb7ff2d
d249d89ec89617d5cae3b5e285ec3c903ce1ed27b955de835fbe7139bf29d466
d362a0ae44dd538dde9e9b2033635f45d682b5b7fe67722a258c2cd113b68c86
d39d98dcfcc958b0045a6aac8bfe17d28afaf249a0f567b72998140eb0e82a78
d40e246b578028fead44a469d023b37468d80277609e1ac51d48da70b191776b
d48735dbd111d5b4586260790fc2293b8715ce5c4e1e45b91eaf4867f7058332
d50045b25fcaaf924140b0c120c7c267ea30150973460026a2573360f816574c
d54f49f811681dbafa6ae1b0abe2baf318e1d5d0c7e77491f0a38e4c7727ef81
d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19
d7f05a1c92ba23a816100919f55bbec260bd2016988aad0ac3fa2f14d36ee01a
d819ca91e194a55f3763ce322ba88e7447cac67fbe81d85872045a1432db5b2c
d899ccc4a094466de3ee05e38895242206e793ed2e6b43656849c559907c21b1
d89d5a8715a14affc082fea8f107899a28432a05fec2f5190d607ee324e804fb
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d936d9624705fd9b647f71698dc09a8d239243fd5db3b158447592a73f598cbd
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc3d45106d24333353604d863e28084cf0a66e99d9d4e155eacafbb6ae95f5fe
dc4506aa970b6143b290a9fc2109bd70ccf4d1782428aedf2591b40f1434ef82
dcb1769f7eb29d9bf646fd491694eab8d43b9e8dbe83480d55207bdd2c1ab126
de0529d3c675751b762e820612467f5df0c8c3d293602e0d20179e0aafcd6b60
df2475b34ea49d6548e68781fd787984d6d857e1edb64b58ead19af0c88834df
e1c563384b96de069dbd94b764088e9c6b4cb6031b393d8ffa775e5b44e7b781
e2453a88dfee45b4bef3383d2c78c09186840cf04ae4d1e359390dbb72c0a4ad
e248d1f1d1cd34170a12a1a6577c78ad6ded463820430e30620c37c3ace79f03
e29b7ad709f9a64297d83fa77cbc244a03b9f827a50eb53e0c688c45f14c3c66
e343a167a61b47cce4999369e2bd2720c556335b1af118747732c4df838fdb3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e65c31133f95471be272c8fdcd63ecdc3c489f7ddff92ca1f7a81e547dd09589
e7c2ba8ee7f8c9732127791c0af7f8542eb742189f7c133a37ec0f91506480ca
e83c30425a81b46bc5e33559fe9f4d54ebdec60d971e102a24b4be93e1f3d14c
e89e9cf76acc420ce8014fb5752eb639a3ddab8b5683f523a13ed1f9bca122bf
ea540906b4812d6c9f9e88b230cdea6d6958d5be159134204d0fa15d23752095
ee604394532caefef0370eb9f9a16b6ae24b1b206d31e2c2a4adbdf7b1d8c6c3
ef09636415673a51dffe55d5c5fc5a6ef54f05e7a1f228019f40309ad4c9ed40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04600ca36e8aa20c4f523cbc176165c79a0e84f13daf2969f6f58b6e56eea8e
f0c4029e2ea812d0f8abfa9038646761e57c3438ca491289aa2d3d628150dd5b
f18c7c1c9909695dffff15d16d31e2f3055a01696e946f2700ed3bb246382c9b
f1bc9a81f0c03a10c2829bfc10b6788c9a7366c3931a0f182716b7006fbe8f58
f1d423e33955ab4c19d298ae17775da5afd5ea1ef72120d63b48e69ce7bcec0e
f28bb67943d02b75ca344e7d7403636d1174bbf9af444c11d4a0fd5cc0f8da0c
f2a73be472ecf03df32c0a5e5d36190529830c988675b5be31a8e79d15639fa2
f4880589e30cc8bd6457393dce0afbf184761f4c173c3a5be54c6d64015cfcdb
f4b0e1c8bcdff24cdf97abdd440078596dbfa6a512d5dd5957ee9b5cc105543c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7216c9ee0a76b82d39b7ffc4cf1eec5c214b6a4ea0147705667c30b649f35b7
f73f5f2107e43c76096806e6bee7233eb5a1974fc158905ce1fabd1f3a2e124c
f938fff69d6251a827b8f06946cc68b7ee1929869c7d789d566421dff4b45da4
fa9874d982a3556938e00965a80fdb5731f52147ee3cc6a41c4d508dda84b711
fb1010591986c7ad06bc80fa234bc51fa2a362ff0309723acc9f94d25a98dd63
fb408a3f4c5c7ba9cd3672310df56a5a9a5f6e9fa36e73e20b54c643614f0af8
fbe0ef435319ac6fbeb06d4e41ed41ef493345ecdaa249971a5c31364a5f72e6
ff21097d241c16ace85ac3722924f3094db12f83d3444d563b0cbb52407264eb

www.vesty.co.il Open in urlscan Pro 2.18.235.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

393 Requests

96 %HTTPS

62 %IPv6

33 Domains

55 Subdomains

47 IPs

8 Countries

8123 kBTransfer

19780 kBSize

23 Cookies

16 Outgoing links

Redirected requests

393 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.vesty.co.il Open in urlscan Pro
2.18.235.16 Public Scan

Screenshot
Live screenshot

Full Image

393
Requests

96 %
HTTPS

62 %
IPv6

33
Domains

55
Subdomains

47
IPs

8
Countries

8123 kB
Transfer

19780 kB
Size

23
Cookies

393 HTTP transactions
11 data transactions