urlscan.io logo urlscan.io
SecurityTrails logo

178286.newsletter.simedia.email Open in urlscan Pro
54.76.188.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://178286.newsletter.simedia.email/admin/
Effective URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Submission: On June 10 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 58 HTTP transactions. The main IP is 54.76.188.27, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is 178286.newsletter.simedia.email.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 13th 2023. Valid for: a year.
This is the only time 178286.newsletter.simedia.email was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 54.76.188.27 16509 (AMAZON-02)
4 34.251.11.117 16509 (AMAZON-02)
10 35.190.14.188 15169 (GOOGLE)
1 52.218.58.3 16509 (AMAZON-02)
6 35.241.3.184 15169 (GOOGLE)
3 142.250.186.136 15169 (GOOGLE)
2 35.201.111.240 396982 (GOOGLE-CL...)
1 2 172.217.16.196 15169 (GOOGLE)
2 216.58.206.34 15169 (GOOGLE)
3 204.79.197.237 8068 (MICROSOFT...)
1 80.239.138.75 1299 (TWELVE99 ...)
4 151.101.129.44 54113 (FASTLY)
2 157.240.251.9 32934 (FACEBOOK)
1 216.58.206.46 15169 (GOOGLE)
1 74.125.206.156 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
3 6 13.107.42.14 8068 (MICROSOFT...)
1 151.101.65.44 54113 (FASTLY)
2 157.240.251.35 32934 (FACEBOOK)
1 141.226.224.32 200478 (TABOOLA-AS)
4 141.226.228.48 200478 (TABOOLA-AS)
58 21
5    54.76.188.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-188-27.eu-west-1.compute.amazonaws.com
178286.newsletter.simedia.email
4    34.251.11.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-11-117.eu-west-1.compute.amazonaws.com
fonts.crsend.com
login.cleverreach.com
10    35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
1    52.218.58.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
6    35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
3    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
2    35.201.111.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.111.201.35.bc.googleusercontent.com
consent-api.service.consent.usercentrics.eu
2    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net
www.google.com
2    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
googleads.g.doubleclick.net
3    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    80.239.138.75 (Frankfurt am Main, Germany)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
snap.licdn.com
4    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net
analytics.google.com
1    74.125.206.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.google.co.il
6    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
18 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 9344
api.usercentrics.eu — Cisco Umbrella Rank: 6948
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 14987
132 KB
10 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 905
trc.taboola.com — Cisco Umbrella Rank: 699
pips.taboola.com — Cisco Umbrella Rank: 1733
cds.taboola.com — Cisco Umbrella Rank: 1834
trc-events.taboola.com — Cisco Umbrella Rank: 2264
34 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 351
www.linkedin.com — Cisco Umbrella Rank: 553
3 KB
5 simedia.email
178286.newsletter.simedia.email
25 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 361
14 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
2 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
analytics.google.com — Cisco Umbrella Rank: 175
353 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
305 KB
3 crsend.com
fonts.crsend.com
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
2 google.co.il
www.google.co.il — Cisco Umbrella Rank: 25593
562 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
72 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 880
17 KB
1 cleverreach.com
login.cleverreach.com
1 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
275 KB
58 15
Domain Requested by
10 app.usercentrics.eu 178286.newsletter.simedia.email
app.usercentrics.eu
6 api.usercentrics.eu app.usercentrics.eu
5 px.ads.linkedin.com 2 redirects snap.licdn.com
5 178286.newsletter.simedia.email 1 redirects 178286.newsletter.simedia.email
4 trc-events.taboola.com cdn.taboola.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 www.googletagmanager.com 178286.newsletter.simedia.email
www.googletagmanager.com
3 fonts.crsend.com 178286.newsletter.simedia.email
fonts.crsend.com
2 www.facebook.com
2 www.google.co.il
2 connect.facebook.net 178286.newsletter.simedia.email
connect.facebook.net
2 googleads.g.doubleclick.net www.googletagmanager.com
2 www.google.com 1 redirects
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 www.linkedin.com 1 redirects
1 trc.taboola.com cdn.taboola.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 login.cleverreach.com 178286.newsletter.simedia.email
1 s3-eu-west-1.amazonaws.com 178286.newsletter.simedia.email
58 24

This site contains links to these domains. Also see Links.

Domain
www.cleverreach.com
Subject Issuer Validity Valid
cleverreach.com
Amazon RSA 2048 M02		 2023-08-13 -
2024-09-10		 a year crt.sh
fonts.crsend.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-31 -
2025-01-15		 a year crt.sh
login.cleverreach.com
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
api.usercentrics.eu
WR3		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
consent-api.service.consent.usercentrics.eu
GTS CA 1D4		 2024-06-03 -
2024-09-01		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.google.co.il
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Frame ID: 040BE34A4328A8C4F0AA00DEFA386BF3
Requests: 51 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.36.0/cross-domain-bridge.html
Frame ID: F212C5F996D95F460996971D71367716
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SiMedia GmbH

Page URL History Show full URLs

  1. https://178286.newsletter.simedia.email/admin/ HTTP 302
    https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

58
Requests

90 %
HTTPS

0 %
IPv6

15
Domains

24
Subdomains

21
IPs

4
Countries

899 kB
Transfer

2197 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://178286.newsletter.simedia.email/admin/ HTTP 302
    https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5&tag_exp=0&rnd=1127936820.1718022543&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He4650n81523HT3Cv899063862za200&auid=1244063861.1718022543 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&tag_exp=0&rnd=1127936820.1718022543&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He4650n81523HT3Cv899063862za200&auid=1244063861.1718022543
Request Chain 42
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3832250%26time%3D1718022543313%26url%3Dhttps%253A%252F%252F178286.newsletter.simedia.email%252Fadmin%252Flogin.php%253Fref%253D%25252Fadmin%25252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cookiesTest=true&liSync=true

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
178286.newsletter.simedia.email/admin/
Redirect Chain
  • https://178286.newsletter.simedia.email/admin/
  • https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.188.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-188-27.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f71c1db71258814b5f40de3adc980c225df8d8cfcacb5874622dacb593e0382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
4538
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 12:29:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff
x-cr-i
www-eu-i-08d9cdd508e8fe232 D=185418 t=1718022540539706
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 12:29:00 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
pragma
no-cache
server
Apache
x-cr-i
www-eu-i-0f77bfb78bd476e56 D=61562 t=1718022540348745
css
fonts.crsend.com/ 		4 KB
818 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.251.11.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-11-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7ecd9df0b4ee41bcc7a1fd93f1fe280a570c5a5205a5b38c66d35284649f162a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
x-xss-protection
0
loader.js
app.usercentrics.eu/browser-ui/latest/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c5dbbc24fd9a074007abf339f465024b86eeb575ce4da3ce08b5826bff9891b5
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 11:43:01 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2759
x-guploader-uploadid
ABPtcPr9YExtdkXfnqjY5EO3MQs-s64G7kpTqTmpNju9Opw-i4ZV7b10_1vSagmUgwAu1_A-W12P5HmHKQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8125
last-modified
Wed, 05 Jun 2024 11:24:58 GMT
server
UploadServer
etag
"3664e1a3030535e5b97af752c00abd5f"
x-goog-generation
1717586698828331
x-goog-hash
crc32c=on6VdA==, md5=NmThowMFNeW5evdSwAq9Xw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
8125
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 10 Jun 2024 12:43:01 GMT
login-d863f21401.min.css
178286.newsletter.simedia.email/assets/compiled/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://178286.newsletter.simedia.email/assets/compiled/login-d863f21401.min.css
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.188.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-188-27.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1461ae6a53a55f2dac7d5a051ec752d992d721a1f3e753661616d4bb2907a8df

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:00 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 13:44:16 GMT
server
Apache
etag
"e5a-5fe2b43ad7735"
content-type
text/css
x-cr-i
www-eu-i-05cc16a79448f1ea1 D=828 t=1718022540866511
accept-ranges
bytes
content-length
3674
logo_clean.png
s3-eu-west-1.amazonaws.com/files.crsend.com/7000/7047/whitelabel/ 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/files.crsend.com/7000/7047/whitelabel/logo_clean.png
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.58.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
49d6ee5f11a8a7786fe1fa3cd41823d13509d4c5d801d466ce55ca133ccc476e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 10 Jun 2024 12:29:02 GMT
Last-Modified
Thu, 11 Mar 2021 06:57:47 GMT
Server
AmazonS3
x-amz-request-id
53YS9WWQFGZTSYRM
ETag
"5c9babe4378a58e48b960dc504a32dae"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
281000
x-amz-id-2
SS8BSLFg/Fl0w85+dVrn/ZEXl37RjPUdRpqZrctt8s2llSV7z1sHMexJymvrh7pIld4f7GORQOA=
login.js
login.cleverreach.com/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.cleverreach.com/static/js/login.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.251.11.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-11-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5786263782a5628ac8b4a143a20d2e90357dd3ba010110f3d964e49351a2d710
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sun, 09 Jun 2024 00:27:16 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
content-length
963
index.module.js
app.usercentrics.eu/browser-ui/3.44.0/ 		360 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
40514d8f8d1d135565cea5ada6df77cfaeb7fb03725489dd459bf13b0e2d7835
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:46 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435555
x-guploader-uploadid
ABPtcPprQ9b98QXEjpCrknu_eG64uDx0iWbqo1CQV3PIBokHEiF2PviLnpt8cvRamNVAADaZ2ODQtdP_pg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106151
last-modified
Wed, 05 Jun 2024 11:24:38 GMT
server
UploadServer
etag
"17b2e2f2a285e60790f2a5dc117feadb"
x-goog-generation
1717586678304902
x-goog-hash
crc32c=67Ib1Q==, md5=F7Li8qKF5geQ8qXcEX/q2w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
106151
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:46 GMT
languages.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://178286.newsletter.simedia.email
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 12:29:01 GMT
expires
Mon, 10 Jun 2024 12:29:01 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
IL,ILTA
x-guploader-uploadid
ABPtcPqK-imkExs1WShdp35YERL5670knypePnIwpiqkgo1Nz8bdlFlR5JwlbCgRvEhVvOCKBeE
languages.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ 		206 B
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4576de1dd5b373f578b18da3ab756a23d844e0df3e21e1fc0ac18e9eb9c5691c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
x-client-geo-location
IL,ILTA
x-guploader-uploadid
ABPtcPrj-oATJS_7GyZYpRm2Uie50u0tDya2ZwXfkIC09cYdO6Jf80yrj5osp_vUTwO38hUKYf8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
last-modified
Mon, 10 Jun 2024 07:32:50 GMT
server
UploadServer
etag
"07c0d6aedde8128c48613644f4de1597"
vary
Accept-Encoding
x-goog-generation
1718004770081754
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=5hD7zA==, md5=B8DWrt3oEoxIYTZE9N4Vlw==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
115
accept-ranges
bytes
expires
Mon, 10 Jun 2024 12:30:01 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.crsend.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.crsend.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.crsend.com
URL: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.251.11.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-11-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
age
290526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7884
x-xss-protection
0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.crsend.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.crsend.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.crsend.com
URL: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.251.11.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-11-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
age
180140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7748
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		341 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
80126b238f1c3c8d7f1aa46b58ff2a88a3f03cab9a5f6c50c36caf64a75ed335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110180
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 12:29:01 GMT
de.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ 		40 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
469c767f5e1826b5145da7e6f0c047b277e91a90b9edcd0085245f3439bf7235
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 10 Jun 2024 12:29:01 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
IL,ILTA
x-guploader-uploadid
ABPtcPpjTlM-rvK_qEr2hHhZvwsxwfmuaTaNhpO5pj_aiTIBNurt7dx3xQyRas3KTSmgwUEmwrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11448
last-modified
Mon, 10 Jun 2024 07:32:49 GMT
server
UploadServer
etag
"311f8a1a5840af4b7dd655a7fa97fc18"
vary
Accept-Encoding
x-goog-generation
1718004769781179
x-goog-hash
crc32c=6u9t1A==, md5=MR+KGlhAr0t91lWn+pf8GA==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
11448
accept-ranges
bytes
content-type
application/json
expires
Mon, 10 Jun 2024 12:30:01 GMT
de.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://178286.newsletter.simedia.email
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 12:29:01 GMT
expires
Mon, 10 Jun 2024 12:29:01 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
IL,ILTA
x-guploader-uploadid
ABPtcPoylD7r7kONQbHXtyz5FvuxVDrVi7KFBLI3h5ViRujFvznXEdNe2L8hbKaOf8BMlhmOcpQ
icon_generic.svg
178286.newsletter.simedia.email/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://178286.newsletter.simedia.email/icon_generic.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.188.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-188-27.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b87b19292646e22496e031a5a7b55b2b65ea48ef8e9cebf37f322a7195306afb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:02 GMT
last-modified
Thu, 30 Jun 2022 14:12:45 GMT
server
Apache
etag
"542-5e2aadd1b345d"
content-type
image/svg+xml
x-cr-i
www-eu-i-02debac62be17ebf8 D=802 t=1718022542049943
accept-ranges
bytes
content-length
1346
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.36.0/ Frame F212 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-sdk/4.36.0/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://178286.newsletter.simedia.email/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
435553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1123
content-type
text/html
date
Wed, 05 Jun 2024 11:29:49 GMT
etag
"7c88742927494a659acac65295cedd3d"
expires
Fri, 05 Jul 2024 11:29:49 GMT
last-modified
Wed, 05 Jun 2024 11:24:21 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1717586661214854
x-goog-hash
crc32c=E/teCw== md5=fIh0KSdJSmWaysZSlc7dPQ==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1123
x-guploader-uploadid
ABPtcPrCcdWti7giBe4g8J5v6z402034j_BgP9a6VzO4lmJaRvQFSLju65_q-Jw68aQ5UfaH4Zk
favicon_generic.ico
178286.newsletter.simedia.email/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://178286.newsletter.simedia.email/favicon_generic.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.188.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-188-27.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bcab8e47ce2442c9718317733f34de3ac40b0393ff78325fb38a341f61424947

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:02 GMT
last-modified
Thu, 30 Jun 2022 14:12:46 GMT
server
Apache
etag
"3aee-5e2aadd2b5891"
content-type
image/vnd.microsoft.icon
x-cr-i
www-eu-i-05cc16a79448f1ea1 D=692 t=1718022542185087
accept-ranges
bytes
content-length
15086
1px.png
app.usercentrics.eu/session/ 		489 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=_Wu4KEBpy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:18:37 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
625
x-guploader-uploadid
ABPtcPr4shgyOOqyrXmdMyLSQe3_5UOyKdYA7rTJT5kaTiu4sZu4o2_jcznWO0OUnUUyovD5-eQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Mon, 10 Jun 2024 12:48:37 GMT
DefaultData-d9cec632-4b3ce074.js
app.usercentrics.eu/browser-ui/3.44.0/ 		2 KB
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/DefaultData-d9cec632-4b3ce074.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:47 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435555
x-guploader-uploadid
ABPtcPpmDZrQ2-Q_DhNW18r7y9PSCBly4G3NEQtokDZ7XcjWPTXvQ-Ab77dB_w_5LuZ_5T1gmVF6q1TaHA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
969
last-modified
Wed, 05 Jun 2024 11:24:30 GMT
server
UploadServer
etag
"20b33d75ea2a0a7439c4070f90252d78"
x-goog-generation
1717586669999243
x-goog-hash
crc32c=f39q5w==, md5=ILM9deoqCnQ5xAcPkCUteA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
969
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:47 GMT
translations-de.json
api.usercentrics.eu/translations/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fd685f8162e83ff30ccead6635e39450485e83f50b15fbf0c75fff4dc8377489
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 10 Jun 2024 05:06:58 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
26524
x-client-geo-location
IL,ILTA
x-guploader-uploadid
ABPtcPo0gYpeEgDbNVDUm_pvQZFrca2T5e5zp16hx3nS92XVxRjXoxZH6JjWaoSMVhHgssaNr94
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2878
last-modified
Thu, 06 Jun 2024 08:55:09 GMT
server
UploadServer
etag
"9071cb66722303f026d3445882f74792"
vary
Accept-Encoding
x-goog-generation
1716292304054057
x-goog-hash
crc32c=iUOpYQ==, md5=kHHLZnIjA/Am00RYgvdHkg==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2878
accept-ranges
bytes
content-type
application/json
expires
Tue, 11 Jun 2024 05:06:58 GMT
translations-de.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://178286.newsletter.simedia.email
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 12:29:02 GMT
expires
Mon, 10 Jun 2024 12:29:02 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
IL,ILTA
x-guploader-uploadid
ABPtcPoMIZjoBy0DH3kdzk1yklLtUb3fKdwvv3JWtuSXJhhHgPioosZLttJsgwqxcoJEmz1e5UA
DefaultUI-78c53789-f0e4af59.js
app.usercentrics.eu/browser-ui/3.44.0/ 		2 KB
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/DefaultUI-78c53789-f0e4af59.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b3f51f60046eb6b89db3ffe5d17e47650174aa4a93f272ad6ec377821be99554
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:47 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435555
x-guploader-uploadid
ABPtcPrtQK-Us8ordquz33McKiAHlBOpA80EYeuEn56b_FC0OH2zbwnS2_c3WOez58skwEOMYWxelk-b_w
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
757
last-modified
Wed, 05 Jun 2024 11:24:30 GMT
server
UploadServer
etag
"a9c8550b9a8e1ba031e4a29926389421"
x-goog-generation
1717586670491933
x-goog-hash
crc32c=5CNVOA==, md5=qchVC5qOG6Ax5KKZJjiUIQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
757
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:47 GMT
FirstLayerCustomization-2f1f6dd7-f4742024.js
app.usercentrics.eu/browser-ui/3.44.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/FirstLayerCustomization-2f1f6dd7-f4742024.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eee02992e5461036937f2b237b4f5fe72155c6d7859124130224cf1400775808
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.usercentrics.eu/browser-ui/3.44.0/DefaultUI-78c53789-f0e4af59.js
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:48 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435554
x-guploader-uploadid
ABPtcPp9EpXo1Knljhj-XpuqljWaQ7nL8yB1TEUnxjD06YA4yd43PbGaaSUIM3y0cBs7As0bLse4ZlXP_w
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
last-modified
Wed, 05 Jun 2024 11:24:30 GMT
server
UploadServer
etag
"ee5ac7235acca60606a535dfea6fdb99"
x-goog-generation
1717586670961438
x-goog-hash
crc32c=S5/YIA==, md5=7lrHI1rMpgYGpTXf6m/bmQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1076
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:48 GMT
ButtonsCustomization-39ca47ff-e2dc7498.js
app.usercentrics.eu/browser-ui/3.44.0/ 		473 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/ButtonsCustomization-39ca47ff-e2dc7498.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5ad755a81f1d74fbe23c50641eff88c3d87569daa204f2b729e2a415006f7c6b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.usercentrics.eu/browser-ui/3.44.0/DefaultUI-78c53789-f0e4af59.js
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:48 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435554
x-guploader-uploadid
ABPtcPoJBhsR1BNUk91b8IbF5o7bcAar_aR_DKm11vI70hTT7LCdPRWYikYDsI-a6CpE4sfnxAluN62w8Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
last-modified
Wed, 05 Jun 2024 11:24:29 GMT
server
UploadServer
etag
"a79e352254d28f09b1bda9e7ed849ce2"
x-goog-generation
1717586669289320
x-goog-hash
crc32c=Jw1wrA==, md5=p541IlTSjwmxvann7YSc4g==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
236
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:48 GMT
SecondLayerUI-f0ee4af7-131cb5ed.js
app.usercentrics.eu/browser-ui/3.44.0/ 		577 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/SecondLayerUI-f0ee4af7-131cb5ed.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
06e5be77ddf66228e6f6ed661636154b19738cb397929f6e827e2c5f27ee0875
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.usercentrics.eu/browser-ui/3.44.0/DefaultUI-78c53789-f0e4af59.js
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:48 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435554
x-guploader-uploadid
ABPtcPrtR1HXVjKn_s6gpKiHjcPa1NkPwrU4Q8k_7Kcjl1v-bK2buwKCz_JPUq_QZHR6vYe-HJO1R92MIw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
last-modified
Wed, 05 Jun 2024 11:24:32 GMT
server
UploadServer
etag
"ef4fbc37156a0f77444ab0c85144a391"
x-goog-generation
1717586672380758
x-goog-hash
crc32c=M69kLA==, md5=70+8NxVqD3dESrDIUUSjkQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
322
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:48 GMT
Taglogger-712eaa32-97f20233.js
app.usercentrics.eu/browser-ui/3.44.0/ 		1 KB
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.44.0/Taglogger-712eaa32-97f20233.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Origin
https://178286.newsletter.simedia.email
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 11:29:48 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
435554
x-guploader-uploadid
ABPtcPokwizcRKOO-gb2yOSSYj8wFsy3eT2aNL0PhbwnsTE_bua20FQe8siWIeDM1ECb18gZd_rz90ivpQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
689
last-modified
Wed, 05 Jun 2024 11:24:32 GMT
server
UploadServer
etag
"497d074a7394d727e98b0dd1064446a7"
x-goog-generation
1717586672882832
x-goog-hash
crc32c=xjrm1A==, md5=SX0HSnOU1yfpiw3RBkRGpw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
689
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 05 Jun 2025 11:29:48 GMT
3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.111.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://178286.newsletter.simedia.email
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 10 Jun 2024 12:29:02 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
c311cc6f50927143e23353484b69ca02
3
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
78 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/3
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.44.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.111.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://178286.newsletter.simedia.email/
X-Request-ID
52f88226-60fa-4726-9afc-60aa0495ef89
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:03 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
e130dff4c7aea6dd5e8b2280d40cf760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5&tag_exp=0&rnd=1127936820.1718022543&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He4650n8152...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&tag_exp=0&rnd=1127936820.1718022543&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&tag_exp=0&rnd=1127936820.1718022543&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He4650n81523HT3Cv899063862za200&auid=1244063861.1718022543
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://178286.newsletter.simedia.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5&tag_exp=0&rnd=1127936820.1718022543&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php&dma=0&npa=0&gtm=45He4650n81523HT3Cv899063862za200&auid=1244063861.1718022543
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		329 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
aba7e32a930894760e35a301a6b0e2dbbff42e88afba68a099977fda57a4aaaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109894
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 10 Jun 2024 12:29:02 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 10 Jun 2024 12:29:02 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2195BC65BA5E42E9B5A219E5046F664C Ref B: TLV30EDGE0412 Ref C: 2024-06-10T12:29:03Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
insight.min.js
snap.licdn.com/li.lms-analytics/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.239.138.75 Frankfurt am Main, Germany, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 17:20:18 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=18036
accept-ranges
bytes
content-length
16683
destination
www.googletagmanager.com/gtag/ 		260 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-956195738&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b3423b6f3c1d7c3bbd262e21a6e7b00c7a279e4dfd740c6f4b05e6329d8da643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91957
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 12:29:02 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1455965/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6216d36ecd6b3759b81fea3c0ddc7336568e901afc0d06210383ba6149b650d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FSRwl7kmVC2tuIKugS_FIxG_mG5rp6Go
content-encoding
gzip
via
1.1 varnish
date
Mon, 10 Jun 2024 12:29:03 GMT
x-amz-request-id
SDRR351RG3N6CTBR
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21846
x-amz-id-2
u+eSzvNm///36fjdxLm1waOZpZ7LyFjT1TcqiWaGcZQ1qKCZGaWe7cwrbqSPC3TU5tjUmb/aL4g=
x-served-by
cache-mrs1050108-MRS
last-modified
Sun, 09 Jun 2024 11:35:43 GMT
server
AmazonS3
x-timer
S1718022543.075613,VS0,VE103
etag
"a232bc254f039c1f0bc87bbfe09b453a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
0
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 178286.newsletter.simedia.email
URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 12:29:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=12, mss=1380, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
87L6NbNZ5uWHt0PbMmm7uuOiC/1okJ5Wg8nIFwOoH2rTuD7yHQOTAXnaDcB/rSgBx+kr9AhjRkOLD0EyyCW2+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956195738/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956195738/?random=1718022543086&cv=11&fst=1718022543086&bg=ffffff&guid=ON&async=1&gtm=45be4650v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&hn=www.googleadservices.com&frm=0&tiba=SiMedia%20GmbH&userId=178286&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=1244063861.1718022543&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-956195738&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8fb652572c89a9fb76ca7bf6b2d96dd0ec8a5b1d96136774fa9d67bf0f1a862b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1488
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-Q09SDP4HXY&gtm=45je4650v890092590z8899063862za200zb899063862&_p=1718022541336&_gaz=1&gcs=G111&gcd=13r3r3r3r5&npa=0&dma=0&tag_exp=95051016&gdid=dOThhZD&cid=2091944935.1718022543&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAACA&_s=1&uid=178286&sid=1718022543&sct=1&seg=0&dl=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&dt=SiMedia%20GmbH&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3237
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://178286.newsletter.simedia.email
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q09SDP4HXY&cid=2091944935.1718022543&gtm=45je4650v890092590z8899063862za200zb899063862&aip=1&uid=178286&dma=0&gcs=G111&gcd=13r3r3r3r5&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://178286.newsletter.simedia.email
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q09SDP4HXY&cid=2091944935.1718022543&gtm=45je4650v890092590z8899063862za200zb899063862&aip=1&uid=178286&dma=0&gcs=G111&gcd=13r3r3r3r5&npa=0&frm=0&z=675923043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
26005642.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/26005642.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 10 Jun 2024 12:29:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AC3A5E1F57F14B77832861C6F553B40B Ref B: TLV30EDGE0412 Ref C: 2024-06-10T12:29:03Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=26005642&tm=gtm002&Ver=2&mid=421585b8-1cf7-4fca-a951-e254878094e6&sid=058f6cb0272511efa58f41407d572729&vid=058fdfe0272511efa21e33ceec1d3f2f&vids=1&msclkid=N&pi=918639831&lg=he-IL&sw=1600&sh=1200&sc=24&tl=SiMedia%20GmbH&p=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&r=&lt=2004&evt=pageLoad&sv=1&rn=739197
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 10 Jun 2024 12:29:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED7E6FA52FB8419483EC334B55DD7400 Ref B: TLV30EDGE0412 Ref C: 2024-06-10T12:29:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1455965/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1455965/trc/3/json?tim=1718022543297&data=%7B%22id%22%3A938%2C%22ii%22%3A%22%2Fadmin%2Flogin.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1718022543290%2C%22cv%22%3A%2220240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D%252Fadmin%252F%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-feicrashgroup%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22Usercentrics%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22true%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1718022543295%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2701f984227cce613f0eeb032009613be3e4242db25a6914f57ec6df5a97d80d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
77
date
Mon, 10 Jun 2024 12:29:03 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.36625
x-fastly-to-nlb-rtt
64085
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mrs1050108-MRS
x-log-content-encoding
gzip
server
nginx
x-timer
S1718022543.359545,VS0,VE77
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
attribution_trigger
px.ads.linkedin.com/ 		2 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
*
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:03 GMT
content-encoding
gzip
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9657A60F5E7C4206B049CAAE5B2F8449 Ref B: TLV30EDGE0321 Ref C: 2024-06-10T12:29:03Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-ltx1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYaiEttFszNxMfnIoeLDg==
x-fs-uuid
00061a884b6d16cccdc4c7e722878b0e
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3832250%26time%3D1718022543313%26url%3Dhttps%253A%252F%252F178286.newsletter.sime...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cookiesTest=true&liSync=true
0
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cookiesTest=true&liSync=true
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://178286.newsletter.simedia.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 12:29:03 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9352B3DBFDFC412F84BBEEF2ECA80B16 Ref B: TLV30EDGE0109 Ref C: 2024-06-10T12:29:04Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-lva1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYaiEt110KGbYiiEhAXFw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 12:29:03 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYaiEtyp+PnFq3DDBMoDw==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6B428BB7374648178069D0E9A527D4DF Ref B: TLV30EDGE0109 Ref C: 2024-06-10T12:29:03Z
x-frame-options
sameorigin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3832250&time=1718022543313&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
193318555884686
connect.facebook.net/signals/config/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/193318555884686?v=2.9.157&r=stable&domain=178286.newsletter.simedia.email&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
e2f83df9f5458b1943a43a9d23351d352cde57c8152b568287294f6e911722c9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 10 Jun 2024 12:29:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=57, rtx=0, c=63, mss=1380, tbw=63535, tp=-1, tpl=-1, uplat=226, ullat=0
pragma
public
x-fb-debug
qXIAy0d9WQ4Z+RQbo6OHu6os96D2JYROkSMIuXS6U/LDupbXbz4c4Ei+lyE4IadGlIEK94zYDAZdVxvTxRBH2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/956195738/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/956195738/?random=1718022543086&cv=11&fst=1718020800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&hn=www.googleadservices.com&frm=0&tiba=SiMedia%20GmbH&userId=178286&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=1244063861.1718022543&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLSr8kKme1SnJg2IgMPRWcnwHoaOimeg&random=1947256422&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f196.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.il/pagead/1p-user-list/956195738/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/pagead/1p-user-list/956195738/?random=1718022543086&cv=11&fst=1718020800000&bg=ffffff&guid=ON&async=1&gtm=45be4650v892401549z8899063862za201zb899063862&gcd=13r3r3r3r5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&hn=www.googleadservices.com&frm=0&tiba=SiMedia%20GmbH&userId=178286&did=dOThhZD&gdid=dOThhZD&npa=0&pscdl=noapi&auid=1244063861.1718022543&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLSr8kKme1SnJg2IgMPRWcnwHoaOimeg&random=1947256422&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 10 Jun 2024 12:29:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Mon, 10 Jun 2024 12:29:03 GMT
x-amz-request-id
RCYMRYSV20EHDTV5
age
484
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
+TPZjngwSvkYDAJxqKc4hQAtGl498O09TUSKdZwYswTIBQeWnd9oyDDpsecIS+2/Oa1wdq1eTTY=
x-served-by
cache-mrs1050108-MRS
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1718022544.542177,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
72
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2628
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Mon, 10 Jun 2024 12:29:03 GMT
x-amz-request-id
7ZTP7M80WJNDDANV
age
3923
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
htBgcTPK92hDtooU8aLGrn47qveQVSzKU2Z9N49H1hpGEcq436fYC7Lbxr+6FQRU5VNeZTNitn0=
x-served-by
cache-mrs1050108-MRS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1718022544.542427,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
91
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
10855
/
pips.taboola.com/ 		4 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mrs1050086-MRS
date
Mon, 10 Jun 2024 12:29:03 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://178286.newsletter.simedia.email
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=193318555884686&ev=PageView&dl=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&rl=&if=false&ts=1718022543702&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718022543700.831399208222496316&ler=empty&cdl=API_unavailable&it=1718022543344&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=10, mss=1380, tbw=2836, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 10 Jun 2024 12:29:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=193318555884686&ev=PageView&dl=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&rl=&if=false&ts=1718022543702&sw=1600&sh=1200&v=2.9.157&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718022543700.831399208222496316&ler=empty&cdl=API_unavailable&it=1718022543344&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7fc0f010ad1296d6","source_keys":["1","2"]},{"key_piece":"0x335b6fc0457b2d94","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 10 Jun 2024 12:29:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=46, rtx=0, c=14, mss=1380, tbw=3154, tp=-1, tpl=-1, uplat=175, ullat=0
pragma
no-cache
x-fb-debug
12g6EPOH8avPojf/ce9aUrJFHnLRqP0jxblIyn7khPhhJ4cM6e6fdpHgE7cMymUr/MNepTjjZjU+M+wGtLiEuQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI1LjAuNjQyMi4xNDE=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI1&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI1&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 10 Jun 2024 12:29:04 GMT
cache-control
no-store
server
nginx
/
px.ads.linkedin.com/wa/ 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://178286.newsletter.simedia.email/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 12:29:03 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F91B01DB3CB649878DF306AA842626F4 Ref B: TLV30EDGE0109 Ref C: 2024-06-10T12:29:04Z
linkedin-action
1
vary
Origin
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
access-control-allow-origin
https://178286.newsletter.simedia.email
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYaiEt47tRgYSKTLHTD1w==
unip
trc-events.taboola.com/1455965/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=1571&scd=0&ssd=1&est=1718022543293&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1718022544865&vi=1718022543290&ri=b2a02bf99b9c6e1839f4f340ffce6551&sd=v2_779b3f61ce642e75f595ba6a8315079c_424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f_1718022543_1718022543_CNawjgYQ3e5YGLqv_pCAMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABoppvJ7d37u7UDcAE&ui=424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cbp=Usercentrics&cbpv=1&cbcd=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://178286.newsletter.simedia.email
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://178286.newsletter.simedia.email
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 10 Jun 2024 12:29:05 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
unip
trc-events.taboola.com/1455965/log/3/ 		0
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=1571&scd=0&ssd=1&est=1718022543293&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1718022544865&vi=1718022543290&ri=b2a02bf99b9c6e1839f4f340ffce6551&sd=v2_779b3f61ce642e75f595ba6a8315079c_424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f_1718022543_1718022543_CNawjgYQ3e5YGLqv_pCAMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABoppvJ7d37u7UDcAE&ui=424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cbp=Usercentrics&cbpv=1&cbcd=true
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Attribution-Reporting-Eligible
trigger
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://178286.newsletter.simedia.email
pragma
no-cache
date
Mon, 10 Jun 2024 12:29:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1455965/log/3/ 		0
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=4573&scd=0&ssd=1&est=1718022543293&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1718022547867&vi=1718022543290&ri=b2a02bf99b9c6e1839f4f340ffce6551&sd=v2_779b3f61ce642e75f595ba6a8315079c_424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f_1718022543_1718022543_CNawjgYQ3e5YGLqv_pCAMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABoppvJ7d37u7UDcAE&ui=424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cbp=Usercentrics&cbpv=1&cbcd=true
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://178286.newsletter.simedia.email/
Attribution-Reporting-Eligible
trigger
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://178286.newsletter.simedia.email
pragma
no-cache
date
Mon, 10 Jun 2024 12:29:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1455965/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1455965/log/3/unip?en=pre_d_eng_tb&tos=4573&scd=0&ssd=1&est=1718022543293&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1718022547867&vi=1718022543290&ri=b2a02bf99b9c6e1839f4f340ffce6551&sd=v2_779b3f61ce642e75f595ba6a8315079c_424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f_1718022543_1718022543_CNawjgYQ3e5YGLqv_pCAMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABoppvJ7d37u7UDcAE&ui=424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f&ref=null&cv=20240606-38_b5-PR-72292-DEV-164503-kfc-purge-remove-lru-from-static-files-cache-ef50f04a3d0&item-url=https%3A%2F%2F178286.newsletter.simedia.email%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252F&cbp=Usercentrics&cbpv=1&cbcd=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://178286.newsletter.simedia.email
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://178286.newsletter.simedia.email
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Mon, 10 Jun 2024 12:29:07 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill object| crCData string| bb_data_confirm_title string| bb_data_confirm_ok string| bb_data_confirm_cancel string| fvInvalidEmail string| fvRequiredEmail string| fvRequiredField string| fvInvalidBIC string| fvInvalidURL object| fvRemoteInvalid string| hostUrl object| cleverlogin object| cleverLoginCallBacks function| cleverLoginReceiveMessage function| encodeQueryData function| setfocus function| receiveCleverLogin string| pollRestURL object| crControl object| dataLayer function| gtag object| google_tag_manager object| google_tag_data string| _linkedin_data_partner_id object| __tfa_pixel_init object| _tfa function| fbq function| _fbq object| UC_UI object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_d59f3813e2 object| uetq function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError function| lintrk boolean| _already_called_lintrk function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| ORIBILI

19 Cookies

Domain/Path Name / Value
.taboola.com/taboolaaccount-feicrashgroup/ Name: taboola_session_id
Value: v2_779b3f61ce642e75f595ba6a8315079c_424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f_1718022543_1718022543_CNawjgYQ3e5YGLqv_pCAMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABoppvJ7d37u7UDcAE
178286.newsletter.simedia.email/ Name: PHPSESSID
Value: 8dSEPYVHvWyU93u0k2UzNyBCbUFf3Bd5SGKFfVqQQZB7Sbpk
.simedia.email/ Name: _gcl_au
Value: 1.1.1244063861.1718022543
.simedia.email/ Name: _ga
Value: GA1.1.2091944935.1718022543
.simedia.email/ Name: _ga_Q09SDP4HXY
Value: GS1.1.1718022543.1.0.1718022543.60.0.0
.simedia.email/ Name: _uetsid
Value: 058f6cb0272511efa58f41407d572729
.simedia.email/ Name: _uetvid
Value: 058fdfe0272511efa21e33ceec1d3f2f
.bing.com/ Name: MUID
Value: 1971AC81A52B6DB53D7DB81BA4BB6CAC
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.taboola.com/ Name: t_gid
Value: 424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f
.taboola.com/ Name: t_pt_gid
Value: 424e996e-c0b2-4e38-ac84-aa13b2cf0cbc-tuctd60770f
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: li_sugr
Value: a7e0bbbc-e398-44fb-ab56-6f4adc870b73
.linkedin.com/ Name: bcookie
Value: "v=2&de19e32e-63b0-4214-88dd-96e50eae97f3"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3257:u=1:x=1:i=1718022543:t=1718108943:v=2:sig=AQEmBncmV46xLvBERKGg0CF5br9HLDQ6"
.simedia.email/ Name: _fbp
Value: fb.1.1718022543700.831399208222496316
.linkedin.com/ Name: UserMatchHistory
Value: AQK3Bg8Kw7KM8gAAAZACH5mNzjrL9vwioXVC8QG6Ytn2fW-C5Uk0H27zmaPfYLFNhxaOKPL1lvYcVg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLJ1qa6oWzFYgAAAZACH5mN2t-LQDosmSaoDpjqMDB2YHsuoQP4olDXrOmMgF028JiDTYxGngXD6TancpqXLQ
.www.linkedin.com/ Name: bscookie
Value: "v=1&202406101229039f933b8c-933a-412b-812c-b9c5e290ac20AQH7gXDJLDv2q_65vxJPwi9ezQ4pOLJP"

41 Console Messages

Source Level URL
Text
security warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F(Line 132)
Message:
Mixed Content: The page at 'https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://178286.newsletter.simedia.email/admin/login.php'. This endpoint should be made available over a secure connection.
recommendation verbose URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://178286.newsletter.simedia.email/admin/login.php?ref=%2Fadmin%2F
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

178286.newsletter.simedia.email
analytics.google.com
api.usercentrics.eu
app.usercentrics.eu
bat.bing.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
consent-api.service.consent.usercentrics.eu
fonts.crsend.com
googleads.g.doubleclick.net
login.cleverreach.com
pips.taboola.com
px.ads.linkedin.com
s3-eu-west-1.amazonaws.com
snap.licdn.com
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
141.226.224.32
141.226.228.48
142.250.185.195
142.250.186.136
151.101.129.44
151.101.65.44
157.240.251.35
157.240.251.9
172.217.16.196
204.79.197.237
216.58.206.34
216.58.206.46
34.251.11.117
35.190.14.188
35.201.111.240
35.241.3.184
52.218.58.3
54.76.188.27
74.125.206.156
80.239.138.75
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
06e5be77ddf66228e6f6ed661636154b19738cb397929f6e827e2c5f27ee0875
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1461ae6a53a55f2dac7d5a051ec752d992d721a1f3e753661616d4bb2907a8df
2701f984227cce613f0eeb032009613be3e4242db25a6914f57ec6df5a97d80d
40514d8f8d1d135565cea5ada6df77cfaeb7fb03725489dd459bf13b0e2d7835
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4576de1dd5b373f578b18da3ab756a23d844e0df3e21e1fc0ac18e9eb9c5691c
469c767f5e1826b5145da7e6f0c047b277e91a90b9edcd0085245f3439bf7235
49d6ee5f11a8a7786fe1fa3cd41823d13509d4c5d801d466ce55ca133ccc476e
5786263782a5628ac8b4a143a20d2e90357dd3ba010110f3d964e49351a2d710
5ad755a81f1d74fbe23c50641eff88c3d87569daa204f2b729e2a415006f7c6b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ecd9df0b4ee41bcc7a1fd93f1fe280a570c5a5205a5b38c66d35284649f162a
80126b238f1c3c8d7f1aa46b58ff2a88a3f03cab9a5f6c50c36caf64a75ed335
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8fb652572c89a9fb76ca7bf6b2d96dd0ec8a5b1d96136774fa9d67bf0f1a862b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aba7e32a930894760e35a301a6b0e2dbbff42e88afba68a099977fda57a4aaaa
b3423b6f3c1d7c3bbd262e21a6e7b00c7a279e4dfd740c6f4b05e6329d8da643
b3f51f60046eb6b89db3ffe5d17e47650174aa4a93f272ad6ec377821be99554
b87b19292646e22496e031a5a7b55b2b65ea48ef8e9cebf37f322a7195306afb
bcab8e47ce2442c9718317733f34de3ac40b0393ff78325fb38a341f61424947
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
c5dbbc24fd9a074007abf339f465024b86eeb575ce4da3ce08b5826bff9891b5
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e2f83df9f5458b1943a43a9d23351d352cde57c8152b568287294f6e911722c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee02992e5461036937f2b237b4f5fe72155c6d7859124130224cf1400775808
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
f6216d36ecd6b3759b81fea3c0ddc7336568e901afc0d06210383ba6149b650d
f71c1db71258814b5f40de3adc980c225df8d8cfcacb5874622dacb593e0382a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd685f8162e83ff30ccead6635e39450485e83f50b15fbf0c75fff4dc8377489