urlscan.io logo urlscan.io
SecurityTrails logo

www.vesty.co.il Open in urlscan Pro
72.247.165.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.vesty.co.il/
Effective URL: https://www.vesty.co.il/main
Submission: On June 20 via api from US — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 6 countries across 30 domains to perform 243 HTTP transactions. The main IP is 72.247.165.243, located in Paris, France and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 12th 2023. Valid for: a year.
This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 72.247.165.243 16625 (AKAMAI-AS)
33 104.18.6.158 13335 (CLOUDFLAR...)
20 172.217.16.194 15169 (GOOGLE)
11 143.204.98.71 16509 (AMAZON-02)
1 142.250.186.42 15169 (GOOGLE)
1 7 178.154.131.217 13238 (YANDEX)
1 5.255.255.77 13238 (YANDEX)
6 18.66.112.5 16509 (AMAZON-02)
1 104.18.3.189 13335 (CLOUDFLAR...)
1 104.16.80.73 13335 (CLOUDFLAR...)
2 142.250.185.168 15169 (GOOGLE)
1 1 104.26.9.27 13335 (CLOUDFLAR...)
1 2 104.22.75.216 13335 (CLOUDFLAR...)
35 151.101.193.44 54113 (FASTLY)
9 156.146.33.141 60068 (CDN77 _)
1 142.250.185.174 15169 (GOOGLE)
1 18.172.112.121 16509 (AMAZON-02)
13 142.250.186.142 15169 (GOOGLE)
22 142.250.184.194 15169 (GOOGLE)
2 142.250.184.238 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
4 44.241.96.50 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 104.26.2.70 13335 (CLOUDFLAR...)
1 3 142.250.185.102 15169 (GOOGLE)
8 13.32.27.106 16509 (AMAZON-02)
1 151.101.129.44 54113 (FASTLY)
1 216.58.212.142 15169 (GOOGLE)
2 64.233.184.156 15169 (GOOGLE)
2 142.250.184.195 15169 (GOOGLE)
2 13.32.99.13 16509 (AMAZON-02)
1 178.250.1.3 44788 (ASN-CRITE...)
1 34.96.70.87 396982 (GOOGLE-CL...)
4 216.58.206.33 15169 (GOOGLE)
1 142.250.184.228 15169 (GOOGLE)
3 185.106.33.48 200478 (TABOOLA-AS)
2 157.240.252.35 32934 (FACEBOOK)
14 142.250.185.161 15169 (GOOGLE)
7 142.250.181.226 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
4 195.181.175.40 60068 (CDN77 _)
1 172.217.22.67 ()
243 43
6    72.247.165.243 (Paris, France)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-165-243.deploy.static.akamaitechnologies.com
www.vesty.co.il
totalmedia2.ynet.co.il
33    104.18.6.158 (None, )

ASN13335 (CLOUDFLARENET, US)
ynet-pic1.yit.co.il
20    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
securepubads.g.doubleclick.net
11    143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net
cdn.flowplayer.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
imasdk.googleapis.com
7    178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
1    5.255.255.77 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru
yandex.ru
6    18.66.112.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-5.fra56.r.cloudfront.net
tags.dxmdp.com
1    104.18.3.189 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ynetnews.com
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
1    104.26.9.27 (None, )

ASN13335 (CLOUDFLARENET, US)
mrb.upapi.net
2    104.22.75.216 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
35    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
pips.taboola.com
9    156.146.33.141 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 663193551.fra.cdn77.com
cdn.userway.org
1    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
ads.google.com
1    18.172.112.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-121.fra60.r.cloudfront.net
cf.dxmcdn.com
13    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
fundingchoicesmessages.google.com
www.youtube.com
22    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
4    44.241.96.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-96-50.us-west-2.compute.amazonaws.com
api.userway.org
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
8    13.32.27.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-106.fra56.r.cloudfront.net
event.dxmdp.com
1    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f14.1e100.net
analytics.google.com
2    64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.co.il
2    13.32.99.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-13.fra60.r.cloudfront.net
tr.dxmcdn.com
1    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
4    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f1.1e100.net
06886738050f922b5511a953b816db13.safeframe.googlesyndication.com
1    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
3    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
14    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
tpc.googlesyndication.com
7    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
www.googleadservices.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    195.181.175.40 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 824291365.fra.cdn77.com
cdn77.api.userway.org
1    172.217.22.67 (None, )

ASN- ()
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
06886738050f922b5511a953b816db13.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
479 KB
40 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 844
trc.taboola.com — Cisco Umbrella Rank: 711
il-trc-events.taboola.com — Cisco Umbrella Rank: 30680
images.taboola.com — Cisco Umbrella Rank: 1555
pips.taboola.com — Cisco Umbrella Rank: 1642
cds.taboola.com — Cisco Umbrella Rank: 1761
631 KB
33 yit.co.il
ynet-pic1.yit.co.il — Cisco Umbrella Rank: 84442
2 MB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
ad.doubleclick.net — Cisco Umbrella Rank: 164
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
327 KB
17 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4625
api.userway.org — Cisco Umbrella Rank: 4518
cdn77.api.userway.org — Cisco Umbrella Rank: 6795
250 KB
14 google.com
ads.google.com — Cisco Umbrella Rank: 26741
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
analytics.google.com — Cisco Umbrella Rank: 174
www.google.com — Cisco Umbrella Rank: 5
77 KB
14 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 76460
event.dxmdp.com — Cisco Umbrella Rank: 74833
478 KB
11 flowplayer.com
cdn.flowplayer.com — Cisco Umbrella Rank: 55719
208 KB
7 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 5698
195 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 1087
api.btloader.com — Cisco Umbrella Rank: 1198
19 KB
4 vesty.co.il
www.vesty.co.il
44 KB
3 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 105482
tr.dxmcdn.com — Cisco Umbrella Rank: 82984
99 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
10 KB
2 google.co.il
www.google.co.il — Cisco Umbrella Rank: 25282
515 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1092
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
72 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
205 KB
2 ynet.co.il
totalmedia2.ynet.co.il — Cisco Umbrella Rank: 111167
73 KB
1 gstatic.com
csi.gstatic.com
234 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3376
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 757
13 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 493
431 B
1 upapi.net
mrb.upapi.net — Cisco Umbrella Rank: 142890
560 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1073
7 KB
1 ynetnews.com
www.ynetnews.com — Cisco Umbrella Rank: 216435
945 B
1 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1501
102 KB
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 531
138 KB
243 30
Domain Requested by
33 ynet-pic1.yit.co.il www.vesty.co.il
22 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
20 securepubads.g.doubleclick.net www.vesty.co.il
securepubads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
19 images.taboola.com www.vesty.co.il
14 tpc.googlesyndication.com securepubads.g.doubleclick.net
14 cdn.taboola.com www.vesty.co.il
cdn.taboola.com
11 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
11 cdn.flowplayer.com www.vesty.co.il
9 cdn.userway.org www.vesty.co.il
cdn.userway.org
8 event.dxmdp.com tags.dxmdp.com
7 www.googleadservices.com pagead2.googlesyndication.com
7 yastatic.net 1 redirects yastatic.net
6 tags.dxmdp.com www.vesty.co.il
tags.dxmdp.com
4 cdn77.api.userway.org cdn.userway.org
4 06886738050f922b5511a953b816db13.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 api.userway.org cdn.userway.org
4 www.vesty.co.il 1 redirects www.vesty.co.il
ynet-pic1.yit.co.il
3 il-trc-events.taboola.com cdn.taboola.com
www.vesty.co.il
3 ad.doubleclick.net 1 redirects www.vesty.co.il
3 api.btloader.com mrb.upapi.net
2 www.facebook.com www.vesty.co.il
2 www.youtube.com www.vesty.co.il
www.youtube.com
2 tr.dxmcdn.com cf.dxmcdn.com
2 www.google.co.il www.vesty.co.il
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 ad-delivery.net www.vesty.co.il
2 trc.taboola.com cdn.taboola.com
2 connect.facebook.net www.vesty.co.il
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 btloader.com 1 redirects www.vesty.co.il
2 www.googletagmanager.com www.vesty.co.il
www.googletagmanager.com
2 totalmedia2.ynet.co.il www.vesty.co.il
1 csi.gstatic.com pagead2.googlesyndication.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 www.google.com www.vesty.co.il
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 analytics.google.com www.googletagmanager.com
1 gum.criteo.com cdn.taboola.com
1 cf.dxmcdn.com tags.dxmdp.com
1 ads.google.com ynet-pic1.yit.co.il
1 mrb.upapi.net 1 redirects
1 static.cloudflareinsights.com www.vesty.co.il
1 www.ynetnews.com www.vesty.co.il
1 yandex.ru www.vesty.co.il
1 imasdk.googleapis.com www.vesty.co.il
243 47
Subject Issuer Validity Valid
qa.vesty.co.il
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-12 -
2024-11-13		 a year crt.sh
ynet-pic1.yit.co.il
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.flowplayer.com
Amazon RSA 2048 M02		 2024-04-01 -
2025-04-29		 a year crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M03		 2023-12-24 -
2025-01-22		 a year crt.sh
ynetnews.com
GTS CA 1P5		 2024-06-02 -
2024-08-06		 2 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-20 -
2024-11-17		 6 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2024-05-07 -
2024-08-05		 3 months crt.sh
adwords.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M03		 2024-02-25 -
2025-03-25		 a year crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-30 -
2024-06-28		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M02		 2024-01-25 -
2025-02-22		 a year crt.sh
*.google.co.il
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.dxmcdn.com
Amazon RSA 2048 M02		 2024-04-16 -
2025-05-15		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-25 -
2024-07-19		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-06-18 -
2024-09-16		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
1784939676.rsc.cdn77.org
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://www.vesty.co.il/main
Frame ID: EE3B7050797D9D1FC1BAE4483C07D375
Requests: 184 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 3C32EDC9C222335E31D27D70B471BDEB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 7B4E9691980596EF39DC14B2584A5FDD
Requests: 1 HTTP requests in this frame

Frame: https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF1B836471D2571B1D0CBF67E5B7CD9E
Requests: 1 HTTP requests in this frame

Frame: https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF08A03BBA0CF136DC35722639C4D954
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6xBxguv-7JmknrkHREvfOqTGG9S9KZ7FbyZoYHByQYOTXiazP8V5tjLQXmTo4A3hAP-fm9e0AneC3TB1YQPrJNKsQoDWzWSBz4CWz7sXYBr2WpLQr4eKQvEQibMF2BTliZhs_n4BfhEtYuWX86mBYzVNhYQBfi8OX4iyDln0pNJznOB9ymBbf2lL80zDmMQiwFno-_l5-ObfuYBXuOIs2b_OektyMFP7eef1cxVri93UgNFk4iFPEA1u2P8VRSsa6Lqh-HWRxUaXA7Hlo_CnW5e_qewQ6aZVlAvxRsW7WEpD_9eEp-5oFy7m4GVFOa4v4-fm0fegeXRbpjrRszgvUSJGOBCPZjX26NVtKR4DL6b_flNPe9CCuvE0AYZqGdIDKZ_jTtJjw&sai=AMfl-YSM8BJei8zgu3r4TL3vPIQjl2nPaffg7uzmuskwtMIsKT-A7wXOO3lSHFKkb_X2acVrRFAGoBmhD7PXLAQNbCJjltCHhffbY5hc_uRKktu35N3BGlV3dxcJauyMNBnmEkTAx4qB2shB8cJpVPMCjKM&sig=Cg0ArKJSzLqM3E8U4ao-EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 3DD021DD90157A1165E1F6585DABE2CF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpmGc3S58cVBn_W_d1DBXMFrbhoHvK0HTPek8bqUL-7_GN--EJ4M2XfjJBfsI1yEQS8U3Bip6pcKcMXUL88ne0yvSY5Tp6SepYljTaAX1MB0S0OXaC8OPqeDCbafoIcdl1Eom7IrXoM4N5TPg95__W8LXsoxS4uLTNW8b5Px6KydFOogFnu2-3wRMKXiUFHtwJi8MJDxnno8hLa3ACgohSi8hSBefcD233FN_u2-c3VM9v5LG8rRrBfh7LqehMWOVycOKcNMzf0sTl1j84AlcLhJl74gDLEg9cAToZuyTKR5DPvuPbwcJhgdsPLyeL0m_5d54OyK-7NdBdeNqrNaFOsGgna8UuIGMJxgOHx4vGM5rZSw&sai=AMfl-YROZxt60VuUR6qvhlc5fb1w2lUXvA1sn_dSSFdlkwK7IFJLTkBIhanxw1wMu7NJ0op9G9TxS8eYFdAPgbLPhTqzMPhhc0nwr-0Dnbbabh3G7OayZYe0pLG0wS0GmCOSGCPso7Rqx8moxrf7OmgSQaw&sig=Cg0ArKJSzDnb9gB_S04WEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 33FE9FCB020173D743CA868282DDA5CD
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH-jqeRpjoyVAhJY2j1QjTXYWA-KJwsbYcSmalExCPkgPdVjF35t3At4beofPXd7pXJI-nGxSBxVHpF3LwBTGaeOJXbR4I2pw6BAsz1sXtZMxhsjxsB80yE6EVw99EW27UABFrthPD02gbEUmQCx5ojawJ5yHygCsZhNeJ9vO7zxY82NKdZZLkaZR5pNqSf1VnT3T1xcsZhwVqxZ7gWXMyl4OzUGwfd7IZz6uxxRLBpmmsAKSWJcoDMvlXTVHCXcxP-8Mmpo9rn0cxzLjlIM_B1JWrAyAJ-fuaJckWOWSN9F6ibRytyGAzsRcCOmjNHiW2CIxjZmkWyTlwogVc9TdXuEAATnyfUsQnEuBnddrRbr6mEw&sai=AMfl-YTDkYZJUpmA6lCGclp7JJCtumtBw5JUolvM3rG-5aqPfT8A9omLYBIzyUAnohyc5s_3OfYCkqJM1L3ygFGwd5bSJzGKXCT__c9zzlg2n1KlZfxLS4GOIboJStWWX0-IPtLbdlhSisekFFEp9UFRkTs&sig=Cg0ArKJSzOEWpcaW3n9FEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 38E579D3E1E51B1670072F9471456BB4
Requests: 8 HTTP requests in this frame

Frame: https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F64CFA48B7DBFF3D6B4DF3BD75BCCDDA
Requests: 1 HTTP requests in this frame

Frame: https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D140F9590DAF8E8A98A3D7DA8281C42F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDondN4RRdyyY7lKSoYyMQ1XhmZckJ62TthhkVFI_Em2dJtL1rMturj7xogboXjWdQiPrRp6vWNqa1j5snKfktbdiJ64nLllqwI_N3R1lRb4sM7zyLTd2RFVaOJv1ZCBQAMh4I40HJZSRE2_VuEIwZt_BZJ53U5FsuMDCu_aNunqeTfITIiPXQiusRwGD0iKeuK1c64urZKc_a_nBIR3mSKTbTj5ctGv1kJs3xTcuj8FXnVxvusx7yjBjlChL7XyxmMhGYA6z1SmtFOpOwiufXkeYL2vIpMDmAh2wJNvkzCQN-hI7b87vXZ7SceP7lRLC2Vk_O4uI2vea8yJ96B4S9BY7Hsl5ihTSGBbIfinGVTt4nMor_Hhw9fw&sai=AMfl-YRXt_47iG7JNeyS6zc8tltPL-RFNw2JwZNNpCvcemDeZLOGtv2hi6njWCMsrQw-WXKhIN6jamoVd1kWqC7mm9tM62sAFnICIAdIOvNqonPz7mR0qibDub2pfcg9XbHu0EQmBw0VMuwSSEQkJ4HgOac&sig=Cg0ArKJSzEtsK6hsNDAPEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C2DA4DE35D50DAE4356544A6E10B7554
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMMmV3w39SU7IGN35G5eLiFatTF3ONd3MdyLZ_CgvodOeR752Ybk_vaiyoC3AbScWM23XIzDsUumWqN3yIaoFQxvggeTIUmt0cDeVl1dJq5ue0EQW-WjcdsmAGRIu_Vw707laBnJgToyk5wUxEw8y9V25tQtZWpfXZwHuIPiiXMF_N_Ym01HEs8u6cB0JwNKH5FtsblhcP0vbIGOoT7t85rb-ZZG9a_gb7TRxBT0rb6L3NEjuRv5xzCuJqztb4gPKkgJb8uJSpMD9yc__Xz2IkaIcBk-V2bvD73UnxDY0KhlVlCR6Pu0xP1SJzUgy-3wnhV726824W_DP5xNzc_UaIMoqHIW2rH8_1g-67HyYwIrpann4_LQs7UGoiMG1goHcAfr9V5XeVTY_4-9SCVPE&sai=AMfl-YRngKW_rjkHD9sw_diLL4V6wi--0UkLjqakrNMXgckq1HLXa0aW0coUA1f_FFtIM54DzRSQPZlzDkXGIKvN2JOUD-zxWXbcGx72TmfoyGdgwfhUoMM4UfmTxVrKegQJtTtjYrhq3g2vnD28HhPCZhM&sig=Cg0ArKJSzPDfEoCvLbNOEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: DE1B57DDB116F0C786980631BBD03CDD
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy8wY0_aVDzVleU5JtPde5pfRIO_IO8NvFpbTXOjxfwG--j6AzfH0d-iXA75tULY8Gn9BdTU_8x0vewvTEaUMQQVyMkxoZfnqUPriALzbekfImiJK0-WdsqnoupYp-jAEDwLE6QEuxIhu3P-1aqK_-zvad7_AyyGVArUO_TxzsSfi5bn08uK3l9xJQkz9JMiP8B0CSlekoyt72X92R72xafMwcVDtLmqkMyB7buRvRF1ChXjH9Gvz2w60_BXD8L_URHL8VJK61CQxUeul1oHZ33Y-KhNAWRUg58zAv7QIR13nH7BRpJxQvjVTBPEULbpTjWbYGGy0SvC_nCWBmAqXY2lUfEnvsYqOefTWj9TY8beI2BZI1PrBM1x5oJPjJUXnN15DvTOhzdKWPQ7nakro7_t0I&sai=AMfl-YRb800wjYgLN2vd67bdAgp5MrIzaEqVwsLMD4QkcrZGhQXyLRmPObZ-jcTqWTj8JrmNa3CQ0Fhs2gBXQpm4Rg5W3_yq-MlwU0YpP_i1sjt5-oSLrm4MPs5kOmMRBIqnqoEBhbGNMyWhc7_fr6rBjNo&sig=Cg0ArKJSzH0QhtbbdFkdEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 93C39E1D33C97A0DB15E0B98ECC91F88
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9KGF7ePNmyYQwA5YDZBfzwHkV0AJ44_rsBF0EsyFRMZQI9rZF3kJUcVWkDSyP7yPZvuNkVvlW7L5UK9UdakeaFsUsQ9Pru9723pKOIYaJe0vOSMZR6QOITl0YPcIyD6BkkvbYuaqvhpy1k9y96mV9b_ORkWkK__Xh9tNKchaH-_tKZABwiUOpITa6aOeAxmDqCcjmcuN5KD0g4OUZSzxqeXOI-QISLT_RpqiR33BaDlBIYKDQFpGEF70ALcaZu9JaxGy3EHshbHdBaVhWUr58G8Gvn0Lr_YL1RbiXo-s0pK7WZGI_7hsHpaND6uyMz0sr8rJNILgQBqsmLpe7SrSkK0iBd-Q2-W-aqH9YdHUWH-JmkMBDiUx2ZY6xofEqxNQYgCGf1Hh3e2XEYZ3NDA&sai=AMfl-YQaFpQ-wWBdiiMACSiHwSMq2g1J6TCDIo1zGaW717is55oXHIbi1AbpsK_Ar2yxTnMcOyFPuMy-X_idZndQcsvC-guwoykrsqZaB4USrqkOEFnYdSv_P1MDN4FZhkzSx1u-mQvwJEhu74rZxgP78fo&sig=Cg0ArKJSzHtMgFy6SV7xEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 433FD65A28BB2E6B928B2C20E71F13D4
Requests: 8 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 02EC6895BE31D59A171359E909CD9D24
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 634F9BA895AE1D0365CCA528CDDFE02A
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: D24B35B8ACE723234596CC4960C89486
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: DBFCB250449EDAC3A7C06FDC999C95FA
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: DC0EE4420E2B0DC4B8CDB0632F716E4B
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: D6360033BBEEAE2012727216C3A43DD8
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: C0AF36CCCDAE9029D33144CE77404EAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vesty | Новости Израиля | Vesty.co.il | Вести Израиль

Page URL History Show full URLs

  1. http://www.vesty.co.il/ HTTP 307
    https://www.vesty.co.il/ HTTP 302
    https://www.vesty.co.il/main Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

243
Requests

98 %
HTTPS

0 %
IPv6

30
Domains

47
Subdomains

43
IPs

6
Countries

5407 kB
Transfer

19739 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.vesty.co.il/ HTTP 307
    https://www.vesty.co.il/ HTTP 302
    https://www.vesty.co.il/main Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 62
  • https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
  • https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
  • https://btloader.com/tag?w=5732901039636480&upapi=true
Request Chain 131
  • https://ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/B31903165.394063426;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=vesty.co.il HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/B31903165.394063426;dc_pre=CJaQ6LWY64YDFZKI_Qcdkn4G0A;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=vesty.co.il

243 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request main
www.vesty.co.il/
Redirect Chain
  • http://www.vesty.co.il/
  • https://www.vesty.co.il/
  • https://www.vesty.co.il/main
149 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.165.243 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-165-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61321ead031ebfad677d31b5d543987c15ed61ed09be355e74212db666d2c2d6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
36822
Content-Type
text/html; charset=utf-8
Date
Thu, 20 Jun 2024 22:06:24 GMT
Last-Modified
Thu, 20 Jun 2024 21:55:31 GMT
OSV
c8
V-TTL
653
VX-Cache
HIT
Vary
Accept-Encoding
WAI
01
X-Frame-Options
SAMEORIGIN
X-me
${S_HOSTNAME}
X-version
V3
backend-cache-control
s-maxage=900
vg_id
2

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 20 Jun 2024 22:06:23 GMT
Location
https://www.vesty.co.il/main
Server
AkamaiGHost
vesty.c1561c5177e919c38a0658b6375d80e8.css
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 		773 KB
179 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.c1561c5177e919c38a0658b6375d80e8.css
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d085748a907b1d0d1b981570bc8746cb6e0d9cc1e4bf96beb70f8121dbd2cec4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Jun 2024 07:23:09 GMT
server
cloudflare
age
6363
etag
"e691e1e286b5da1:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
896f10da89ede3cf-TLV
expires
Sun, 21 Jul 2024 22:06:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
b7634461506f4569594878833ad2df264bca0d7a35f1565b5924ce2788fbde9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31619
x-xss-protection
0
server
cafe
etag
750 / 19894 / m202406170101 / config-hash: 11234456558756126930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:06:24 GMT
gpt_script_yns_ynv.js
totalmedia2.ynet.co.il/new_gpt/vesty/ 		142 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.165.243 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-165-243.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
80087da8f89f2a1d11045cafd56b19c4d9d78461ae890b9113c4bc29fdc4fbc0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 07:51:05 GMT
server
AkamaiNetStorage
etag
"8717f866c75582eb7fcb68fc1bd152e9:1700038983.041201"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
29165
ynv_templates.js
totalmedia2.ynet.co.il/gpt/ynv/ 		110 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.165.243 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-165-243.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
last-modified
Thu, 07 Feb 2019 09:15:22 GMT
server
AkamaiNetStorage
etag
"0d986196c56347b4af883296acc3ef7f:1549530922"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
vendors-widgets.5a75e38506bb012f5b8b.js
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 		2 MB
539 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daaa8665415c17083651c7dca5faa946d3c406ee11458c57a54d6c7867b2f4af

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Jun 2024 07:23:05 GMT
server
cloudflare
age
241
etag
"6aa1ae086b5da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
896f10dd8e26e3cf-TLV
expires
Sun, 21 Jul 2024 22:06:24 GMT
widgets.c4b30a6162b55b5f05a1.js
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 		4 MB
894 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/frontend/site/prod/widgets.c4b30a6162b55b5f05a1.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3be41988f4135929c0a73231d1a66a9e0222fc59ff3c3fe846580c99f816b42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 03 Jun 2024 07:23:13 GMT
server
cloudflare
age
242
etag
"e0121ee586b5da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
896f10deafaee3cf-TLV
expires
Sun, 21 Jul 2024 22:06:25 GMT
flowplayer.min.js
cdn.flowplayer.com/releases/native/3/stable/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/flowplayer.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c97498704bda9d570f12c36b730b94f0107b968c3f82f56df04dbb24b907a698

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
PDTTMdSI0d2ujvxLfLPLm3NQ_uyIsTVX
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:05 GMT
x-amz-cf-pop
FRA50-C1
age
83193
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:25 GMT
server
AmazonS3
etag
W/"5e3c240ab2b98d4784a1617c005a8ebc"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
t260zxHYcfOf6AibCTG6J2OuIKIZnEIWS3OsoHpx_aQ4lmMEBqttpQ==
flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6869bfd6c942ddccd9b9867b19da3f945345585e359aed46c4eccec2f4c7645

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SJctdCh939cacoCtrqPHNayRXUUTMvjj
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:15:54 GMT
x-amz-cf-pop
FRA50-C1
age
69986
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:41 GMT
server
AmazonS3
etag
W/"8516007226d76a183855f8a1fd694834"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
fGwur0apMEmlHLxXzl7_L4e-Ds3bJ69RUhMoY9WRowr7RhiI9wWwmw==
ads.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		101 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/ads.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0be5b73c2bc6bfebf5393a50d7575341b01da28f39b59d06e67fb88d641a00bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
5bSPPYL9LBKVPxrs1txqaFeku5gCgq9v
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:06 GMT
x-amz-cf-pop
FRA50-C1
age
64951
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:27 GMT
server
AmazonS3
etag
W/"7f98c8aa24953e65d125f6583dfdca39"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
-S3CZK4wy1yC_8GCAkrtJlsaJF0WFLRdwgf6OdJz8EisEkV8ml9zew==
cuepoints.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/cuepoints.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cWBhJ5dN8Rvr4bGjziwUIVP6dX7k8Vva
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:06 GMT
x-amz-cf-pop
FRA50-C1
age
53978
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:30 GMT
server
AmazonS3
etag
W/"bd50097b30cd0caf23b8970fee9bcd6d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
2sCrxY3uV921LaYFjeUyuwNnuH4nbDxZm9KAw2UGamW8baGe7exJZA==
ga4.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/ga4.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3c7ad5400850ab634b2e01d9480573a28b57f444ff4aa98d941f0debc962509

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HP46FHwHp0.ANKon3GB0wnlJWA7J1T2F
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:05 GMT
x-amz-cf-pop
FRA50-C1
age
73797
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:33 GMT
server
AmazonS3
etag
W/"63c9f773edccba6c84b8676a64c7213d"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
zS226VhAAn3EDrNIDUDsf7Xia0_GNs4lNoWTeme7ZgG3wyOs8RDpuQ==
keyboard.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/keyboard.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3740094153185f3f2b5c80c643d801342782b2a319e073352131aaf7a8f8ff3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
FNDtvp1f4e5jJIqW4ahvBiHaS2zhI.s_
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:06 GMT
x-amz-cf-pop
FRA50-C1
age
71696
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:35 GMT
server
AmazonS3
etag
W/"ca4a3cce1b0a4e826a5b8e4a51439a14"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
NNIGr5B3oyQteVcifvywm5vWNLAo8Jqc9miLD4Fu6-4k6S7T7aV9zw==
share.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/share.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c721ff6b7a55b7e2c6d78a6956d5308f750e9bd6896ee2569955740fdc1c1f4d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ct5sm3CxAiUyS78DQ_Ju1mrQUZrLkifa
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:05 GMT
x-amz-cf-pop
FRA50-C1
age
77558
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:38 GMT
server
AmazonS3
etag
W/"827e19548241dd0e5fa4c96cc0ea8c98"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
VvbhRcLtKVmGrjeFk8I9HOiRgK5H9o3R-coK0v0_p0hVHj2KDQkoRA==
qsel.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/qsel.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
003241d1a155418bef20320f23819a7234f1c4ee67f8f9f1cd4c788184b46031

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
zZ0kTPSHktK8Im6lOXgs91o_ViTRDgOu
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:02 GMT
x-amz-cf-pop
FRA50-C1
age
52340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:37 GMT
server
AmazonS3
etag
W/"1c47e6c1c7739d0fd1853b2f4ea43af1"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
rEvYukSejFJ-bQt0RXw5bduTfKW4-YeS6WiCTjKExjLg5Ifzd-KKvA==
asel.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/asel.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fae11c9c633cff7b1d502c425ad3a3805f08824d583e8109e50e7790b1cc060

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cXQljUHnKM6MvSAUisv6R_v_oaGIsdxR
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:06 GMT
x-amz-cf-pop
FRA50-C1
age
78149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:28 GMT
server
AmazonS3
etag
W/"93422b67d68933a5cc3090177a60a98e"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
3LTnVa15xwu83CkMDlsiNmqoLAJaRIabwXsOeU_7DMw9npHURafrYw==
hls.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		397 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/hls.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
427d2c97c9f8c3b1f45585ba46540d428f6a691d532e969bd36b49d18cd7dcba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
qAEA5WmmWEx_vdhtdg7eeOnteh1HM48_
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:05 GMT
x-amz-cf-pop
FRA50-C1
age
59580
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:34 GMT
server
AmazonS3
etag
W/"2537b76f8b01153cdde928d0146bd8fc"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
qgNBl-znrHhoCuuFNKc8ftu5HD-pEqqj9WOqukRxhETqK4cqcXwXQQ==
float-on-scroll.min.js
cdn.flowplayer.com/releases/native/3/stable/plugins/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flowplayer.com/releases/native/3/stable/plugins/float-on-scroll.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-71.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9615049edd32a33f0f3f46bc6afc9f0b5dd6f8ca372ee4c94159af10ce8ad9ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
wnEdl8pNFoi16HJkb58JCj_uCPNiAd6h
content-encoding
gzip
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 09:16:05 GMT
x-amz-cf-pop
FRA50-C1
age
53126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 09 May 2024 21:43:32 GMT
server
AmazonS3
etag
W/"12ce633f09b0fe33b5ee094c76641588"
access-control-max-age
3000
access-control-allow-methods
GET, POST, PUT, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Accept-Encoding
x-amz-cf-id
VMEHq6zmwBu2uN8HPiITX4CaEm3zwINzpsKRQ8HqDzTwlnU7xtowGA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		402 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
sffe /
Resource Hash
1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140633
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:24 GMT
flowplayer.lang.ru.js
cdn.flowplayer.com/releases/native/translations/ 		0
0
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
354 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Server
5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
60b7cf4ca82fffabf68603dbca3ff084501419becd7ea18f27801a97ee28d5cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag
"ffd7fc9a38def7c7705852bf4d5bba18-1047751"
x-yandex-req-id
1718921184993196-7428668360319577272-balancer-l7leveler-kubr-yp-vla-197-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
timing-allow-origin
*
expires
Thu, 20 Jun 2024 23:06:24 GMT

Redirect headers

date
Thu, 20 Jun 2024 22:06:24 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location
https://yandex.ru/ads/system/context.js
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
jquery-3.6.3.min.js
ynet-pic1.yit.co.il/Common/Api/Scripts/ 		88 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/Api/Scripts/jquery-3.6.3.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Mar 2023 12:58:30 GMT
server
cloudflare
age
69
etag
"4de1350be5cd91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
896f10da89f0e3cf-TLV
expires
Sun, 21 Jul 2024 22:06:24 GMT
dmp-provider.js
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 		248 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d7724bf048303a0acf190befe1096f5b6afbe6c0f97760e89d481045259ec40c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:19:56 GMT
content-encoding
br
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
age
27989
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
qmqmOZHP_nD_LPs0-Dmme4v3Du8CePqBir_gYLVZvmxEQooLWck6YQ==
1250.png
www.ynetnews.com/Cnt/Images/Weather/ 		672 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ynetnews.com/Cnt/Images/Weather/1250.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

backend-cache-control
date
Thu, 20 Jun 2024 22:06:24 GMT
cf-cache-status
HIT
age
401221
vx-cache
MISS
wai
01
content-length
672
v-ttl
0
last-modified
Sun, 16 Jun 2024 06:39:23 GMT
server
cloudflare
etag
"c2826d31d827d41:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
896f10db7da290e2-FRA
expires
Thu, 27 Jun 2024 22:06:24 GMT
____.png
ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/____.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1100fa96bd3e19c286b7f41f7bbbbb8b73bc4d757ed0f5843380fe25e62fec34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Jan 2023 12:16:18 GMT
server
cloudflare
cf-polished
origSize=4244
etag
"5a4db457ed24d91:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10da89f2e3cf-TLV
content-length
3819
expires
Sun, 21 Jul 2024 22:06:24 GMT
ByeZhRWLC_0_0_850_479_0_x-large.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/ByeZhRWLC/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/ByeZhRWLC/ByeZhRWLC_0_0_850_479_0_x-large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd31f093629fafbe50e2f4b744532f46eeae9f205173ad836f170596e2eda67
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
19827
cf-resized
internal=ok/h q=0 n=22+104 c=0+0 v=2024.6.0 l=19827
last-modified
Thu, 20 Jun 2024 18:08:49 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfRmzRTRFfAoJXfaLpAanCLTbT1gWqs-rDoNB_ezzVDQ:12849ce63cc3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10dc1c30e3cf-TLV
rJlKA11MLC_0_183_1280_721_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/rJlKA11MLC/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/rJlKA11MLC/rJlKA11MLC_0_183_1280_721_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c25a3a5676769fcf59cfb84f091511d6d969f096bf0ede5fc05a6b33bc8fa806
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
12094
cf-resized
internal=ram/h q=0 n=0+237 c=0+0 v=2024.6.0 l=12094
last-modified
Thu, 20 Jun 2024 20:07:09 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfQjJOI3F4lZ4V0JBUTmLi6SaM1gWqs-rDoNB_ezzVDQ:bc43686e4dc3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10dc5c99e3cf-TLV
rk9K00abIR_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/rk9K00abIR/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/rk9K00abIR/rk9K00abIR_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36136c7125bd305688118c54a59897a0b56628f82c0940d34196c062f84f085f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
5937
cf-resized
internal=ram/m q=0 n=0+242 c=0+0 v=2024.6.0 l=5937
last-modified
Thu, 20 Jun 2024 16:33:31 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfn0_aTtcWsLEn6HtKaqqi0ds41gWqs-rDoNB_ezzVDQ:3cfe5a962fc3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10dcad08e3cf-TLV
HkEBxgwHC_0_216_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/12/HkEBxgwHC/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/12/HkEBxgwHC/HkEBxgwHC_0_216_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3045b94bdbc36a939bad585b2ccbc6451dd3379c84e5bfd2c11a1be3b6b2fa5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
14163
cf-resized
internal=ram/h q=0 n=0+88 c=0+0 v=2024.6.0 l=14163
last-modified
Thu, 20 Jun 2024 17:38:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfdD3AyYitNuSXE4YjnfvyNRGg1gWqs-rDoNB_ezzVDQ:f07d939e38c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e09a68e3cf-TLV
8771991_0_70_1300_732_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2018/09/14/8771991/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2018/09/14/8771991/8771991_0_70_1300_732_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eedd0b839c19910b7d4537b14f76dcc2b9263e4bc4d388d3e3251681ddc15ac8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
12158
cf-resized
internal=ok/h q=0 n=19+103 c=0+0 v=2024.6.0 l=12158
last-modified
Thu, 20 Jun 2024 19:42:30 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfH1Kt3mWLOAVuR37CE2cYTMSw1gWqs-rDoNB_ezzVDQ:ec7b24fd49c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cab8e3cf-TLV
B1lBsW00ZUA_124_76_867_488_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/B1lBsW00ZUA/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/B1lBsW00ZUA/B1lBsW00ZUA_124_76_867_488_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9390bf77e856d4ae698d32f67866d1661993a588b7deced1616eb10fbfc5abde
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
6072
cf-resized
internal=ram/m q=0 n=0+153 c=0+0 v=2024.6.0 l=6072
last-modified
Thu, 20 Jun 2024 17:12:59 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfWl_jFIfeR866ZXIM4wIgJ2Qm1gWqs-rDoNB_ezzVDQ:d2c7e51935c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cab9e3cf-TLV
ryeIFwwDoa_0_0_980_551_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/02/12/ryeIFwwDoa/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/02/12/ryeIFwwDoa/ryeIFwwDoa_0_0_980_551_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf5a9f7040e655378cbfe0738760b4a2d7c409668c53f83b2c3fb4750fa4834
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
9543
cf-resized
internal=ok/h q=0 n=21+91 c=0+0 v=2024.6.0 l=9543
last-modified
Wed, 19 Jun 2024 13:39:33 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf3U86SiYaLAGhmydH6-MBI98-1gWqs-rDoNB_ezzVDQ:5ede531e4ec2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cabce3cf-TLV
BJZoV9VN0_2_0_2041_1148_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/05/29/BJZoV9VN0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/05/29/BJZoV9VN0/BJZoV9VN0_2_0_2041_1148_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eeabaeb46570908443932d2b15f20d9c8cdd510f9bcc540f2821a6a7d1bb9fa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
10861
cf-resized
internal=ram/h q=0 n=0+91 c=0+0 v=2024.6.0 l=10861
last-modified
Thu, 20 Jun 2024 05:45:32 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfFrsgizA1vy6uxsnP9Q4ymw4k1gWqs-rDoNB_ezzVDQ:6a29f610d5c2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cabfe3cf-TLV
ByUT8uZ8A_0_7_367_207_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/ByUT8uZ8A/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/ByUT8uZ8A/ByUT8uZ8A_0_7_367_207_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ae9e4bee88b1e868e0766db32cdeec66cff6f9b903f5ee1c790910d1ae59c6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
9759
cf-resized
internal=ram/h q=0 n=0+109 c=0+0 v=2024.6.0 l=9759
last-modified
Thu, 20 Jun 2024 16:35:45 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfE0n6Jf0AKGKGnLusCNTNk6hy1gWqs-rDoNB_ezzVDQ:348c48e62fc3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cac0e3cf-TLV
rylh8riRS0_0_0_850_479_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/18/rylh8riRS0/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/18/rylh8riRS0/rylh8riRS0_0_0_850_479_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b7a964c972607c0477c9df639ecad83f81c8bd152e21d4b28df9a150f4a71f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
11658
cf-resized
internal=ram/h q=0 n=0+169 c=0+0 v=2024.6.0 l=11658
last-modified
Thu, 20 Jun 2024 17:13:30 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfpvnPV4b9GkBLe6ygWws3X3eV1gWqs-rDoNB_ezzVDQ:b4ba8a2c35c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cac1e3cf-TLV
SysuZnWUR_0_0_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/SysuZnWUR/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/20/SysuZnWUR/SysuZnWUR_0_0_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6128e798458b6680c53ac977e650264f7029e70a8847ff1d87ad57670dd5d750
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
5245
cf-resized
internal=ram/m q=0 n=0+210 c=0+0 v=2024.6.0 l=5245
last-modified
Thu, 20 Jun 2024 16:28:39 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf6rsiZs1WTWHClNcUXsMF9ms-1gWqs-rDoNB_ezzVDQ:2024fe82ec3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cac2e3cf-TLV
HyF2KU99n_0_16_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2023/07/23/HyF2KU99n/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2023/07/23/HyF2KU99n/HyF2KU99n_0_16_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40314fe234e13d05d55b6e2e5bceb7e7a941c83d67fa1ed5921a03c485496608
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
6365
cf-resized
internal=ram/h q=0 n=0+481 c=0+0 v=2024.6.0 l=6365
last-modified
Thu, 20 Jun 2024 11:08:35 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfulAMKfL85gdGBvO5lCZH99BZ1gWqs-rDoNB_ezzVDQ:8ef11322c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0cac3e3cf-TLV
rJBOxJAna_0_0_980_551_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/02/29/rJBOxJAna/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/02/29/rJBOxJAna/rJBOxJAna_0_0_980_551_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d7fb3edfc57e64e75db3fb16df9dec0a04c7861a20946e9945e4c69db474ee1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
13496
cf-resized
internal=ram/h q=0 n=0+101 c=0+0 v=2024.6.0 l=13496
last-modified
Thu, 20 Jun 2024 11:06:19 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf5e9vzvpjeQPTiwfArCN6Q5gO1gWqs-rDoNB_ezzVDQ:922a85e01c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e0dac9e3cf-TLV
SJCkmeNrA_29_0_667_375_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/10/SJCkmeNrA/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/10/SJCkmeNrA/SJCkmeNrA_29_0_667_375_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b5284bb0f68b06457f353f1e53d61b5f4bdf3b626310d6c5bfea130a418ebc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
27035
cf-resized
internal=ram/m q=0 n=0+232 c=0+0 v=2024.6.0 l=27035
last-modified
Thu, 20 Jun 2024 15:35:37 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cflbFNfzrYsSlF4SmuTLvLQ1Tl1gWqs-rDoNB_ezzVDQ:1ac0c57f27c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b38e3cf-TLV
4041792_0_0_1000_663_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2012/07/15/4041792/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2012/07/15/4041792/4041792_0_0_1000_663_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bed610fa7683e0b9dbd0387170aee7e10f2b792d76250ddd310fc99520f3fd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
13433
cf-resized
internal=ok/h q=0 n=23+113 c=0+0 v=2024.6.0 l=13433
last-modified
Thu, 20 Jun 2024 20:09:04 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfm6xktkpgzHdiiqYfr8EPFk8E1gWqs-rDoNB_ezzVDQ:a26af3b24dc3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b3ae3cf-TLV
H1lXtnGOa_0_0_2042_1148_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/01/03/H1lXtnGOa/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/01/03/H1lXtnGOa/H1lXtnGOa_0_0_2042_1148_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd285526e277e5e5c34f7e8ecad20c44f470fa073a099af0f8133e9b02253cbd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
7834
cf-resized
internal=ram/h q=0 n=0+136 c=0+0 v=2024.6.0 l=7834
last-modified
Wed, 05 Jun 2024 09:41:43 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfGkf8-ONTUYz035tTE4U2JeYr1gWqs-rDoNB_ezzVDQ:c6d254932cb7da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b3ce3cf-TLV
Sye6u11r7nY_0_0_980_551_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2022/01/05/Sye6u11r7nY/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2022/01/05/Sye6u11r7nY/Sye6u11r7nY_0_0_980_551_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d023f5a252c9bc8eba0ac1d24bb5ce6dd2b068b9ec613ae8af24c7e36a3d6a2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
9090
cf-resized
internal=ok/h q=0 n=31+278 c=0+0 v=2024.6.0 l=9090
last-modified
Mon, 25 Mar 2024 10:35:37 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfezFV_hGqYS7L339y52L_7vnI1gWqs-rDoNB_ezzVDQ:f24aff2ca07eda1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b3de3cf-TLV
rkfenXRVh_0_0_640_360_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2023/05/14/rkfenXRVh/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2023/05/14/rkfenXRVh/rkfenXRVh_0_0_640_360_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242ba2c79486aadc3f6c498e6690df280b718919e62146a63f49ca75e421363e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
10958
cf-resized
internal=ok/h q=0 n=24+204 c=0+0 v=2024.6.0 l=10958
last-modified
Sun, 03 Dec 2023 09:01:35 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfb4RKNBwtNVC-EZwa3M1FPWQ21gWqs-rDoNB_ezzVDQ:e2a13951c725da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b3fe3cf-TLV
rJkEP3Guw_2_209_979_552_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2020/10/25/rJkEP3Guw/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2020/10/25/rJkEP3Guw/rJkEP3Guw_2_209_979_552_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
503d7fa3023423149490e799938a272ecf847c78ac5e7a9aa9f311f06a4983e5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
6332
cf-resized
internal=ok/h q=0 n=27+100 c=0+0 v=2024.6.0 l=6332
last-modified
Sun, 03 Dec 2023 09:01:34 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf7Q2vtbAfdsxcYl1YJo5VNkkm1gWqs-rDoNB_ezzVDQ:d6b5951c725da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b41e3cf-TLV
B1ZYQOGxA_0_377_1200_675_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/04/09/B1ZYQOGxA/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/04/09/B1ZYQOGxA/B1ZYQOGxA_0_377_1200_675_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d95d6a7be788d690d54398a4ac74d9d2e64146b2cb0b262f9c5d9a5db8acf3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
5336
cf-resized
internal=ram/h q=0 n=0+69 c=0+0 v=2024.6.0 l=5336
last-modified
Thu, 20 Jun 2024 08:53:48 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfLzK10xwZWxDzLhg6PjmJ0Kkf1gWqs-rDoNB_ezzVDQ:1ab3b95defc2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b43e3cf-TLV
HJZHwVeIA_0_535_1200_675_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/19/HJZHwVeIA/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/19/HJZHwVeIA/HJZHwVeIA_0_535_1200_675_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5011ede4c1be5271190d87175a5ee617703ff83a3335f78d7013cdffa14b8c10
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
12606
cf-resized
internal=ram/h q=0 n=0+135 c=0+0 v=2024.6.0 l=12606
last-modified
Thu, 20 Jun 2024 06:17:05 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfGdiol4QCfbLBLCYn9XiqLGEu1gWqs-rDoNB_ezzVDQ:7cd2e778d9c2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b45e3cf-TLV
H1x4S11S1UA_0_0_1280_720_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/18/H1x4S11S1UA/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/18/H1x4S11S1UA/H1x4S11S1UA_0_0_1280_720_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a1dbdd13673e0396c70eed01d5ec5cf4d5de27ddc5ff5649ce67fde533c7a32
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
7064
cf-resized
internal=ram/h q=0 n=0+0 c=0+0 v=2024.6.0 l=7064
last-modified
Thu, 20 Jun 2024 15:46:18 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfGhau_R4BSQnGyeSSxIS9VjwQ1gWqs-rDoNB_ezzVDQ:3ae6b9fd28c3da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b46e3cf-TLV
SJk11D1d11d_0_104_1000_563_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2021/02/15/SJk11D1d11d/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2021/02/15/SJk11D1d11d/SJk11D1d11d_0_104_1000_563_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfef7653c16a466e88659de1a13c45f70da5e77a7a89d43f0a516b7babb3f7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
14998
cf-resized
internal=ok/h q=0 n=22+83 c=0+0 v=2024.6.0 l=14998
last-modified
Thu, 20 Jun 2024 09:25:25 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfTqPwiITybl8z6MMJJLJ_z5qp1gWqs-rDoNB_ezzVDQ:382885c8f3c2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b48e3cf-TLV
BkqrZMHE0_144_239_1650_928_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/05/29/BkqrZMHE0/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/05/29/BkqrZMHE0/BkqrZMHE0_144_239_1650_928_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4063c64a98777825bc06814a556e7534c58768d16979a977f7db94b8af69f7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
14392
cf-resized
internal=ok/h q=0 n=17+131 c=0+0 v=2024.6.0 l=14392
last-modified
Mon, 17 Jun 2024 06:06:46 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfi5KuRjkmcP5LLupkCyEgPMlF1gWqs-rDoNB_ezzVDQ:6e76a6887cc0da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b49e3cf-TLV
HySGSpgI0_0_275_3000_1688_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/19/HySGSpgI0/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2024/06/19/HySGSpgI0/HySGSpgI0_0_275_3000_1688_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9944a9ac4c42a172c437074e30b66fa8e8d6c08ad178c1db65a5a210326df5bb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
10049
cf-resized
internal=ram/m q=0 n=0+120 c=0+0 v=2024.6.0 l=10049
last-modified
Thu, 20 Jun 2024 03:21:27 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfTVtRfqC2T5vhRCr3Yf_Bt3A41gWqs-rDoNB_ezzVDQ:baa8f2efc0c2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b4ae3cf-TLV
8377351_0_0_465_264_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2018/02/28/8377351/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2018/02/28/8377351/8377351_0_0_465_264_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64278fb08a698a85c10c157773ab563f1f286f8e47150ff35337f7ee30eda58
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
14583
cf-resized
internal=ok/h q=0 n=18+113 c=0+0 v=2024.6.0 l=14583
last-modified
Wed, 19 Jun 2024 05:23:23 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfFrrjt9Opa4iMSUHVjb_yjgXF1gWqs-rDoNB_ezzVDQ:4096f5cd8c2da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b4be3cf-TLV
8009615_0_0_183_103_0_medium.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2017/09/03/8009615/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2017/09/03/8009615/8009615_0_0_183_103_0_medium.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb33de15825c145ac2510659c251dc6c4fd23ede02e53f351dae0d5bdfb7dff
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
2693
cf-resized
internal=ok/h q=0 n=49+0 c=0+80 v=2024.6.0 l=2693
last-modified
Tue, 18 Jun 2024 04:35:36 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfdjZntMXMhKWt6u8S9bYo1fWP1gWqs-rDoNB_ezzVDQ:40ee12f738c1da1:0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
896f10e12b4ee3cf-TLV
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
896f10e26ff7196d-FRA
ga4-vesty-1.04.js
ynet-pic1.yit.co.il/Common/Api/Scripts/GA4/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ynet-pic1.yit.co.il/Common/Api/Scripts/GA4/ga4-vesty-1.04.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.6.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca6c663d7cd5fb4e8f464fa4e4afb37fb53494090e4c1b20cb073bcc0885852

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 01 Apr 2024 06:17:44 GMT
server
cloudflare
age
261
etag
"ea47424ffc83da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, Max-age=300, must-revalidate
cf-ray
896f10dced45e3cf-TLV
expires
Sun, 21 Jul 2024 22:06:24 GMT
gtm.js
www.googletagmanager.com/ 		331 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3d99dd89083eb0188acd22a716288cadc2d45c381dba12aeef4d091bb74e0c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107861
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jun 2024 22:06:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 		463 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 17:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
17772
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147664
x-xss-protection
0
server
cafe
etag
1926151935331161023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 20 Jun 2025 17:10:13 GMT
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fwww.vesty.co.il%2Fmain
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
9dce55037d3b645e36e4f8fc30450dbd8682aac63f7c97d281ba71897a54eed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:25 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
918366d55f28e087
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jun 2025 03:53:35 GMT
5b15431d8dd2377634ba.js
yastatic.net/partner-code-bundles/1047751/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1047751/5b15431d8dd2377634ba.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
70c3ce73daf31d043a2758a009436ffaec8b7bdf66445a61710ff0a03ea6fcc2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
12635
last-modified
Wed, 19 Jun 2024 15:38:44 GMT
server
nginx/1.17.9
etag
"fd49460e065b878ed474d61135db2843"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Jun 2054 04:41:47 GMT
3f8eec22f23ba5d1c8a1.js
yastatic.net/partner-code-bundles/1047751/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1047751/3f8eec22f23ba5d1c8a1.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
f61b631d362e2c2871913a9ee475bc15f7d313fab09b535163f1c24a87655dca
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7942
last-modified
Wed, 19 Jun 2024 15:38:44 GMT
server
nginx/1.17.9
etag
"f8ff756e213a12cf98ea63d8a8eb6d2e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Jun 2054 04:41:47 GMT
4321999c8e0b2ffd8de4.js
yastatic.net/partner-code-bundles/1047751/ 		633 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1047751/4321999c8e0b2ffd8de4.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
bb9660e33b7ee735b54667073afa686be7203007562b4d1a5df360f3fd30d40a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
115475
last-modified
Wed, 19 Jun 2024 15:38:44 GMT
server
nginx/1.17.9
etag
"c9f4947a850e5b30027c011b6d5bc19c"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Jun 2054 04:41:47 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 10 May 2054 07:39:42 GMT
762230e953670489844c.js
yastatic.net/partner-code-bundles/1047751/ 		123 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1047751/762230e953670489844c.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
3772990a0b67d22f939a7b53e68cd5b9b58da3e36bddee8dc0b57a6d6763c0ec
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24654
last-modified
Wed, 19 Jun 2024 15:38:44 GMT
server
nginx/1.17.9
etag
"469b8cc895f4863ae7dc8d7d7bb7277c"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sun, 21 Jun 2054 04:41:47 GMT
tag
btloader.com/
Redirect Chain
  • https://mrb.upapi.net/code?w=5732901039636480&uponit=true
  • https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
  • https://btloader.com/tag?w=5732901039636480&upapi=true
56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Server
104.22.75.216 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94e0cc043779a5f2bfd716ab5c063683710b82cab82bb55819a269710d60e158

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2024 21:54:41 GMT
server
cloudflare
age
644
etag
"3944935cedcc06c3d48e1d284997f1e8"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
896f10e48a059010-FRA
content-length
18968

Redirect headers

date
Thu, 20 Jun 2024 22:06:25 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
98
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?w=5732901039636480&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
896f10e3b94c9010-FRA
loader.js
cdn.taboola.com/libtrc/ynet-vesty/ 		676 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f2d81a4815bf54044d0276b034c4874b37724c9fdccbfd049879383a5bf71440

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
gN4Gm23dluP3cU6qMoY5Qa.zlEhIBt6W
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:25 GMT
x-amz-request-id
E2QYB1QHZT536V1Q
age
6132
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
8
x-amz-replication-status
FAILED
content-length
68632
x-amz-id-2
ZdA90n7YKTvQHoR6PNUtNZsLIOk8yKhwX5UyoDKGjMOqEwa1mQ9AKrtU7zGFkueS41Y2CyCI1eM=
x-served-by
cache-mrs10558-MRS
last-modified
Thu, 20 Jun 2024 13:22:48 UTC
server
nginx
x-timer
S1718921186.620109,VS0,VE1
etag
"b8190e90079a54a08566bcf1c81ffe42591ef50a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
18
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
0
widget.js
cdn.userway.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
ac7c3dd84f3cd7cafadf1b5e77814c98d0439c1fe96f5eaf81f2370d2d155d4e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:25 GMT
via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
248
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702615
x-77-cache
HIT
x-cache
HIT
x-age
3109
x-accel-date
1718918076
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3JQwAAAwBisclxAH3VwIAAA
x-accel-expires
@1718921676
x-77-age
3109
last-modified
Tue, 18 Jun 2024 09:08:13 GMT
server
CDN77-Turbo
etag
W/"ea664e9b286460f8889aaea1004c6dba"
x-77-nzt-ray
cf8787270d839b53e1a774661ff51b28
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
MxTZIJcasfqqZ_6AjMhDdLdHkhf49OMm8ZzBoauh8Jx-Mm7rBQTGgA==
truncated
/ 		616 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		276 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		702 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		639 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		637 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		241 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		370 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		311 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
397e1fa6b641266ac6537f43be08647287bafc72dff55f1b04d58e464e5c3b74

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		364 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
543bee066850ffda34784bf04f96f06246a16f0a57d64a504fe459177e79056e

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
ads.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.google.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/acx-adwords-navigation-frontend-prod/1;script-src 'report-sample' 'nonce-WqnUYS9in6kWpQm2uDv6xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
Strict-Transport-Security max-age=3600; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

acx-server-start-time
1718921185857
acx-server-time
10
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/acx-adwords-navigation-frontend-prod/1;script-src 'report-sample' 'nonce-WqnUYS9in6kWpQm2uDv6xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA"
date
Thu, 20 Jun 2024 22:06:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA"}]}
server
ESF
server-timing
server-processing;dur=10
strict-transport-security
max-age=3600; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-trace-id
1177509069753578518
x-xss-protection
0
/
ads.google.com/ 		0
0
1250.png
www.vesty.co.il/Cnt/Images/Weather/ 		672 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vesty.co.il/Cnt/Images/Weather/1250.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.247.165.243 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-165-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/main
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

backend-cache-control
Date
Thu, 20 Jun 2024 22:06:25 GMT
Last-Modified
Fri, 31 May 2024 01:32:19 GMT
ETag
"c2826d31d827d41:0"
Content-Type
image/png
VX-Cache
MISS
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
672
V-TTL
0
5B3OZHWAV
www.vesty.co.il/iphone/json/api/auto_ticker/ 		30 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.vesty.co.il/iphone/json/api/auto_ticker/5B3OZHWAV
Requested by
Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.165.243 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-165-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9874144bf97aa4df77c8feb877dd5e0f29b0d2d86e54d38b0ed8828089b95cf1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.vesty.co.il/main
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

backend-cache-control
x-me
${S_HOSTNAME}
x-version
V3
content-encoding
gzip
date
Thu, 20 Jun 2024 22:06:25 GMT
vx-cache
HIT
wai
01
v-ttl
8
content-length
6015
last-modified
Thu, 20 Jun 2024 22:05:24 GMT
osv
c8
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
vg_id
2
PRE
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
age
27986
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length
0
date
Thu, 20 Jun 2024 14:19:59 GMT
server
nginx
vary
Origin
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id
Vs7gPlRqw_RnKsKHCCYjh3qt9H8zS-hSdpYbvNnX9BfK7w4AW9JEvw==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
POST
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
age
27986
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length
0
date
Thu, 20 Jun 2024 14:19:59 GMT
server
nginx
vary
Origin
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
x-amz-cf-id
fDEamlOYi4ouE9LJN5v0jh3Ily5UrnlbOJ5rGfn4Apx4eWMTbUfxZA==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
survey.js
cf.dxmcdn.com/dta/ 		373 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/survey.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-121.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50f333fc1aa942122b5ba5eea88bfff45a33a6d71e7a169383bc02d64097deb5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
MDVqVShTWjgpnHbEki8YrXu4eIhWChDV
content-encoding
br
via
1.1 1fa1c6285afcbdedfbb042a0993ed182.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 14:19:01 GMT
last-modified
Tue, 18 Jun 2024 14:18:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
28045
x-amz-server-side-encryption
AES256
etag
W/"24f957e6097a9703344a94208e7574bc"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
0IYoEuUI-k-CGMkQ3dJQt_PsiME_4c0MXcUgUIiywFZCYH9SIxXdQA==
PRE
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 		0
314 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/javascript

Response headers

date
Thu, 20 Jun 2024 14:19:59 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
age
27987
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
BIb3bx9Ad3RaIARqUJhH0hxng-igQlMC_SgFWsljgLogbhSTaYtcKQ==
POST
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 		0
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/javascript

Response headers

date
Thu, 20 Jun 2024 14:19:59 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
age
27987
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
QzmqX_pACMUohRxq9Zm73plMnwE4a0Bo_2tCITcSNNX_CQxWUKcgEg==
dmp-main.js
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 		257 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fba6e5c7640a42ca92ea06178c3def129237a18935bb31b3d6980dc184df3336

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:19:56 GMT
content-encoding
br
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P5
age
27989
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
yEaWkLqe__gvfNMgVmVNNnmkkCfiauz6yzVBrW1d3gVGH72YgdTpmg==
6870
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/6870?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
cb0999f71e9cd0b3e4840d09fdb2efe0f54f7b5ee4f64c6d339aa0ef6e1eae7f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Skku88U3kLqawusKc31vbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Skku88U3kLqawusKc31vbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0ZBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4vbPF1inA_GSiIushxKB-PFF1lNALMTN8ej8pc1sAg07uxSUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDC31DEzjCwwA0q1DGg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
widget_app_base_1718701551140.js
cdn.userway.org/widgetapp/2024-06-18-09-05-51/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
6aaebe577c186a50a1a101fc8b8d3717037e9e06b04411aaa1ab6181ca7820bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:25 GMT
via
1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
834
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702616
x-77-cache
HIT
x-cache
HIT
x-age
218569
x-accel-date
1718702616
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3yVUDAAwBnJIhJwH3DQAAAA
x-accel-expires
@1744622603
x-77-age
218569
last-modified
Tue, 18 Jun 2024 09:08:08 GMT
server
CDN77-Turbo
etag
W/"77708384a0baaf6b42aab0ec27776aab"
x-77-nzt-ray
cf8787277070d461e1a77466e47f7236
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
abosIwSIJzFaOE5IBt217N739FeFPEdi_rgWO-L4Xgb6p5NxigJXrA==
impl.20240613-38-RELEASE.js
cdn.taboola.com/libtrc/ 		894 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kDdRQIto.UimJAn8RYg2PIl7jTgGdrmJ
content-encoding
br
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:25 GMT
x-amz-request-id
8AZHZJYK6MBFVB8J
age
23398
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
185973
x-amz-id-2
xvC//C4Gq6sq8Wm3/LQsp7oPnWVxH6O+Niknj1SpxeMU3FNpKRcTBInibTWVQaWWv45kcmOxxoc=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:34:51 GMT
server
AmazonS3-br
x-timer
S1718921186.876807,VS0,VE0
etag
"042851c31b8a4c3431c8a5dc787dcb70"
vary
Accept-Encoding
content-type
application/javascript
abp
53
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
49473
js
www.googletagmanager.com/gtag/ 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
59aaa87b9ed9ef5fd9f320d5bd3697cb5d6a0b6fcc9850bb530fda7c0b378b58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
101905
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 20 Jun 2024 22:06:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Jun 2024 20:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5839
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 20 Jun 2024 22:29:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Jun 2024 22:06:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=12, mss=1380, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
gGUVfMEdeZN+OOYF5tYycQ4erBEEYbyFR9olh9Oo2UGbusLzbr4CX+hh3D3uRYXwyboSCBoPterZqbqnG7qxLQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
TMdH3tdGg3
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/TMdH3tdGg3
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.241.96.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-96-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0d63746b8f87a688f836fd6abf78fda80ab76dee5a0b61830f93db09331b82e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
etag
W/"791-aikNBy4i28aBnQE+BwNwLJGhnvM"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usrfe415c8153c0474
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
1937
x-service-version
uw-pr
google-topics-api.20240613-38-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
XsvnrjNAlBw0a9taDHAzCIHEkXPBbcXh
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
491XDDP1P3PFSYZX
age
368999
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
980
x-amz-id-2
Bv4ZHA2WMcWghcLI6IvhxOBzrkCGdUNR2YnCVwZkPrfjem++XyVo4bF14PRRvMB9840TH+oB09E=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:35:17 GMT
server
AmazonS3
x-timer
S1718921186.074550,VS0,VE0
etag
"ffe1084a0475919857c0fccef40b2f0e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
248272
card-interference-detector.20240613-38-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20240613-38-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3cfbb5907650fdc2314ce6544acf9f4c69c21eb0464db44c4566615c09a3d61

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
IHqCIM3m1c7etMD1vSLdzQa44Y5ZurFV
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
3111W750523C5P21
age
368945
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2182
x-amz-id-2
vo0ZLgNy+wPPukmYQyC12djT+8m2rJjW8QPrajiM7XGF3KxAZV3qJfF7JsNGvNo6m4gudzKuSVA=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:35:39 GMT
server
AmazonS3
x-timer
S1718921186.077801,VS0,VE0
etag
"47842b659a7816d63e3f310da161dd24"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
140565
sync
gum.criteo.com/ 		46 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:25 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
301536
expires
60
json
trc.taboola.com/ynet-vesty/trc/3/ 		71 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/trc/3/json?tim=01%3A06%3A26.037&lti=deflated&data=%7B%22id%22%3A873%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1718552231035%2C%22vi%22%3A1718921186034%2C%22cv%22%3A%2220240613-38-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22126.0.6478.114%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%22%2C%22vpi%22%3A%22%2Fmain%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4425%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-wide-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Home%20Page%20Thumbnails%20ND%22%2C%22orig_uip%22%3A%22Mid%20Home%20Page%20Thumbnails%20ND%22%2C%22cd%22%3A2056%2C%22mw%22%3A1240%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbs-feed-01%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20ND%22%2C%22orig_uip%22%3A%22Below%20Homepage%20ND%22%2C%22cd%22%3A4362%2C%22mw%22%3A1240%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20ND%3Dthumbs-feed-01%3Aabp%3D0%2C%2CMid%20Home%20Page%20Thumbnails%20ND%3Dthumbnails-wide-nd%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12d3ca8c01dad1e1a0617524f0b926554459456f507e34944f3ebc16e9dd1a36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
380
date
Thu, 20 Jun 2024 22:06:26 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.30312500000000003
x-fastly-to-nlb-rtt
74249
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mrs10558-MRS
x-log-content-encoding
gzip
server
nginx
x-timer
S1718921186.090821,VS0,VE380
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1225355
x-guploader-uploadid
ABPtcPojVGoMx1H1QSVjSjFWZO313ogWDXbsjw-V38wSN2-W1lG5Whj9aWg9aJXgDtrCY2uu7B58KGZmsw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PvoU3bEzrgEt0Ze2pHlmK35Xt4UO39FOQQ%2FVlkYeT2U14TnAHLzITM8vaRnXsv9DCDT3PBJ9PPN1m%2BZ%2FCv%2B7yonufF0EYfu6vwrpQ6LrgrVBg0W58AyxFlGMlcQ6TKrLXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
896f10e60f19e3d7-TLV
expires
Thu, 06 Jun 2024 17:44:07 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:45:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jun 2024 14:45:33 GMT
px.gif
ad-delivery.net/ 		43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3009613064176866
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1225355
x-guploader-uploadid
ABPtcPojVGoMx1H1QSVjSjFWZO313ogWDXbsjw-V38wSN2-W1lG5Whj9aWg9aJXgDtrCY2uu7B58KGZmsw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEkoQCSfwWnbIfK%2BF6VwHLzun7JYa1FcmpOB6M3wg8Cq3xtsVlfbkBZZuiFJ5v42sDlAeyHGQuPMs7o8wqKvopg48LxOFaFg18%2FW3Mud%2BWL2k3GR%2BhFeffXK53bWs%2Bpv%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
896f10e60f14e3d7-TLV
expires
Thu, 06 Jun 2024 17:44:07 GMT
id
event.dxmdp.com/rest/api/v1/ 		49 B
547 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/id
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9360090461f4defaeb9d276f3d863491bdca64cf86c829bd0bee7430706d5d5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
x-amz-cf-id
W5iPMpvOCbhKw9qEM0aniS93GsHTB_hXGKpMwBiF7fqlnOXAnUqk9A==
id
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/id
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 20 Jun 2024 22:06:26 GMT
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
4p78_XNGqr80m2FeSaDBkWbZWkcp3v9Yh1atcAZfAw5-daX8qwu76g==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 3C32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20240613-38-RELEASE.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

abp
32
accept-ranges
bytes
access-control-allow-origin
*
age
30911
cache-control
private,max-age=31536000
content-encoding
gzip
content-length
340
content-type
text/html
date
Thu, 20 Jun 2024 22:06:26 GMT
etag
"8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified
Tue, 13 Feb 2024 13:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 varnish
x-amz-id-2
SfVlpualZqhebbTa0GuYYkwlEzIMayHpfSDp94jIOmOFMWybMETvPLfes26kJQARjA89djFQfbw=
x-amz-replication-status
COMPLETED
x-amz-request-id
4E26YER47WG1QT9B
x-amz-server-side-encryption
AES256
x-amz-version-id
4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache
HIT
x-cache-hits
21729
x-served-by
cache-mrs1050104-MRS
x-timer
S1718921186.356448,VS0,VE0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=45je46j0v870073666z872590624za200zb72590624&_p=1718921184691&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1733805880.1718921186&ecid=1298040031&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20Vesty.co.il%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sid=1718921186&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&en=page_view&_fv=1&_nsi=1&_ss=1&ep.dc_path=50.Vesti-1.Home&ep.page_type=Home%20Page&ep.ad_blocker=false&ep.piano_id=&ep.user_type=guest&tfd=2773&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HBGSDK9P6D&cid=1733805880.1718921186&gtm=45je46j0v870073666z872590624za200zb72590624&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HBGSDK9P6D&cid=1733805880.1718921186&gtm=45je46j0v870073666z872590624za200zb72590624&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1416372476
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
survey-executed
tr.dxmcdn.com/rest/api/v1/ 		0
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/survey.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
xSGDOzYc67taCpQCNmbHPg6YvPn-6oKf3D1u3JEpohmA4Ad2jRvM0w==
expires
0
survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-13.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 20 Jun 2024 22:06:26 GMT
expires
0
pragma
no-cache
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-id
wVh3K0qx-fXk3EW02cZrUQ_BxhKI3xvkY68EC-Hdcx94NGMTxq8haA==
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
AGSKWxXCd3N3Wgr9OlypSm89urT1QthW8g2C9d-mOYVCWVWI3v6zBn3yih24V-5C-3SlOmsFwflEU1LpEEyxweHhWv14lQvxHlWiR21HW27KKE-KhFtNU_vTB3hIKteDXYZ-c7TvgTTIzQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXCd3N3Wgr9OlypSm89urT1QthW8g2C9d-mOYVCWVWI3v6zBn3yih24V-5C-3SlOmsFwflEU1LpEEyxweHhWv14lQvxHlWiR21HW27KKE-KhFtNU_vTB3hIKteDXYZ-c7TvgTTIzQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4OTIxMTg2LDI3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudmVzdHkuY28uaWwvbWFpbiIsbnVsbCxbWzgsInJxcmtPcUxKT1F3Il0sWzksIml3Il0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
c5729a4a54c6732ad2002f0aae9f8e45f4c270306d6855253e481ebd0a3871c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4vjgmllrax9VIcXW2f6Pog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-4vjgmllrax9VIcXW2f6Pog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEoH48UXWU0AsxMPx6PylzWwCHzbMX8WopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgZmipZ2AaX2AAAGVgPxg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 7B4E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
2887
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28560
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 21:18:19 GMT
expires
Thu, 20 Jun 2024 22:08:19 GMT
last-modified
Mon, 17 Jun 2024 19:47:23 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6b4f1810d09ba0318aa589cad3007f0012e3646698e17dbb778a3094575d50c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 03 Jun 2024 10:49:47 GMT
server
nginx
etag
W/"665d9fcb-a609"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Jun 2024 22:06:26 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 google, 1.1 google
last-modified
Mon, 05 Feb 2024 22:07:56 GMT
server
Google Frontend
etag
cd19e0900da0cdbc6697310fd9330fb6
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
08bafb7561e8bd513487b77e69bbe543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1195
ads
securepubads.g.doubleclick.net/gampad/ 		777 KB
136 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3311938326684890&correlator=540746644143476&eid=31079957%2C31084400%2C31084730%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=6870%2Cvesty%2Cdesktop%2Cinterstitial.adx%2Ctop%2Ccentral%2Cbox.1%2Cbox.2%2Cbox.3%2Cbox.4%2Cbig.strip.1%2Cbig.strip.2%2Cskyscraper.left%2Cskyscraper&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2C%2F0%2F1%2F2%2F6%2F5%2C%2F0%2F1%2F2%2F7%2F5%2C%2F0%2F1%2F2%2F8%2F5%2C%2F0%2F1%2F2%2F9%2F5%2C%2F0%2F1%2F2%2F10%2F5%2C%2F0%2F1%2F2%2F11%2F5%2C%2F0%2F1%2F2%2F12%2F5%2C%2F0%2F1%2F2%2F13%2F5&prev_iu_szs=1x1%2C1x1%7C1x2%7C970x90%7C970x250%7C1000x200%7C970x130%7C970x350%7C970x100%7C1192x250%7C1192x350%7C1192x90%7C1192x100%7C1192x130%2C300x250%2C320x50%7C300x250%2C300x232%2C300x232%2C1240x125%7C970x90%2C1240x125%7C970x90%2C160x600%7C160x601%7C1x1%2C160x600%7C160x601%7C1x1&fluid=0%2C0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0%2C0&ifi=1&sfv=1-0-40&ists=512&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&fsapi=512&sc=1&cookie_enabled=1&abxe=1&dt=1718921186302&lmt=1718920531&adxs=-9%2C315%2C810%2C1120%2C810%2C1120%2C180%2C180%2C0%2C1440&adys=-9%2C5%2C656%2C656%2C921%2C921%2C3018%2C3509%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C0%7C0%7C1%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=180&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain&vis=1&psz=0x-1%7C1240x10%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1240x-1%7C1240x-1%7C1600x4425%7C1600x4425&msz=0x-1%7C980x10%7C300x-1%7C300x-1%7C300x-1%7C300x-1%7C1240x-1%7C1240x-1%7C160x-1%7C160x-1&fws=2%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C512%2C512&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1733805880.1718921186&ga_sid=1718921186&ga_hid=1308835795&ga_fc=true&topics=9&tps=9&htps=10&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGPmXv72DMkgAUgIIZBIXCghydGJob3VzZRj5l7-9gzJIAFICCGQ.&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718921184244&idt=1438&cust_params=dxu%3D%26permutive%3D%26dxseg%3D%26ynfi%3D0%26dckw%3D0%26ngch%3D0%26yrca%3D0%26dcTag%3D%26ynch%3D50.Vesti-1.Home%26dcPath%3D50.Vesti-1.Home%26dccg%3Dmain%26ynvc%3D0%26yncd%3D50%26callType%3DGPT%26dcsch%3Dnull%26dccw%3Dhigh_res%26dcsw%3D1600%26dcunigpt%3Dview1%26charset%3DUTF-8&adks=2106902652%2C4127172794%2C886418757%2C2427552119%2C341758666%2C2204950338%2C3616679890%2C645496518%2C273824712%2C2495267343&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
fbd219ff458d049346872168c227d9b256e750ff94cde91002a4681ed40f2b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,156443,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139668
x-xss-protection
0
google-lineitem-id
-1,6736664550,6740162565,6677762800,-1,-1,6735341165,5588433296,6736664550,6736664550
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138478337412,138479291282,138467790003,-1,-1,138477112083,138337137787,138479003200,138479003290
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:26 GMT
expires
Thu, 20 Jun 2024 22:06:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
446f7c65e1de0a18255d01cecde19deece10b1a141de771a4095d30f9782007e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 13:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
32341
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15210
x-xss-protection
0
server
cafe
etag
16599652583879936860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 20 Jun 2025 13:07:25 GMT
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1308835795&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&dp=%2Fmain&dh=vesty.co.il&ul=he-il&de=UTF-8&dt=Vesty%20%7C%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8F%20%7C%20Vesty.co.il%20%7C%20%D0%92%D0%B5%D1%81%D1%82%D0%B8%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=669027320&gjid=1625318172&cid=1733805880.1718921186&uid=0&tid=UA-5536870-20&_gid=1944694964.1718921186&_slc=1&gtm=45He46j0n71NB9MN6v72590624za200&cd1=false&cd2=0&cd3=0&cd4=2024%2F06%2F22%2002%3A06%3A26&cd12=Home%20Page&cd14=50.Vesti-1.Home&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=2074953056
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5536870-20&cid=1733805880.1718921186&jid=669027320&gjid=1625318172&_gid=1944694964.1718921186&_u=YCDAgEABAAAAAGAAI~&z=727936472
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=iw for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 20 Jun 2024 22:06:26 GMT
935048389980151
connect.facebook.net/signals/config/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/935048389980151?v=2.9.158&r=stable&domain=www.vesty.co.il&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
96427e500331e6159f5054e7675dcf50b255f5e85cd7dee7447d0ff580cc2d59
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Jun 2024 22:06:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=54, rtx=0, c=62, mss=1380, tbw=63552, tp=-1, tpl=-1, uplat=109, ullat=0
pragma
public
x-fb-debug
p7vQU2SX67K2LQIX7dARN8hC+HkBGDpNVO4uiArkj2RbBR8Sg44JVpN3kXpRtDY6dorNqQsWuQAjU44Cgsog9w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
country
api.btloader.com/ 		37 B
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=6244355308257280
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
f7a86fb86eeb445ba6127d4e1aab289ddb8a190cee892f05a467cfb8718efd47

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=0tRqXiUxTi&w=5732901039636480&o=6244355308257280&cv=2.1.46-1-ge6dd43d&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain&sid=ZWEw5A4BmO&pm=true&upapi=true
Requested by
Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 22:06:26 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5536870-20&cid=1733805880.1718921186&jid=669027320&_u=YCDAgEABAAAAAGAAI~&z=1460974137
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5536870-20&cid=1733805880.1718921186&jid=669027320&_u=YCDAgEABAAAAAGAAI~&z=1460974137
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
feed-card-placeholder.20240613-38-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20240613-38-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8d376e82a994285cc5382ac74d502fa36b999572b352c1a5438026e18a50f79

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6JOgJZhx3e8nEF0nJmFGjqQzLmAYXK1f
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
491TCANCA8YNWCE9
age
369000
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1263
x-amz-id-2
N1lOaOpWuz028d1jad/k4w2Apc1HtGmONyh9S3YS0ClA9GEIOkzri3VMgazbe6PTfKySK6egzLg=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:35:27 GMT
server
AmazonS3
x-timer
S1718921187.595461,VS0,VE0
etag
"5dd3a1ae5bc39d13b91ae9aa6ce722e0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
24
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
426159
userx.20240613-38-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240613-38-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90e901fbbc352c09a20013f5e984159ab7373e9695dcc4d3569a589c99a6c67b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
vL_AhsJjBOIAbK8gFq.SKXkELi7wPbif
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
JPMR43VBVNEZZBCY
age
368934
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5569
x-amz-id-2
5V1/lEZ5TDhMo1OO/qsaMi2kms5T0n1zGwI9ZPDmFzOhDMCchIXF+rGmQtGhSVH/5EEgP5EFalY=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:35:40 GMT
server
AmazonS3
x-timer
S1718921187.609600,VS0,VE0
etag
"b9ce91d75849200246dd4e54518e95cf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
55
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
48489
distance-from-article.20240613-38-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240613-38-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2ef79fd7b05000bfb5c0175224fbd3a5428baccc438a8eddef4a52745751b3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
EC714fikN3v0l9s7LAnvBpGVAogWbDA3
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
10TYJHHV14A92Q5D
age
368939
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1525
x-amz-id-2
5m8TGhKuSd936Y4F0tkjbUZujzwXbzjtX9Iww1GUAAq8hEDps1nm0GpJ49/31N+HqC+xhntKe7Q=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:35:34 GMT
server
AmazonS3
x-timer
S1718921187.609992,VS0,VE0
etag
"3fb9591bf811a47bee97415d58da0084"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
447238
article-detection.20240613-38-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240613-38-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a27b51f0f695fb3a45828855e1c3699fbbbd6f2423c6be13380649dc2d46b052

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bb_NZWLCV.RQb9_b.gbL20RN5D5XI4o3
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
10TXFWHZT3MRYWTG
age
368939
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1293
x-amz-id-2
MRKlRLKiEqb/fZl7wfD2Iy8F0NUJ4sBqA7wN9WD8wKhtTWYT2HobWf6L7p9n0ZrLHBVwu6o44rA=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 15:35:44 GMT
server
AmazonS3
x-timer
S1718921187.610221,VS0,VE0
etag
"d22885dc7dce1cba314b29811d833fa0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
446415
abtests
il-trc-events.taboola.com/ynet-vesty/log/3/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/ynet-vesty/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi50=10821&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1718921186580%7D&tim=01%3A06%3A26.580&id=143&llvl=2&ri=87b98f43c8c2707f7efe70c7b8ab8b76&sd=v2_74ab49bd0e80353d5069a849c3726e7e_beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62_1718921186_1718921186_CIi3jgYQyYtDGPKVv72DMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABo4uPVg8u34P65AXAB&ui=beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62&pi=/main&wi=893850554882200731&pt=home&vi=1718921186034&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.vesty.co.il
pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/ynet-vesty/log/3/ 		0
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/ynet-vesty/log/3/abtests?route=AM:IL:V&tvi2=5906&tvi50=10821&lti=deflated&ri=87b98f43c8c2707f7efe70c7b8ab8b76&sd=v2_74ab49bd0e80353d5069a849c3726e7e_beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62_1718921186_1718921186_CIi3jgYQyYtDGPKVv72DMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABo4uPVg8u34P65AXAB&ui=beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62&pi=/main&wi=893850554882200731&pt=home&vi=1718921186034&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1718921186554%7D&tim=01%3A06%3A26.555&id=1195&llvl=2&cv=20240613-38-RELEASE&
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
B31903165.394063426;dc_pre=CJaQ6LWY64YDFZKI_Qcdkn4G0A;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc...
ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/B31903165.394063426;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
  • https://ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/B31903165.394063426;dc_pre=CJaQ6LWY64YDFZKI_Qcdkn4G0A;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_...
42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/B31903165.394063426;dc_pre=CJaQ6LWY64YDFZKI_Qcdkn4G0A;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=vesty.co.il
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N2228804.2069703TABOOLA/B31903165.394063426;dc_pre=CJaQ6LWY64YDFZKI_Qcdkn4G0A;dc_trk_aid=585699809;dc_trk_cid=215204199;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?;dc_ref=vesty.co.il
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:26 GMT
x-amz-request-id
V1WH4JMXSPB6FXB1
age
25
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
CsKKc5MMh969XY/9mm/BxqQBNSgvrVdAMUQLLQgdLlYDIPnef5REbGdF2FswqffMtT+psYJfxi4=
x-served-by
cache-mrs10558-MRS
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1718921187.633297,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
10
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8
d45b67c1801d8fd2200070635d356b3a.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_48/c_fill%2Cw_740%2Ch_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_48/c_fill%2Cw_740%2Ch_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d45b67c1801d8fd2200070635d356b3a.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fa31d9217b31a4e3adb1d2496336bd48753d8d01f8c950c76e3f0c17ee779085

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_48/c_fill%2Cw_740%2Ch_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d45b67c1801d8fd2200070635d356b3a.png
age
2115198
edge-cache-tag
297147969016679188800060564864317079754,394115490820800377358282554635490054131,29ecf9b93bbf306179626feeda1fab70
cache-tag
297147969016679188800060564864317079754,394115490820800377358282554635490054131,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
398
req-referer
https://apnews.com/
content-length
23264
x-request-id
87527eeb149f520b9a7fa778de003116
x-served-by
cache-iad-kjyo7100150-IAD, cache-iad-kjyo7100051-IAD, cache-bur-kbur8200106-BUR, cache-iad-kjyo7100117-IAD, cache-mrs10558-MRS
last-modified
Mon, 27 May 2024 09:09:28 GMT
server
nginx
surrogate-reporting
width=740,height=412,bytes=37070,owidth=1200,oheight=800,obytes=1403660,ef=(1,13,17,23,30)
x-timer
S1718921187.687219,VS0,VE0
etag
"34b328d7e36a803b89973330f4807102"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 797
fbd976444398ad3b1cae56364e0dab12.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbd976444398ad3b1cae56364e0dab12.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3122b0fcf621aea5194bb26f72870de9e2dd2ee9e2ed6ecfb8e9cd62cee20cfe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbd976444398ad3b1cae56364e0dab12.jpg
age
1413108
edge-cache-tag
585486110046912938520074982885047473350,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
585486110046912938520074982885047473350,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
170
req-referer
https://pplus.ynet.co.il/
content-length
54046
x-request-id
1bcde387247eeabda7e68f4681a4ff1c
x-served-by
cache-iad-kiad7000177-IAD, cache-iad-kcgs7200150-IAD, cache-lga21980-LGA, cache-iad-kiad7000109-IAD, cache-mrs10558-MRS
last-modified
Tue, 04 Jun 2024 13:33:15 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=123061,owidth=1200,oheight=800,obytes=175637,ef=(1,13,17,23,30)
x-timer
S1718921187.686633,VS0,VE0
etag
"42ee9a07b2378307bd7e44d178bddcb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2174
f874466088809506ec2bc4832d40cae1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f874466088809506ec2bc4832d40cae1.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2af3eb5f02bf5e977078ade1a27774be79d0e8e31bdd3dc723bc5f48550c2b08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f874466088809506ec2bc4832d40cae1.png
age
372872
edge-cache-tag
343234407623547765029996086042236607747,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
343234407623547765029996086042236607747,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
100
req-referer
https://www.vesty.co.il/
content-length
14200
x-request-id
6a2e712f5d2912b49bb68e216485c8f5
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kjyo7100069-IAD, cache-lga21932-LGA, cache-iad-kcgs7200131-IAD, cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 14:31:54 GMT
server
nginx
surrogate-reporting
width=876,height=487,bytes=47097,owidth=880,oheight=487,obytes=658410,ef=(1,13,17,23,30)
x-timer
S1718921187.687264,VS0,VE0
etag
"9e7d4138264d6eca3489b99f59535b59"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 553
a0b650b6-4183-4512-91f2-d1564ab11198__ZuopIzVf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/a0b650b6-4183-4512-91f2-d1564ab11198__ZuopIzVf.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7029768f2de730c0afd8c527aa83cdc663ead0cf5c795529ba3e17526d7db75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/a0b650b6-4183-4512-91f2-d1564ab11198__ZuopIzVf.jpg
age
1723141
edge-cache-tag
460096287752685921256019881774875126553,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
460096287752685921256019881774875126553,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
689
req-referer
https://www.ynet.co.il/
content-length
23476
x-request-id
5256f52905601c188782b9951f26b9c7
x-served-by
cache-iad-kjyo7100140-IAD, cache-iad-kjyo7100154-IAD, cache-lga21953-LGA, cache-iad-kiad7000064-IAD, cache-mrs10558-MRS
last-modified
Thu, 09 May 2024 10:30:32 GMT
server
nginx
surrogate-reporting
width=480,height=267,bytes=32161,owidth=1344,oheight=768,obytes=144347,ef=(1,13,17,23,30)
x-timer
S1718921187.687260,VS0,VE0
etag
"b5609afaa07ceb3ce66576fa2420ae1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 70, 1099
89d2c59a819371e40f10a49052b6cc0c.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_1%2Cy_0/c_fill%2Cw_480%2Ch_267/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_1%2Cy_0/c_fill%2Cw_480%2Ch_267/http%3A//cdn.taboola.com/libtrc/static/thumbnails/89d2c59a819371e40f10a49052b6cc0c.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
416e13622f327a53639cfeba605442b167c7f802a70bccd1c25d9af00cbb7d3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_1%2Cy_0/c_fill%2Cw_480%2Ch_267/http%3A//cdn.taboola.com/libtrc/static/thumbnails/89d2c59a819371e40f10a49052b6cc0c.png
age
4012231
edge-cache-tag
421391515938860834280756734664997249222,424393616786424826754896417372023947152,29ecf9b93bbf306179626feeda1fab70
cache-tag
421391515938860834280756734664997249222,424393616786424826754896417372023947152,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
103
expiration
expiry-date="Mon, 06 May 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ynet.co.il/
content-length
18458
x-served-by
cache-iad-kcgs7200119-IAD, cache-iad-kcgs7200070-IAD, cache-lga21938-LGA, cache-iad-kjyo7100126-IAD, cache-mrs10558-MRS
last-modified
Fri, 05 Apr 2024 11:14:41 GMT
server
nginx
surrogate-reporting
width=480,height=267,bytes=25827,owidth=1000,oheight=600,obytes=922823,ef=(1,13,17,23,30)
x-timer
S1718921187.687682,VS0,VE0
etag
"a737a6f450e878e31392515096766b9a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 35, 0, 490, 1499
1024096812__kNqNFVD5.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2121%2Cx_0%2Cy_219/c_fill%2Cw_480%2Ch_267/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2121%2Cx_0%2Cy_219/c_fill%2Cw_480%2Ch_267/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1024096812__kNqNFVD5.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5fe134a8632594aec805a6d7082a0cf93dd217c7a835ad52ce075261ccfa639

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2121%2Cx_0%2Cy_219/c_fill%2Cw_480%2Ch_267/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1024096812__kNqNFVD5.jpg
age
1431692
edge-cache-tag
445100401443733244058381634365777205035,302641167884922394688262458785813139892,29ecf9b93bbf306179626feeda1fab70
cache-tag
445100401443733244058381634365777205035,302641167884922394688262458785813139892,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
236
expiration
expiry-date="Sat, 22 Jun 2024 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
27580
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kcgs7200165-IAD, cache-bur-kbur8200081-BUR, cache-iad-kjyo7100177-IAD, cache-mrs10558-MRS
last-modified
Wed, 22 May 2024 17:23:25 GMT
server
nginx
surrogate-reporting
width=480,height=267,bytes=33330,owidth=2121,oheight=1414,obytes=2313477,ef=(1,13,17,23,30)
x-timer
S1718921187.687297,VS0,VE0
etag
"717fce78865abdaeb852495374e9734d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1968
abcd148c9504fef059b05e26f7137215.jpg
images.taboola.com/taboola/image/fetch/h_267,w_480,c_pad,b_white/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_267,w_480,c_pad,b_white/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abcd148c9504fef059b05e26f7137215.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e4154dd1f50dcac6aeb2481d3a671d229de77aa2c4ba68c55d4ab1033d23badf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_267,w_480,c_pad,b_white/http%3A//cdn.taboola.com/libtrc/static/thumbnails/abcd148c9504fef059b05e26f7137215.jpg
age
47834
edge-cache-tag
602072965626138009055122775588548647373,603035751207444107868823880244670021302,29ecf9b93bbf306179626feeda1fab70
cache-tag
602072965626138009055122775588548647373,603035751207444107868823880244670021302,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
317
req-referer
https://www.ynet.co.il/
content-length
11424
x-request-id
e81037b937b3c8db9942ff8e58da371d
x-served-by
cache-iad-kcgs7200081-IAD, cache-iad-kcgs7200081-IAD, cache-lga21925-LGA, cache-iad-kcgs7200152-IAD, cache-mrs10558-MRS
last-modified
Mon, 20 May 2024 11:58:14 GMT
server
nginx
surrogate-reporting
width=480,height=267,bytes=35856,owidth=1404,oheight=936,obytes=935226,ef=(1,17,30,97)
x-timer
S1718921187.791208,VS0,VE0
etag
"2fdb8885ff5943ddd06df569d7764105"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 48
69cc257a2dbb2b0ae11bccfa685d38de.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69cc257a2dbb2b0ae11bccfa685d38de.jpeg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f58d463f9f9bba6faad4742ac1366ef910498be3dde0fd167542d0819d52b02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/69cc257a2dbb2b0ae11bccfa685d38de.jpeg
age
3673352
edge-cache-tag
319697806586674523999918195327703573376,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
319697806586674523999918195327703573376,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
70
req-referer
https://www.vesty.co.il/
content-length
7236
x-request-id
f34c10aa2a4bf99e2495750904c4d750
x-served-by
cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100109-IAD, cache-lga21973-LGA, cache-iad-kjyo7100056-IAD, cache-mrs10558-MRS
last-modified
Wed, 08 May 2024 07:25:39 GMT
server
nginx
surrogate-reporting
width=1024,height=568,bytes=29362,owidth=1024,oheight=576,obytes=27558,ef=(1,13,17,23,30)
x-timer
S1718921187.797328,VS0,VE0
etag
"c97f16b8995b5ad54c625add896a19c7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 7, 0, 17, 3
5279274c54dfbd1bdffad6eceffd0fd9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5279274c54dfbd1bdffad6eceffd0fd9.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e4a50c39b2686986b27382eeb318199e50d7c045bcdeeb016fc3a81a2f3b100

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5279274c54dfbd1bdffad6eceffd0fd9.jpg
age
284299
edge-cache-tag
449207456330498071496755097630666219357,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
449207456330498071496755097630666219357,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
159
req-referer
https://www.ynet.co.il/
content-length
18324
x-request-id
24b8b840da1198ab56e39d499f1bd87c
x-served-by
cache-iad-kiad7000154-IAD, cache-iad-kiad7000154-IAD, cache-lga21924-LGA, cache-iad-kiad7000058-IAD, cache-mrs10558-MRS
x-orig-request-id
a1c39a3fb7e602e18a12a93e28cf228d
last-modified
Mon, 17 Jun 2024 15:08:05 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=57322,owidth=1000,oheight=600,obytes=256810,ef=(1,13,17,23,30)
x-timer
S1718921187.804241,VS0,VE0
etag
"83343281c3bcf9663986c193f6bc4650"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 233
a88263dced257bf69f190423ee47756e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a88263dced257bf69f190423ee47756e.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39d756e6e5644c860b4f7ff239e41282be673ad7a7cd832eb42ae1d67180636e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_412%2Cw_740%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a88263dced257bf69f190423ee47756e.jpg
age
308903
edge-cache-tag
621303602764331606790083560409434513477,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
cache-tag
621303602764331606790083560409434513477,344084207907225147675794535276677417900,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
994
req-referer
https://www.inn.co.il/
content-length
33666
x-request-id
ea3cfd8e8c60ae04ba0098e52b4986c0
x-served-by
cache-iad-kcgs7200077-IAD, cache-iad-kcgs7200077-IAD, cache-lga21922-LGA, cache-iad-kjyo7100028-IAD, cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 14:29:47 GMT
server
nginx
surrogate-reporting
width=740,height=412,bytes=69543,owidth=3000,oheight=1906,obytes=1054789,ef=(1,13,17,23,30)
x-timer
S1718921187.807391,VS0,VE0
etag
"c3df2d60974e5781596aa864067ede22"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1613
1a85e866da6cc97012a6759eb02e4566.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a85e866da6cc97012a6759eb02e4566.jpeg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d3e08b690ccc235eda67e9de273af4e5d4e754d56bc4418175eb0d1a46f5551

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a85e866da6cc97012a6759eb02e4566.jpeg
age
2174663
edge-cache-tag
549867669114887071967262785112644192639,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
549867669114887071967262785112644192639,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
479
req-referer
https://www.israelnationalnews.com/
content-length
16626
x-request-id
05f95eb2d7fc02a363f242adc8665ac2
x-served-by
cache-iad-kiad7000076-IAD, cache-iad-kjyo7100107-IAD, cache-lga21948-LGA, cache-iad-kcgs7200143-IAD, cache-mrs10558-MRS
last-modified
Sun, 26 May 2024 11:12:14 GMT
server
nginx
surrogate-reporting
width=480,height=267,bytes=23909,owidth=1352,oheight=713,obytes=160119,ef=(1,13,17,23,30)
x-timer
S1718921187.807550,VS0,VE0
etag
"a2ccfb6a64eb0c64a99758711d2c646e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2050
47a9adfb-5c04-417a-ba2d-3989281e682c__6VUohWLS.jpg
images.taboola.com/taboola/image/fetch/h_267,w_480,c_pad,b_white/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_267,w_480,c_pad,b_white/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/47a9adfb-5c04-417a-ba2d-3989281e682c__6VUohWLS.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
226ca92a9f4a043e4a3071f8ec64d7d802530d3507f96869bdadca2dc50e5103

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_267,w_480,c_pad,b_white/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/47a9adfb-5c04-417a-ba2d-3989281e682c__6VUohWLS.jpg
age
45363
edge-cache-tag
404539740879544643955361651249723380751,594963053814029392387456827491781192914,29ecf9b93bbf306179626feeda1fab70
cache-tag
404539740879544643955361651249723380751,594963053814029392387456827491781192914,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
55
req-referer
https://www.inn.co.il/
content-length
22732
x-request-id
3f008fc9ab5177dab1b5d96c8fbff08a
x-served-by
cache-iad-kcgs7200113-IAD, cache-iad-kjyo7100147-IAD, cache-bur-kbur8200043-BUR, cache-iad-kjyo7100069-IAD, cache-mrs10558-MRS
last-modified
Mon, 20 May 2024 11:19:23 GMT
server
nginx
surrogate-reporting
width=922,height=512,bytes=70174,owidth=768,oheight=512,obytes=66833,ef=(1,17,30,97)
x-timer
S1718921187.823071,VS0,VE0
etag
"10da45ca8d18b63e3ccb17881c9e163f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 0, 26
ebb98c13-371c-463a-a02a-a1223b675296__8YtswW8R.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ebb98c13-371c-463a-a02a-a1223b675296__8YtswW8R.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
effe022f5756dc9697682601c077972515760624d3d8714f2063c6027c028aa1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ebb98c13-371c-463a-a02a-a1223b675296__8YtswW8R.jpg
age
895770
edge-cache-tag
304712031121882236547025661912000615174,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
cache-tag
304712031121882236547025661912000615174,444014603528429213436794596852223382768,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
547
req-referer
https://pplus.ynet.co.il/homepage
content-length
18430
x-request-id
e88a34b1aa6b2698703f9869e8c39167
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kjyo7100052-IAD, cache-bur-kbur8200031-BUR, cache-iad-kcgs7200105-IAD, cache-mrs10558-MRS
last-modified
Mon, 10 Jun 2024 06:00:00 GMT
server
nginx
surrogate-reporting
width=480,height=267,bytes=25187,owidth=2130,oheight=1200,obytes=187777,ef=(1,13,17,23,30)
x-timer
S1718921187.884852,VS0,VE0
etag
"cf32617e99dc1dcc20181d4bfe9cda1e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 166
333ecdb0a1b55c13e9bba7f0b1b76d69.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/333ecdb0a1b55c13e9bba7f0b1b76d69.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5823029c1e1326f93b2c542c32de61a23703538d7a53ee617e31455bd2ebc99b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
1
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/333ecdb0a1b55c13e9bba7f0b1b76d69.jpg
age
3131189
edge-cache-tag
574821293843478936264722355997901774640,609081369370061988306549903687010686411,29ecf9b93bbf306179626feeda1fab70
cache-tag
574821293843478936264722355997901774640,609081369370061988306549903687010686411,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
412
req-referer
https://www.vesty.co.il/
content-length
5794
x-request-id
6cd5b667d8dda301939bbe4f0d36d78a
x-served-by
cache-iad-kjyo7100115-IAD, cache-iad-kjyo7100174-IAD, cache-bur-kbur8200055-BUR, cache-iad-kiad7000098-IAD, cache-mrs10558-MRS
last-modified
Tue, 09 Apr 2024 12:49:36 GMT
server
nginx
surrogate-reporting
width=240,height=142,bytes=11594,owidth=1203,oheight=641,obytes=125457,ef=(1,13,17,23,30)
x-timer
S1718921187.890735,VS0,VE1
etag
"d34de063e8e4cb3c25ecc4a7382f7a09"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 46, 0
2bd151d570ae26b87fb3d4778a96086e.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_27/c_fill%2Cw_240%2Ch_142/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_27/c_fill%2Cw_240%2Ch_142/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bd151d570ae26b87fb3d4778a96086e.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c8f957f413d616fedb6663e2a9b943a751df81d713e65e27130936062ead965

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1200%2Cx_0%2Cy_27/c_fill%2Cw_240%2Ch_142/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2bd151d570ae26b87fb3d4778a96086e.jpg
age
222044
edge-cache-tag
603264539991292507161234942094026189199,601027102936238983794816335648604699419,29ecf9b93bbf306179626feeda1fab70
cache-tag
603264539991292507161234942094026189199,601027102936238983794816335648604699419,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
479
req-referer
https://www.ynet.co.il/
content-length
5140
x-request-id
3d74c08959786c4f20f903a5adfe363c
x-served-by
cache-iad-kcgs7200073-IAD, cache-iad-kcgs7200073-IAD, cache-bur-kbur8200111-BUR, cache-iad-kcgs7200124-IAD, cache-mrs10558-MRS
x-orig-request-id
e262b80957698926708aa579fbe2ef01
last-modified
Tue, 18 Jun 2024 07:45:36 GMT
server
nginx
surrogate-reporting
width=240,height=142,bytes=7451,owidth=1200,oheight=800,obytes=124582,ef=(1,13,17,23,30)
x-timer
S1718921187.899491,VS0,VE0
etag
"e9a5097ad1d1894cbfcef4a4a552a493"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 217
H1x4S11S1UA_0_0_1280_720_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2024/06/18/H1x4S11S1UA/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2024/06/18/H1x4S11S1UA/H1x4S11S1UA_0_0_1280_720_0_large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c75851b25c8fd20b29272929aa27e3f0a84253100c386dfd9b622d4f16a2b149

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2024/06/18/H1x4S11S1UA/H1x4S11S1UA_0_0_1280_720_0_large.jpg
age
23526
edge-cache-tag
578801001282659245367462606740955374646,568847781021646108557324661607523782102,29ecf9b93bbf306179626feeda1fab70
cache-tag
578801001282659245367462606740955374646,568847781021646108557324661607523782102,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
826
req-referer
https://www.vesty.co.il/
content-length
5476
x-request-id
dab823b7f74e0ad2e1b3bdffc77b7910
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000058-IAD, cache-lga21982-LGA, cache-iad-kiad7000127-IAD, cache-mrs10558-MRS
last-modified
Thu, 20 Jun 2024 15:34:21 GMT
server
nginx
surrogate-reporting
width=490,height=275,bytes=16902,owidth=490,oheight=276,obytes=19080,ef=(1,13,17,23,30)
x-timer
S1718921187.906176,VS0,VE0
etag
"e38da13ba58af4631f7ca0ac5e3d61e2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 3
3e38f9098cd3592c0dea505f59c207d7.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2100%2Cx_0%2Cy_128/c_fill%2Cw_240%2Ch_142/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2100%2Cx_0%2Cy_128/c_fill%2Cw_240%2Ch_142/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e38f9098cd3592c0dea505f59c207d7.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3617aa3ac953bf6992a9c85f607f2ecb7ae362b8d2ffff1902ba39fda60c1c7f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2100%2Cx_0%2Cy_128/c_fill%2Cw_240%2Ch_142/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e38f9098cd3592c0dea505f59c207d7.jpg
age
307641
edge-cache-tag
599536540397887761086233533544818921806,627160349937409775386416470168024321453,29ecf9b93bbf306179626feeda1fab70
cache-tag
599536540397887761086233533544818921806,627160349937409775386416470168024321453,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
839
req-referer
https://www.vesty.co.il/
content-length
3624
x-request-id
4da7310b888f555a26b3bd0822eb5b80
x-served-by
cache-iad-kcgs7200049-IAD, cache-iad-kcgs7200049-IAD, cache-lga21959-LGA, cache-iad-kiad7000061-IAD, cache-mrs10558-MRS
last-modified
Sun, 16 Jun 2024 14:28:25 GMT
server
nginx
surrogate-reporting
width=240,height=142,bytes=5807,owidth=2100,oheight=1333,obytes=352369,ef=(1,13,17,23,30)
x-timer
S1718921187.908586,VS0,VE0
etag
"a4b3e1f1005fde2641d8c5976e400ee7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 228
759ec37157db058c53cc364b645b37d9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/759ec37157db058c53cc364b645b37d9.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f4b01acc31f3a5203fb1a4d1e3883fb8281e04d8496b57f8c3daa51025c09d3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/759ec37157db058c53cc364b645b37d9.jpg
age
220512
edge-cache-tag
531657057604312861859428514716170359422,609081369370061988306549903687010686411,29ecf9b93bbf306179626feeda1fab70
cache-tag
531657057604312861859428514716170359422,609081369370061988306549903687010686411,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
383
req-referer
https://www.ynet.co.il/
content-length
7890
x-request-id
98b2bc85fb0c7db5f7a2aa9a6d390e7e
x-served-by
cache-iad-kiad7000155-IAD, cache-iad-kiad7000155-IAD, cache-bur-kbur8200078-BUR, cache-iad-kiad7000122-IAD, cache-mrs10558-MRS
x-orig-request-id
b65d4be7450bd75fc5efd163ba8f8055
last-modified
Mon, 17 Jun 2024 16:07:44 GMT
server
nginx
surrogate-reporting
width=240,height=142,bytes=10343,owidth=1000,oheight=600,obytes=351917,ef=(1,13,17,23,30)
x-timer
S1718921187.918601,VS0,VE0
etag
"702193a4d904e3c81dd1e6fb0b9e8efc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 64
rJPgNuOBA_166_21_645_363_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2024/06/13/rJPgNuOBA/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2024/06/13/rJPgNuOBA/rJPgNuOBA_166_21_645_363_0_large.jpg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec6d1e9b4852c85ff0519fc06a975e3e831b9b1398f07dc51b66ad48ac35d480

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
0
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_142%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-pic1.yit.co.il/picserver5/crop_images/2024/06/13/rJPgNuOBA/rJPgNuOBA_166_21_645_363_0_large.jpg
age
118608
edge-cache-tag
424727249628906788003719660420502748615,609081369370061988306549903687010686411,29ecf9b93bbf306179626feeda1fab70
cache-tag
424727249628906788003719660420502748615,609081369370061988306549903687010686411,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
334
req-referer
https://www.vesty.co.il/
content-length
7486
x-request-id
2a58be4a244643a82a5ba75813b4df71
x-served-by
cache-iad-kjyo7100116-IAD, cache-iad-kjyo7100116-IAD, cache-ewr18164-EWR, cache-iad-kjyo7100108-IAD, cache-mrs10558-MRS
x-orig-request-id
9d0a3abb531981771f642d217c9209a7
last-modified
Wed, 19 Jun 2024 12:59:32 GMT
server
nginx
surrogate-reporting
width=240,height=142,bytes=10283,owidth=645,oheight=363,obytes=40402,ef=(1,13,17,23,30)
x-timer
S1718921187.980094,VS0,VE0
etag
"77c5d1eb4a09a7ed1af97bcb66915828"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 8
www-widgetapi.js
www.youtube.com/s/player/84314bef/www-widgetapi.vflset/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/84314bef/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
sffe /
Resource Hash
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3406
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8237
x-xss-protection
0
last-modified
Mon, 17 Jun 2024 04:18:28 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Jun 2025 21:09:40 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=935048389980151&ev=PageView&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&rl=&if=false&ts=1718921186682&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718921186680.765242421220583920&ler=empty&cdl=API_unavailable&it=1718921186394&coo=false&rqm=GET
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=10, mss=1380, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Jun 2024 22:06:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=935048389980151&ev=PageView&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain&rl=&if=false&ts=1718921186682&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.2.1718921186680.765242421220583920&ler=empty&cdl=API_unavailable&it=1718921186394&coo=false&rqm=FGET
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x98d421ae62c19b46","source_keys":["1","2"]},{"key_piece":"0x1b3b17fa45cbda07","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Thu, 20 Jun 2024 22:06:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382710278801866130", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=10, mss=1380, tbw=3090, tp=-1, tpl=-1, uplat=300, ullat=0
pragma
no-cache
x-fb-debug
WVhGSrlr8/9iDT2vNbXEkF9JCJFkaWiGWjUsWkUWUEglJrjDurqfeYawXQ4mvIy6/B1Xs4pVmbdfuL3wS4EkEQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382710278801866130"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
supply-feature
il-trc-events.taboola.com/ynet-vesty/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/ynet-vesty/log/3/supply-feature?route=AM:IL:V&tvi2=5906&tvi50=10821&lti=deflated&ri=87b98f43c8c2707f7efe70c7b8ab8b76&sd=v2_74ab49bd0e80353d5069a849c3726e7e_beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62_1718921186_1718921186_CIi3jgYQyYtDGPKVv72DMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABo4uPVg8u34P65AXAB&ui=beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62&pi=/main&wi=893850554882200731&pt=home&vi=1718921186034&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2219%22%2C%22event_msg%22%3A%220%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A06%3A26.746&id=6705&llvl=2&cv=20240613-38-RELEASE&
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 20 Jun 2024 22:06:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ru.json
cdn.userway.org/widgetapp/2024-06-18-09-05-51/locales/ 		925 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/locales/ru.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
647f8ddf5cbbe39c5f0159a427d61896e306fa0cb445ef9aa3d147fcdd8ec5e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:26 GMT
via
1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
583
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702633
x-77-cache
HIT
x-cache
HIT
x-age
218553
x-accel-date
1718702633
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwHXuVUDAAwBJRPCLgH3HgAAAA
x-accel-expires
@1744622603
x-77-age
218553
last-modified
Tue, 18 Jun 2024 09:08:08 GMT
server
CDN77-Turbo
etag
W/"9d513f56b0f76a17f26a5e333abfc97b"
x-77-nzt-ray
cf87872770706c87e2a774661131a233
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
xFsmUFmBa3mulNAz08S_JOR9SQIyFRmz1utpgsRs0AvCmV2VAF---w==
306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
event.dxmdp.com/rest/api/v1/user-audiences/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/user-audiences/306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 20 Jun 2024 22:06:27 GMT
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
JEYRrj5BeX_nM7gll1adEQnSbcqL3MJdjBbGC2vZ0I6kbe5KKOpLWA==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
events
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events?dmpid=306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 20 Jun 2024 22:06:27 GMT
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
_WDjWv5wlq7K8pgH8za7qh3jGEXVvqh_8_76s1iwufOmHNGIo6VHbQ==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
event.dxmdp.com/rest/api/v1/user-audiences/ 		16 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/user-audiences/306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1a67ee75b1912121c9bd17376c96ddf752758d76c2cdf775e6426d6a079554ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
x-amz-cf-id
HtV22BvXnDzpJynvZNvBJR4EJOyH63oiikJaQrMyLaoP6zp7Veo1VA==
events
event.dxmdp.com/rest/api/v1/ 		316 KB
317 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events?dmpid=306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
925e5d05907f2352289564cb678e837b7e556fce0d7d92e832f47d838f3c7289

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
x-amz-cf-id
as0i50gN_-2KCcqVwSW5cmRd27n4s2o7SSq0ozw-9Gqj61BFLah5ig==
container.html
06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:26 GMT
expires
Thu, 20 Jun 2024 22:06:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3DD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6xBxguv-7JmknrkHREvfOqTGG9S9KZ7FbyZoYHByQYOTXiazP8V5tjLQXmTo4A3hAP-fm9e0AneC3TB1YQPrJNKsQoDWzWSBz4CWz7sXYBr2WpLQr4eKQvEQibMF2BTliZhs_n4BfhEtYuWX86mBYzVNhYQBfi8OX4iyDln0pNJznOB9ymBbf2lL80zDmMQiwFno-_l5-ObfuYBXuOIs2b_OektyMFP7eef1cxVri93UgNFk4iFPEA1u2P8VRSsa6Lqh-HWRxUaXA7Hlo_CnW5e_qewQ6aZVlAvxRsW7WEpD_9eEp-5oFy7m4GVFOa4v4-fm0fegeXRbpjrRszgvUSJGOBCPZjX26NVtKR4DL6b_flNPe9CCuvE0AYZqGdIDKZ_jTtJjw&sai=AMfl-YSM8BJei8zgu3r4TL3vPIQjl2nPaffg7uzmuskwtMIsKT-A7wXOO3lSHFKkb_X2acVrRFAGoBmhD7PXLAQNbCJjltCHhffbY5hc_uRKktu35N3BGlV3dxcJauyMNBnmEkTAx4qB2shB8cJpVPMCjKM&sig=Cg0ArKJSzLqM3E8U4ao-EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame 3DD0 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3DD0 		211 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
9912438477610177851
tpc.googlesyndication.com/simgad/ Frame 3DD0 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9912438477610177851
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
96fc098b3f90ec219d13b8f9be634a75b466a6b2c49a5b05e11e7b799568928a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Sun, 15 Jun 2025 11:15:30 GMT
date
Sat, 15 Jun 2024 11:15:30 GMT
x-content-type-options
nosniff
age
471057
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60754
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 08:10:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 33FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpmGc3S58cVBn_W_d1DBXMFrbhoHvK0HTPek8bqUL-7_GN--EJ4M2XfjJBfsI1yEQS8U3Bip6pcKcMXUL88ne0yvSY5Tp6SepYljTaAX1MB0S0OXaC8OPqeDCbafoIcdl1Eom7IrXoM4N5TPg95__W8LXsoxS4uLTNW8b5Px6KydFOogFnu2-3wRMKXiUFHtwJi8MJDxnno8hLa3ACgohSi8hSBefcD233FN_u2-c3VM9v5LG8rRrBfh7LqehMWOVycOKcNMzf0sTl1j84AlcLhJl74gDLEg9cAToZuyTKR5DPvuPbwcJhgdsPLyeL0m_5d54OyK-7NdBdeNqrNaFOsGgna8UuIGMJxgOHx4vGM5rZSw&sai=AMfl-YROZxt60VuUR6qvhlc5fb1w2lUXvA1sn_dSSFdlkwK7IFJLTkBIhanxw1wMu7NJ0op9G9TxS8eYFdAPgbLPhTqzMPhhc0nwr-0Dnbbabh3G7OayZYe0pLG0wS0GmCOSGCPso7Rqx8moxrf7OmgSQaw&sig=Cg0ArKJSzDnb9gB_S04WEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame 33FE 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 33FE 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
9373840261815545447
tpc.googlesyndication.com/simgad/ Frame 33FE 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9373840261815545447
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
8fc7e83879340895d1dd4f17d9e5d73e288f61c0e95b696b614427d6a3df2731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 14:55:25 GMT
date
Tue, 18 Jun 2024 14:55:25 GMT
x-content-type-options
nosniff
age
198662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56127
x-xss-protection
0
last-modified
Sun, 16 Jun 2024 06:10:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 38E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH-jqeRpjoyVAhJY2j1QjTXYWA-KJwsbYcSmalExCPkgPdVjF35t3At4beofPXd7pXJI-nGxSBxVHpF3LwBTGaeOJXbR4I2pw6BAsz1sXtZMxhsjxsB80yE6EVw99EW27UABFrthPD02gbEUmQCx5ojawJ5yHygCsZhNeJ9vO7zxY82NKdZZLkaZR5pNqSf1VnT3T1xcsZhwVqxZ7gWXMyl4OzUGwfd7IZz6uxxRLBpmmsAKSWJcoDMvlXTVHCXcxP-8Mmpo9rn0cxzLjlIM_B1JWrAyAJ-fuaJckWOWSN9F6ibRytyGAzsRcCOmjNHiW2CIxjZmkWyTlwogVc9TdXuEAATnyfUsQnEuBnddrRbr6mEw&sai=AMfl-YTDkYZJUpmA6lCGclp7JJCtumtBw5JUolvM3rG-5aqPfT8A9omLYBIzyUAnohyc5s_3OfYCkqJM1L3ygFGwd5bSJzGKXCT__c9zzlg2n1KlZfxLS4GOIboJStWWX0-IPtLbdlhSisekFFEp9UFRkTs&sig=Cg0ArKJSzOEWpcaW3n9FEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame 38E5 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 38E5 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
1658285112461904924
tpc.googlesyndication.com/simgad/ Frame 38E5 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1658285112461904924
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
a9eb7e6f83af1ed1e5849f77fffbe871072f5097944ccd1013ad73ed6bfe429a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 14:47:24 GMT
date
Tue, 18 Jun 2024 14:47:24 GMT
x-content-type-options
nosniff
age
199143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90066
x-xss-protection
0
last-modified
Sun, 14 May 2023 09:23:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
container.html
06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F64C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:26 GMT
expires
Thu, 20 Jun 2024 22:06:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D140 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://06886738050f922b5511a953b816db13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:26 GMT
expires
Thu, 20 Jun 2024 22:06:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C2DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDondN4RRdyyY7lKSoYyMQ1XhmZckJ62TthhkVFI_Em2dJtL1rMturj7xogboXjWdQiPrRp6vWNqa1j5snKfktbdiJ64nLllqwI_N3R1lRb4sM7zyLTd2RFVaOJv1ZCBQAMh4I40HJZSRE2_VuEIwZt_BZJ53U5FsuMDCu_aNunqeTfITIiPXQiusRwGD0iKeuK1c64urZKc_a_nBIR3mSKTbTj5ctGv1kJs3xTcuj8FXnVxvusx7yjBjlChL7XyxmMhGYA6z1SmtFOpOwiufXkeYL2vIpMDmAh2wJNvkzCQN-hI7b87vXZ7SceP7lRLC2Vk_O4uI2vea8yJ96B4S9BY7Hsl5ihTSGBbIfinGVTt4nMor_Hhw9fw&sai=AMfl-YRXt_47iG7JNeyS6zc8tltPL-RFNw2JwZNNpCvcemDeZLOGtv2hi6njWCMsrQw-WXKhIN6jamoVd1kWqC7mm9tM62sAFnICIAdIOvNqonPz7mR0qibDub2pfcg9XbHu0EQmBw0VMuwSSEQkJ4HgOac&sig=Cg0ArKJSzEtsK6hsNDAPEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame C2DA 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C2DA 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
770733260902305555
tpc.googlesyndication.com/simgad/ Frame C2DA 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/770733260902305555
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
ca0ef4dd707b36c62aab8862b6ee6e8b7d0c3945e5cc9998fee0cab075c2aee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 15:29:13 GMT
date
Tue, 18 Jun 2024 15:29:13 GMT
x-content-type-options
nosniff
age
196634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57877
x-xss-protection
0
last-modified
Sun, 14 Apr 2024 07:18:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame DE1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMMmV3w39SU7IGN35G5eLiFatTF3ONd3MdyLZ_CgvodOeR752Ybk_vaiyoC3AbScWM23XIzDsUumWqN3yIaoFQxvggeTIUmt0cDeVl1dJq5ue0EQW-WjcdsmAGRIu_Vw707laBnJgToyk5wUxEw8y9V25tQtZWpfXZwHuIPiiXMF_N_Ym01HEs8u6cB0JwNKH5FtsblhcP0vbIGOoT7t85rb-ZZG9a_gb7TRxBT0rb6L3NEjuRv5xzCuJqztb4gPKkgJb8uJSpMD9yc__Xz2IkaIcBk-V2bvD73UnxDY0KhlVlCR6Pu0xP1SJzUgy-3wnhV726824W_DP5xNzc_UaIMoqHIW2rH8_1g-67HyYwIrpann4_LQs7UGoiMG1goHcAfr9V5XeVTY_4-9SCVPE&sai=AMfl-YRngKW_rjkHD9sw_diLL4V6wi--0UkLjqakrNMXgckq1HLXa0aW0coUA1f_FFtIM54DzRSQPZlzDkXGIKvN2JOUD-zxWXbcGx72TmfoyGdgwfhUoMM4UfmTxVrKegQJtTtjYrhq3g2vnD28HhPCZhM&sig=Cg0ArKJSzPDfEoCvLbNOEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame DE1B 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DE1B 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
8469366859755171492
tpc.googlesyndication.com/simgad/ Frame DE1B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8469366859755171492
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
aab449f057334bce7fea011165a3a981cdde87ff3a17673d593d09883de97c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 14:55:25 GMT
date
Tue, 18 Jun 2024 14:55:25 GMT
x-content-type-options
nosniff
age
198662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26465
x-xss-protection
0
last-modified
Wed, 13 Jan 2021 14:31:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
view
securepubads.g.doubleclick.net/pcs/ Frame 93C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy8wY0_aVDzVleU5JtPde5pfRIO_IO8NvFpbTXOjxfwG--j6AzfH0d-iXA75tULY8Gn9BdTU_8x0vewvTEaUMQQVyMkxoZfnqUPriALzbekfImiJK0-WdsqnoupYp-jAEDwLE6QEuxIhu3P-1aqK_-zvad7_AyyGVArUO_TxzsSfi5bn08uK3l9xJQkz9JMiP8B0CSlekoyt72X92R72xafMwcVDtLmqkMyB7buRvRF1ChXjH9Gvz2w60_BXD8L_URHL8VJK61CQxUeul1oHZ33Y-KhNAWRUg58zAv7QIR13nH7BRpJxQvjVTBPEULbpTjWbYGGy0SvC_nCWBmAqXY2lUfEnvsYqOefTWj9TY8beI2BZI1PrBM1x5oJPjJUXnN15DvTOhzdKWPQ7nakro7_t0I&sai=AMfl-YRb800wjYgLN2vd67bdAgp5MrIzaEqVwsLMD4QkcrZGhQXyLRmPObZ-jcTqWTj8JrmNa3CQ0Fhs2gBXQpm4Rg5W3_yq-MlwU0YpP_i1sjt5-oSLrm4MPs5kOmMRBIqnqoEBhbGNMyWhc7_fr6rBjNo&sig=Cg0ArKJSzH0QhtbbdFkdEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame 93C3 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 93C3 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
18326688637598759047
tpc.googlesyndication.com/simgad/ Frame 93C3 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18326688637598759047
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
2efa9dd0761a777a8ddd3044a0d0091db3e59c186f619528d292f02d411b70ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

allow-fenced-frame-automatic-beacons
true
date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52696
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 08:13:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 20 Jun 2025 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 433F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9KGF7ePNmyYQwA5YDZBfzwHkV0AJ44_rsBF0EsyFRMZQI9rZF3kJUcVWkDSyP7yPZvuNkVvlW7L5UK9UdakeaFsUsQ9Pru9723pKOIYaJe0vOSMZR6QOITl0YPcIyD6BkkvbYuaqvhpy1k9y96mV9b_ORkWkK__Xh9tNKchaH-_tKZABwiUOpITa6aOeAxmDqCcjmcuN5KD0g4OUZSzxqeXOI-QISLT_RpqiR33BaDlBIYKDQFpGEF70ALcaZu9JaxGy3EHshbHdBaVhWUr58G8Gvn0Lr_YL1RbiXo-s0pK7WZGI_7hsHpaND6uyMz0sr8rJNILgQBqsmLpe7SrSkK0iBd-Q2-W-aqH9YdHUWH-JmkMBDiUx2ZY6xofEqxNQYgCGf1Hh3e2XEYZ3NDA&sai=AMfl-YQaFpQ-wWBdiiMACSiHwSMq2g1J6TCDIo1zGaW717is55oXHIbi1AbpsK_Ar2yxTnMcOyFPuMy-X_idZndQcsvC-guwoykrsqZaB4USrqkOEFnYdSv_P1MDN4FZhkzSx1u-mQvwJEhu74rZxgP78fo&sig=Cg0ArKJSzHtMgFy6SV7xEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame 433F 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
28786
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jul 2024 14:06:41 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 433F 		211 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66383
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:09:37 GMT
936369194726415179
tpc.googlesyndication.com/simgad/ Frame 433F 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/936369194726415179
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
26fc05db2e55214cec2f18e92b7464f46723ca346b4f9abcf1d51268f9bdd09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 18 Jun 2025 15:00:03 GMT
date
Tue, 18 Jun 2024 15:00:03 GMT
x-content-type-options
nosniff
age
198384
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52178
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 08:16:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 3DD0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ede4692ae8120f26ea103c77b4197e4d19219346a941678cadde40af14ee68f7

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 33FE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad4df0629f019ff6f540277bc1c2446be5a48a246260ac87309da7ec64d53c75

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 38E5 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6da18b441da27be6f7db38c119f3f3eb49e12b3cb9ef1810f629e326a281a40

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C2DA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e48306ee3c05c595be9d87107185067c836114e712afe9eda4b2ed4aa27601b8

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DE1B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6173946da8b969a96733b6acd5ca2e1af7d825b6b29a5f6803f478954c1fb602

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 93C3 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a67e00c2e0855e12057849df595409f6e1f3180ed9d7a30c8fe3a12874647936

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 433F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da79c29bad55b2be5625d3d495f942f5ee409d0eaaa718f5654337b070e8f715

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
remediation_1718701551140.js
cdn.userway.org/widgetapp/2024-06-18-09-05-51/remediation/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/remediation/remediation_1718701551140.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
feb461e9a941f078d5f89899edb21b94159a8d435d461297b25f0214ddc971df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 fd6dc3eaf39d0b931b4b1369a7e91ac0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
237
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702617
x-77-cache
HIT
x-cache
HIT
x-age
218570
x-accel-date
1718702617
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3ylUDAAwBJRPCNAH3VwIAAA
x-accel-expires
@1744622018
x-77-age
218570
last-modified
Tue, 18 Jun 2024 09:08:08 GMT
server
CDN77-Turbo
etag
W/"48ed7940828cedcc6161e0e5a8137b8a"
x-77-nzt-ray
cf8787277070219ce3a7746682722716
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
_ZXVjObwgOdy3LRTXbhj4ligDvdcOx3pjSpIPiU4qrHHFmZg30WKsw==
IyVdaFzF9L9s7xRa.json
cdn.userway.org/remediations/consolidated/2572728/ 		954 KB
143 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/2572728/IyVdaFzF9L9s7xRa.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
66af8a828605b97163bf9f894f61463f4a5b0ec2c1dc4e83e2a9c28d1b674200

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
20
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702798
x-77-cache
HIT
x-cache
HIT
x-age
218389
x-accel-date
1718702798
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3FVUDAAwBnJIhHwH30gIAAA
x-accel-expires
@1750238076
x-77-age
218389
last-modified
Sat, 15 Jun 2024 11:54:25 GMT
server
CDN77-Turbo
etag
W/"5ced73d3733c2bc624e911319776b3cc"
x-77-nzt-ray
cf87872770702d9ce3a774669e993816
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
BSAamnehJK1SUUBD3eGGFCEp2ucw-4VT126k7JhWi-b8tlfmfveuqg==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
37
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702617
x-77-cache
HIT
x-cache
HIT
x-age
218570
x-accel-date
1718702617
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3ylUDAAwBJRPCMQH3WQIAAA
x-accel-expires
@1744622016
x-77-age
218570
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
cf8787270d839b53e3a774664f17c518
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
fybUTrUQTf0ePw59LaHbPg2c_3j_eh3CzYQozyC8t9WlIi4yLXjGvQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
37
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702617
x-77-cache
HIT
x-cache
HIT
x-age
218570
x-accel-date
1718702617
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3ylUDAAwB1GY4EQH3WQIAAA
x-accel-expires
@1744622016
x-77-age
218570
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
cf8787270d839b53e3a77466464dcd18
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
-eZ7PyP_ToccEAwC1kVA2gc8cZ8Y3bemhpcnfWm1RJsYV1vjmLtlgA==
click_
fundingchoicesmessages.google.com/f/AGSKWxWP7rknUVe4pph3eN6N4pCy2mp2xxvho-MUmXDNHMjStisfPOumfXC-qKN3nMqCVxAFDFuW1hdQ-o19Y_-WxFKbCdUg-jsOcxv6h2m6kjMIFZZE1gcxgB2dKWSX4br5cQDZeE9ScJl-IHrj7GIt5tK4yrq7I... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWP7rknUVe4pph3eN6N4pCy2mp2xxvho-MUmXDNHMjStisfPOumfXC-qKN3nMqCVxAFDFuW1hdQ-o19Y_-WxFKbCdUg-jsOcxv6h2m6kjMIFZZE1gcxgB2dKWSX4br5cQDZeE9ScJl-IHrj7GIt5tK4yrq7IzFx0dDZ1hQVLfpg9xgsfWuIyfQcGPnk/_/easyads./house_ad_/partnerads_/ads/menu_/ads/click_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwEmR2IYl_W4-wwaV-fZo7WcjXZDg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
64960c3a834c2272ab7af4585b500ac1bf6e1e50d70b1ac6f955442225626942
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1bF87SDquYpqC6pmOj4VoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1bF87SDquYpqC6pmOj4VoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmLw0pBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4vbPF1inA_GSiIushxIvsh58fJH1JBAL8XA8Pn9pM5vAj0VP7zEqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGVrqGZjGFxgAAEj8RJM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwEmR2IYl_W4-wwaV-fZo7WcjXZDg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
aa8144271fd6b2998969ac2c46b42dd806e99e001710234d4935fd853c016d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24434
x-xss-protection
0
server
cafe
etag
4334247495155920446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Jun 2024 22:56:13 GMT
AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BEYMFO2cqk6a6BEF6K5P8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BEYMFO2cqk6a6BEF6K5P8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_H4_KXNbAIfen9dYlJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhpZ6BubxBQYAlpUssA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
remediation-tool.js
cdn.userway.org/remediation/2024-06-18-09-05-51/paid/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-06-18-09-05-51/paid/remediation-tool.js?ts=1718701551140
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9731c1a890ffb984b3bd85421a8ad751ecf485c215d4dbb80f204231d80964fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Origin
https://www.vesty.co.il
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 7b33e91c10f2279399751cc4de05f400.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
236
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702617
x-77-cache
HIT
x-cache
HIT
x-age
218570
x-accel-date
1718702617
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3ylUDAAwB1GY4EQH3VwIAAA
x-accel-expires
@1744622018
x-77-age
218570
last-modified
Tue, 18 Jun 2024 09:08:12 GMT
server
CDN77-Turbo
etag
W/"f82df0f1d48c6daca0c1ca2bf4507de9"
x-77-nzt-ray
cf8787277070cba0e3a774663037f71c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
GsZ36WrTw3p2ugIGStU9kTej8krHRtw0Xpx2blm5KKfOWpfMyybuHQ==
AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xM5_hLcNUvOpZMTPPo29GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
content-security-policy
script-src 'report-sample' 'nonce-xM5_hLcNUvOpZMTPPo29GA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_H4_KXNbAIrjjw5waTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDC31DMzjCwwAhh0seg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
events
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events?ts=1718886089384&dmpid=306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.vesty.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 20 Jun 2024 22:06:27 GMT
server
nginx
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-id
XX1wfLT4eK3EUIZIx2KzAto3diArCwlAjwZIT-5i38HgEVTS8s2zuA==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
events
event.dxmdp.com/rest/api/v1/ 		160 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/events?ts=1718886089384&dmpid=306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-106.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c3030a37a33ed5ac24ca66e56964b02e646789903d206bb3723c4c9ddf64459a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.vesty.co.il
access-control-allow-credentials
true
x-amz-cf-id
aGFxfIb3f6gA50iR_B5wwF2fIN6I4f4FW67mxqTZ3KsidoazJm6Hnw==
IyVdaFzF9L9s7xRa.json
cdn.userway.org/remediations/consolidated/2572728/ 		954 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/2572728/IyVdaFzF9L9s7xRa.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-18-09-05-51/paid/remediation-tool.js?ts=1718701551140
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.141 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
66af8a828605b97163bf9f894f61463f4a5b0ec2c1dc4e83e2a9c28d1b674200

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
DUS51-P1
age
20
x-amz-server-side-encryption
AES256
x-accel-date-max
1718702798
x-77-cache
HIT
x-cache
HIT
x-age
218389
x-accel-date
1718702798
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3FVUDAAwBnJIhHwH30gIAAA
x-accel-expires
@1750238076
x-77-age
218389
last-modified
Sat, 15 Jun 2024 11:54:25 GMT
server
CDN77-Turbo
etag
W/"5ced73d3733c2bc624e911319776b3cc"
x-77-nzt-ray
cf87872770702d9ce3a774669e993816
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
BSAamnehJK1SUUBD3eGGFCEp2ucw-4VT126k7JhWi-b8tlfmfveuqg==
bulk
trc.taboola.com/ynet-vesty/log/3/ 		0
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/ynet-vesty/log/3/bulk?tvi2=5906&tvi50=10821&route=AM%3AIL%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
63
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
56886
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mrs10558-MRS
pragma
no-cache
server
nginx
x-timer
S1718921188.742591,VS0,VE63
content-type
image/gif
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
view
securepubads.g.doubleclick.net/pcs/ Frame C2DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIzsMQRcq21hx5f7T1Iq0-6Jd__ykyuMwoM34XSeTTSyhcYjxVau4Hsd0a7-0DjCAyRb5Vy3Ml4S-CANk4b4A5yoaUGXCqUdPMpeB9yjTe20Vqur6Hjrs7IzRcXAkIZ_I3aXEgtFWbRZyEaaMZl8b08W0T21MXmMEchzIvCZhUC_Av7E03aggpjX-w43xRj_TRxKsdcI3_sDa78ggRVXI5YbXiqwzNG1deBQanKcLsji078h8t00779CysohnwKnQwaYogumcu6bzJ0RTPKZFDuk_VStp79Go9efRMtLjJhPA8sEfwX8x42Nvdb2srt0teNMrU5rOKOz8-edAXgEqV3Hnz7fsgSMhPxMwy7A9Fth3SJSK2enTV-12J&sai=AMfl-YS23gqaseTRX2-7KWsn-OJX-R7c_QxS-53l9EdKkDcx33j3HgEXIsMYM6DZk85cZrxaHWTmyDfDxhY8gZauvq4GqjTC-QaI7mQ8qhx9jrlsMD6ieYDnQa3lv4v5SnzXy_GpAccG2YG5l2fxY-b5or0&sig=Cg0ArKJSzAI1bovHi3kbEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjso3Cpj7qwfi-2xVGSyT78-Y81Q87FsO-uKIG3Nfqd2szi9NQ2bON6kTaAm1yze_Lt7B-Zf4plCBrN56EpMiPuPfB2Hta8VkCWM-19ampq97Kz2bkzVnRuO3c6hKLM6ZsPTOsSwP5NEqzZfpEke3ndCBPkAj10IthWVr0Ia5r0LP-NpxJIW8ywprGYkf41sPDbqZQEeuKsn-m6bHFHegOJbHYt61IgnZO_XeQQlGttxgPt7zTXROgEKPSJZjOnyzqGykPhYhioXeNHc-ewgZZMTjhr8GwERMZRejXD9x3cbMSOk-I3nzrW2Mwlzurd2fg9swodaGa2HsP94LznLxJRm7mlo6nljq_KHCVTWCJi_fo90widEDmfzkIWRws5lYZEwMQ3e51xI9fMLmDhuuZTA&sai=AMfl-YSUpHS3YfTSRdHmHnQuNb6MoAiX6bJwEa_gP0a7wjUW3cFL9XC3cg4VDOTaGT4QCE9nQ9wqMGZ09sN0GloDsOgumfz1lGCsdcYay9GW4UW2rx3jwB7T3rKvq42Ed7-6NgW_zWB_GiGBPo3AnhfWup8&sig=Cg0ArKJSzGdAbN5qbuhhEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 93C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNaWBbwXHNUFqeiaH7c9IsDp1Corozcghlxc_hqRma5NSsYj-5wfqgYbJMvmJy7vKS904qGQB0mAaZTKHP7N9bUY8QIjZbI3SEU4bZISBkbQ0bn2p2xZFVeLq7im8JzYkhoTXHREClkMraGSECTdU3IbVxip3Zd46LCWCdmc-NTFVDuHmH5cEqwwRee2-Fsxh5YPBnTH-OHjUqr68hcaI8XXdk5AowVnNANmGDxXHOZCnF2K1H88B5GTAZ3ZP1Rh_7IKybjxRrlWKwVcD687eB83vtRasG2A8YwpPeqxr21ZGRjHbKhooKJvLueLUZQHzFh7KHCK_ln3KfVv8a4EGVdki0ntGVH3JBCSNe4J8gGhzbgK24ylyguhamJnkpYYOivbtqgSQIfPORwzTTv-Vr8-Luqkg&sai=AMfl-YQ03g6jkFuKMC9503yzwvOVChKeLdziMyQ6vXgLgmNCuKtiEqJGbB3wSLRifBn67KNCqhSyxLdhdQCaHx0ABhV_W3LrJElwPgcgEEi9iE9zEcs3LB9ATjzFU1-ZZ6inklDO29aN0g-zmY1knTO9bSg&sig=Cg0ArKJSzPL4M2BGLwqPEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 433F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0oQNQHNLmXjFgO1nnYOIii8GqHOAAaEoK_CrtSVf4BbaxCtP1-HHJbsZnTXGmcow2UqmBAtPmS0m2Sk-okKIWbbyhvrUKC-vl7ytkKjicPQfRCSo3rLnYNo5p2JUQWpi_6C_ks3hRjIMFVel2lykjlL7Lk6NTcdOsC2hOCrV5ULwP8F8xWPOzzokldZC5BP-41QawQbCszOwqCxQ_chtptrn23hkO-p9ffZBZ_Ognlg6r8ihTfihmY8Ulu9hwN9LPOMXjCM3ona-dYMt97BWL6Uv99ALwCYen82-kqb-OfbQyTflJKcpQaegP9COhy438Q8qxU1uEhCVvWwuMenNSH_F4AbvgrIAZDtHbBu_FNP34HbqbkK_ogXjcUffPlim_O8cOwxw1fdV5kREnI8Q9&sai=AMfl-YSSGN8meU-XckQd2Ozsa2CBKh9C0m_CkvYkV7JVXBz5_NsrOlFsqycL6HDZgs_4Sor4g9nIA6d6mlDojmMchqNcUJlspE9FKxB_Zct-dgR9TKg2iuSIueoA09EbGirR-D9I-bY1CqAS6nC5ZquFpG4&sig=Cg0ArKJSzBhAUYNj1ajEEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 33FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoeK06UuKryXkztAmWUPxweBw8s0qUofhpFiovZodmx0SnNqj97GlPRdrxV7OVFybJuTk1tfLraObfYVyhhVLt6yxhiBs9pZPTLCZw8wrvi-abDV_QCwGhw_2qzdYQ68ip53G3ed5x2JEiAHKYzuF7t1dBgRK65BsGkdfu4enmQbUI6FroLm25tWlavM2GQZYQ5pU6zV7eXgyKBc4KmXhvjD93DN6kJJQdWMwWOqx00yu1PrQo8kYlagxft4ZdWAwkrME147rk5Xkq7tArmGsTLgviEwgJcFmzRu0EmLq3PprQ3ovzhetKtX9vX2mrsHM7taoCeVKb3y0yRV95dsVB3VlDTwHND3kcpwBxr0y44x-ftsbb&sai=AMfl-YToUxKS_sfg_qW_ieyPiuzWu0WkAZxFl2IZTgvaURB-DWu5F4u3a7T8a-EYvnLp1lji34UdnjWvMVKDcVBlQWuUmHEkoYzvqs0J44kOt_YECmIpcOfwuttxQoxPJxOY1UCmSp7kQGAz-_5xrPskPug&sig=Cg0ArKJSzK79RDvzJDC7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 02EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 634F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.vesty.co.il
URL: https://www.vesty.co.il/main
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 20 Jun 2024 22:06:27 GMT
via
1.1 varnish
x-amz-request-id
P0D45HYCT58923CR
age
1550
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
iCCk66wYK7p5Vyc8WFDxqq7H6Zw5R7Edux2k/Gm/g8Yr/jXBea3fTJkjdy5C2AsQPvBOPK3dNNM=
x-served-by
cache-mrs10558-MRS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1718921188.958308,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
113
view
securepubads.g.doubleclick.net/pcs/ Frame 38E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfB5G9PuH2mm-wEqtODIcfme_BnMZqNGexrf3D9nM2IVU6Lqbw1uoCf52NTcRSZyrzJbMHK_mi7_VXPArbargRPj7I4thEmTqHPmZO7xeK_8w3AR-oZT1IgaH2qYzkXfGVYJEDmPcf7Une2zgXnCmBXjEHCirucbuQXRh7TOrF7p4nMx4M6XArLwUp7pc05zG8SxJ9IovFA3hjv5Ju3_yfAgIi8TicV5vYZhCPrgjVLCkpYzehFLQvEgxnF9oqFo_GU2JbVBlX8oE3eprctQ9YKzFUR7znx3LOhmKBHn12oxVPVMNc3lyMyWQly-5tJm3ffSTCLUJKvHyGk4WDGSIF7jm3qW_y2Oe9aYZvJ6bX31lCTUiI&sai=AMfl-YTy1xFcXtrgPdVNetBpDKoFZDkB18GvjyAAOmjTdFOkejVTj5SuaOtff8-M-vCPBmEP3wnhrkbKpiCvqvrXhP1OBAjk3sKq24g5sWt_5Cy-hu2BcTwL8fYrGzjAM92EbMIYArBwcV7DMvBm-wJT_CQ&sig=Cg0ArKJSzPgKOTfmcBjMEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3DD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQpGtpudhQALDruvA87Ev68iZ-bznfQO_OyWGswAquZPeIW9rt0KlLeSTk4s22iV7gN5UYw6uSJSdOy6ovL9wml4QYFInDxyfysvWT8W3C7tfewHt7iUdTSuX9PnSNu5SjqROUktrMP98G6V3GsLz11WKePl24zRpV2Zr5YHG9usQIkLeTRlL_1Cxj63hJRVmlfZzwJcmEFDNXOqJ43_Oh27VKnD7dczKsfK3XcZowmR61CDjhykms0Bo2a9YB8v9w9EVoLN69FuJb2PyVLrU4eUJeLtqzdSC_lJ63jO_NrrvZ9E_CNx343t08Guk_8IpCbgNyjpPx3t50_-isafCz3zcumcAVB0dEtoyuweK-PYiUHG4_1Fp5Voa0vl8MCHzzDQgBx2fVHFw&sai=AMfl-YRVVKf0iKMChMCG1zK6RykE0Vdeufn-8G7QlOF1tg4uQi0ufHlxXY-KvpZEue4ncd6zdj_bT-dkPxKpPCfcFYfYEkdbT7cZ6b9R_9JlGCa4e_kGAIXsf0wqPMK-9jDtybBrcMvabZXKDJoheapBd1o&sig=Cg0ArKJSzHPNR84qrUPZEAE&uach_m=%5BUACH%5D&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 20 Jun 2024 22:06:27 GMT
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame D24B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame DBFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame DC0E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame D636 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame C0AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://www.vesty.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 20 Jun 2024 22:06:27 GMT
etag
expires
Thu, 20 Jun 2024 22:06:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EnNGLu63CiNvOTsT-066Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jun 2024 22:06:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EnNGLu63CiNvOTsT-066Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfHk_KXNbAILmiZJKrkk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTAzNDSz0D8_gCAwAZ1Ss3"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX-ypI9Qcw6c98Lq_x8QkezPxAVMH-cQJzVHO0TdRxGhOP3niEgHONpbm1mapHEE9yNaJKyJK4Asp48XaH_UG89gVbxF1zxZwtstNirONpuy2JGan1p48NKZu0guVCRId5nOs-hDQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2jCCngef1rNbh3aYu2yOOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jun 2024 22:06:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2jCCngef1rNbh3aYu2yOOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfHk_KXNbAILTi6UUnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmaGlnoG5vEFBgAs8CuB"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWLiN4D7ev87JrIAbEQzteQqxUDkumOrLC9n3Mjlhcbo-tSiF2tONU9vhZc6keWcvkI9_Ti_JbYlMOZHFXLykphDXEY8b5XTwvjAfNSNASXNVPzFsmQzbLUPEKRLnoShQ4pzlaOnw==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWLiN4D7ev87JrIAbEQzteQqxUDkumOrLC9n3Mjlhcbo-tSiF2tONU9vhZc6keWcvkI9_Ti_JbYlMOZHFXLykphDXEY8b5XTwvjAfNSNASXNVPzFsmQzbLUPEKRLnoShQ4pzlaOnw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4OTIxMTg3LDk5MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnZlc3R5LmNvLmlsL21haW4iLG51bGwsW1s4LCJycXJrT3FMSk9RdyJdLFs5LCJpdyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
398bf15529d9c37ce4ff329b1fe0b65f0375c4c1d4c0c95475e71423ce8a8428
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-32Lu9Ckfw-KUwVoJssyF2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-32Lu9Ckfw-KUwVoJssyF2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEoH48UXWU0AsxM3x5PylzWwCM759k1PSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAztNQzMI0vMAAAJEA-yQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXY4ZwdiGg8XKRfX8AoxCgcugPhzVwz_MLMhk1XYWzl7UaLfJ_mzaTfU58H1UD-xoJGnLT-E4HzHshF9P8aPW4Q7yiTKCxWAFh_-bBiXxmB7MEan_8XzD0zBMg0n39ExNeOnAQfqQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXY4ZwdiGg8XKRfX8AoxCgcugPhzVwz_MLMhk1XYWzl7UaLfJ_mzaTfU58H1UD-xoJGnLT-E4HzHshF9P8aPW4Q7yiTKCxWAFh_-bBiXxmB7MEan_8XzD0zBMg0n39ExNeOnAQfqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4OTIxMTg4LDEyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnZlc3R5LmNvLmlsL21haW4iLG51bGwsW1s4LCJycXJrT3FMSk9RdyJdLFs5LCJpdyJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
a6938c731f54eb9cd4c8dfd3d38dafe71c66694bed62f8bae48518ec81181f61
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DM1tiSJyGKQmUvJBpkxsuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:28 GMT
content-security-policy
script-src 'report-sample' 'nonce-DM1tiSJyGKQmUvJBpkxsuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw1ZBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEi-yHnx8kfUkEAtxczw5f2kzm8CGgzsTlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAwt9QxM4wsMACErPrM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUwsMoAMUTJ1Z1eIq_eLbeNFHxjMlMAhy5957ikgEKDJ9KFU57dlyudcmeBN0AeWrMLipfyoOtrdcLupRe5wgaBEAb9L5fV4P5LWwP0H5DbNsGwWslBa6dCYU3aDPxqSHanGrIPuQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUwsMoAMUTJ1Z1eIq_eLbeNFHxjMlMAhy5957ikgEKDJ9KFU57dlyudcmeBN0AeWrMLipfyoOtrdcLupRe5wgaBEAb9L5fV4P5LWwP0H5DbNsGwWslBa6dCYU3aDPxqSHanGrIPuQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4OTIxMTg4LDI2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudmVzdHkuY28uaWwvbWFpbiIsbnVsbCxbWzgsInJxcmtPcUxKT1F3Il0sWzksIml3Il0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
c69bcd1f46a800b9187d1204f53bf73b7bba06a2a6bf838b7509259e9041734a
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4s5iz6QX81SoSMBy5lRSLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4s5iz6QX81SoSMBy5lRSLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLi9s8XWKcD8ZKIi6yHEoH48UXWU0AsxMPx5PylzWwCP77fWcCopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgZmipZ2AaX2AAAHRFP4w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DD0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 433F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2DA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 93C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE1B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVElgACnFcgovLel4ond2tH281d05yL2ZKb8guhRXZiQbgoPlGHxwGfCut20KdhS0G1tpxNazZ4spP_TOGpW98Y_7AHmJWjOR2okPEN3jdOjUBFKmyiDyZpehMJBl_mUjuWpvrEHA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVElgACnFcgovLel4ond2tH281d05yL2ZKb8guhRXZiQbgoPlGHxwGfCut20KdhS0G1tpxNazZ4spP_TOGpW98Y_7AHmJWjOR2okPEN3jdOjUBFKmyiDyZpehMJBl_mUjuWpvrEHA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.rqrkOqLJOQw.es5.O/am=EAY/d=1/rs=AJlcJMyNL5UFL2KHy0i3yC-ycdYZdBDpCQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6ZnHQC9bGXN3UIvZGfBBoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jun 2024 22:06:28 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6ZnHQC9bGXN3UIvZGfBBoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hk_KXNbAIXDs-_w6jkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDC31DMzjCwwAhigsdg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
slick_slider_1718701551140.js
cdn.userway.org/widgetapp/2024-06-18-09-05-51/remediation/ 		0
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:28 GMT
x-amz-request-id
RCYMRYSV20EHDTV5
age
2687
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
+TPZjngwSvkYDAJxqKc4hQAtGl498O09TUSKdZwYswTIBQeWnd9oyDDpsecIS+2/Oa1wdq1eTTY=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1718921189.587799,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
61
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
6767
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:28 GMT
x-amz-request-id
7ZTP7M80WJNDDANV
age
9762
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
htBgcTPK92hDtooU8aLGrn47qveQVSzKU2Z9N49H1hpGEcq436fYC7Lbxr+6FQRU5VNeZTNitn0=
x-served-by
cache-mrs10558-MRS
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1718921189.587980,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
90
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
19207
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240613-38-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Jun 2024 22:06:28 GMT
x-amz-request-id
0X1R86FCF7Q1YCCW
age
12389
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
MO3lLvHqsUnQyLgOdAx+eOs/WPolbgSNgI7HXapzlfp4/WxBYoizWYAOU/VctMzxp8k9j+fcqzY=
x-served-by
cache-mrs10558-MRS
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1718921189.587961,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
46
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
21875
/
pips.taboola.com/ 		4 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mrs10539-MRS
date
Thu, 20 Jun 2024 22:06:28 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.vesty.co.il
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 93C3 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstL8U7qJFMLbWcXlzCs44YQR5CZ-B8R3fYjaqDfzk_bO-iO02BA_6gNPXr-um6WyXGiZz8NAd7D117OWWMVyseeeLVItz2TxVhirBvvnUkdRohyr-qT23_OJGSdgmtHCqLsNnDUFG9KcEUvK1_8xvoq7wJR6Nj_UXaDSmqx7g&sig=Cg0ArKJSzPRrpizk5gOkEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=273824712&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1485398700&rst=1718921187197&rpt=644&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI2LjAuNjQ3OC4xMTQ=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI2&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI2&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 20 Jun 2024 22:06:29 GMT
cache-control
no-store
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 33FE 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTZRcUaNSeWAjvDIlvPJuVwvCcJKDdbAQOC85X8QJw75G-wAp2MtOaDnpG4BX3UC_eGiYRt9ZqB6BzbaUjC9FVPt3Kl3BUFugbHD8UfV_FuaPQX7OMA9VPYFhmhIboW_0Te3M3Fex0PvzV-uyixapPx9EQZra9p2gx2gF5UA&sig=Cg0ArKJSzKjFPTkbi81WEAE&id=lidar2&mcvt=1001&p=906,810,1156,1110&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=886418757&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1485398700&rst=1718921187128&rpt=767&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3DD0 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtQgz_TqK5Q8SXABvNwea1ifTKvqO5i-p-LO3m3aW8hS-Q0ONa_NVStYtN2KsHBC7nbxLqp8X8N6It3TlT96bkbMpSu419vVHGkZMxoYdszVD4G8KwOEnxI7Ym5HKdsgW2tdV7d9wapwPgYLH157JyVtT54sJ62lp66AEhxg&sig=Cg0ArKJSzHyg6Wi7JLfIEAE&id=lidar2&mcvt=1003&p=5,204,255,1396&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4127172794&rs=4&la=1&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1485398700&rst=1718921187109&rpt=810&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 38E5 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBA6Bt9ZB2wo85r4kzjfbp402278eQSSqWwT8PCxW4m5gFlBjt7BNHJ8liezYOTIwB9HIyRLN83yTbHDxukClYrSlKaPkSlkoZQfgjgdCw0dNYHTqYPtUpRyvJoR1j6N2JdqeL9BDVBaDJ9VPL4fab0We5q4d0GVs58SOCHg&sig=Cg0ArKJSzBxU6IiAnpKCEAE&id=lidar2&mcvt=1005&p=906,1120,1156,1420&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2427552119&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1485398700&rst=1718921187142&rpt=774&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 433F 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufH2y5Ve6UijiDhagAPIVuAb-GZmyaBHsU4KOs_nhfAKRPICspYgsC-n2aMkQoZu0lU4SCa794MWN8ErLYfVkb3ziv4Tt0jqmJU1vfgFy2TNcG7WNzwQA2v4IvFRZL8VeVcg6SCJDPI0rCQpTN8ysbN7MGSvnPUnIxb82tbw&sig=Cg0ArKJSzFbmDu6ZQI-5EAE&id=lidar2&mcvt=1008&p=0,1440,600,1600&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2495267343&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1485398700&rst=1718921187209&rpt=663&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alts.json
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN2228804.2069703TABOOLA%2FB31903165.394063426%3Bdc_trk_aid%3D585699809%3Bdc_trk_cid%3D215204199%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D0%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_tdv%3D1%3F%3Bdc_ref%3Dvesty.co.il%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2012%2F07%2F15%2F4041792%2F4041792_0_0_1000_663_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D1%83%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D0%B8%D0%B5%D0%B9%20%D0%B2%20%D0%A5%D0%B0%D0%B4%D0%B5%D1%80%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2017%2F09%2F03%2F8009615%2F8009615_0_0_183_103_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A4%D0%BE%D1%82%D0%BE%3A%20shutterstock%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2018%2F02%2F28%2F8377351%2F8377351_0_0_465_264_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A8%D0%B5%D0%B9%D0%BA%20%5C%22%D0%A1%D0%BD%D0%B8%D0%BA%D0%B5%D1%80%D1%81%5C%22.%20%D0%A4%D0%BE%D1%82%D0%BE%3A%20%D0%94%D0%B0%D0%BD%D0%B8%D1%8D%D0%BB%D1%8C%20%D0%9B%D0%B0%D0%B9%D0%BB%D0%B0%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2018%2F09%2F14%2F8771991%2F8771991_0_70_1300_732_0_medium.jpg%22%2C%22alt%22%3A%22%D7%AA%D7%A0%D7%95%D7%A2%D7%AA%20%D7%94%D7%A6%D7%95%D7%A4%D7%99%D7%9D%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2020%2F10%2F25%2FrJkEP3Guw%2FrJkEP3Guw_2_209_979_552_0_medium.jpg%22%2C%22alt%22%3A%22%D0%91%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%D1%8F%20%D0%B0%D0%BB%D0%B8%D1%8F.%2030%20%D0%BB%D0%B5%D1%82%20%D1%81%D0%BF%D1%83%D1%81%D1%82%D1%8F%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2021%2F02%2F15%2FSJk11D1d11d%2FSJk11D1d11d_0_104_1000_563_0_medium.jpg%22%2C%22alt%22%3A%22%D7%90%D7%99%D7%9C%D7%AA%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2022%2F01%2F05%2FSye6u11r7nY%2FSye6u11r7nY_0_0_980_551_0_medium.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2023%2F05%2F14%2FrkfenXRVh%2FrkfenXRVh_0_0_640_360_0_medium.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2023%2F07%2F23%2FHyF2KU99n%2FHyF2KU99n_0_16_1000_563_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A2%D7%A7%D7%99%D7%A6%D7%94%20%D7%A9%D7%9C%20%D7%99%D7%AA%D7%95%D7%A9%20%D7%A0%D7%9E%D7%A8%20%D7%90%D7%A1%D7%99%D7%99%D7%AA%D7%99%20%D7%9E%D7%9E%D7%A9%D7%A4%D7%97%D7%AA%20%D7%90%D7%93%D7%A1%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F01%2F03%2FH1lXtnGOa%2FH1lXtnGOa_0_0_2042_1148_0_medium.jpg%22%2C%22alt%22%3A%2224%2F7%20%D0%92%D1%81%D0%B5%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%BE%D0%B4%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B5%D0%BD%D1%82%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F02%2F12%2FryeIFwwDoa%2FryeIFwwDoa_0_0_980_551_0_medium.jpg%22%2C%22alt%22%3A%22%D0%93%D0%B5%D1%80%D0%BE%D0%B9%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D0%B8%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F02%2F29%2FrJBOxJAna%2FrJBOxJAna_0_0_980_551_0_medium.jpg%22%2C%22alt%22%3A%22%D0%9A%D1%83%D0%B4%D0%B0%20%D0%BF%D0%BE%D0%B5%D1%85%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B2%D1%8B%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F04%2F09%2FB1ZYQOGxA%2FB1ZYQOGxA_0_377_1200_675_0_medium.jpg%22%2C%22alt%22%3A%22%D0%94%D0%BE%D0%BA%D1%82%D0%BE%D1%80%20%D0%AE%D1%80%D0%B8%D0%B9%20%D0%A1%D1%83%D0%BF%D0%BE%D0%BD%D0%B8%D1%86%D0%BA%D0%B8%D0%B9%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F05%2F29%2FBJZoV9VN0%2FBJZoV9VN0_2_0_2041_1148_0_medium.jpg%22%2C%22alt%22%3A%22%D0%90%D0%BF%D0%BF%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D1%8F%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.40 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
824291365.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=604800
date
Thu, 20 Jun 2024 22:06:29 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggBw7WvJwAACAHUZjgRAAA
x-77-nzt-ray
25b021317e6c8b90e5a774663809e130
x-77-pop
frankfurtDE
x-service-version
img-dscr-srv-608f37d5
alts.json
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F05%2F29%2FBkqrZMHE0%2FBkqrZMHE0_144_239_1650_928_0_medium.jpg%22%2C%22alt%22%3A%22%D0%93%D1%80%D1%83%D0%BF%D0%BF%D0%B0%20Voca%20People%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F10%2FSJCkmeNrA%2FSJCkmeNrA_29_0_667_375_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A6%D0%90%D0%A5%D0%90%D0%9B%20%D0%B2%20%D0%93%D0%B0%D0%B7%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F12%2FHkEBxgwHC%2FHkEBxgwHC_0_216_3000_1688_0_medium.jpg%22%2C%22alt%22%3A%22%D7%9E%D7%97%D7%A0%D7%94%20%D7%94%D7%A4%D7%9C%D7%99%D7%98%D7%99%D7%9D%20%D7%92%27%D7%91%D7%90%D7%9C%D7%99%D7%94%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F18%2FH1x4S11S1UA%2FH1x4S11S1UA_0_0_1280_720_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A2%D7%9E%D7%99%D7%AA%20%D7%A1%D7%95%D7%A1%D7%A0%D7%94%20%D7%A2%D7%9D%20%D7%A4%D7%A8%D7%95%D7%A4%27%20%D7%A1%D7%99%D7%92%D7%9C%20%D7%A1%D7%93%D7%A6%D7%A7%D7%99%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F18%2Frylh8riRS0%2Frylh8riRS0_0_0_850_479_0_medium.jpg%22%2C%22alt%22%3A%22%D7%93%5C%22%D7%A8%20%D7%98%D7%9C%20%D7%95%D7%99%D7%99%D7%A1%D7%91%D7%90%D7%9A%20%D7%A0%D7%A4%D7%92%D7%A2%D7%94%20%D7%9E%D7%9B%D7%AA%5C%22%D7%96%D7%99%D7%AA%20%D7%9C%D7%99%D7%93%20%D7%91%D7%99%D7%AA%20%D7%A8%D7%90%D7%A9%20%D7%94%D7%9E%D7%9E%D7%A9%D7%9C%D7%94%20%D7%A8%D7%97%D7%95%D7%91%20%D7%A2%D7%96%D7%94%20%D7%99%D7%A8%D7%95%D7%A9%D7%9C%D7%99%D7%9D%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F19%2FHJZHwVeIA%2FHJZHwVeIA_0_535_1200_675_0_medium.jpg%22%2C%22alt%22%3A%22C%D1%82%D0%B0%D1%81%20%D0%94%D0%B0%D0%B2%D1%8B%D0%B4%D0%BE%D0%B2%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F19%2FHySGSpgI0%2FHySGSpgI0_0_275_3000_1688_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A9%D7%90%D7%A7%D7%99%D7%A8%D7%99%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FB1lBsW00ZUA%2FB1lBsW00ZUA_124_76_867_488_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A2%D7%A7%D7%99%D7%A6%D7%AA%20%D7%99%D7%AA%D7%95%D7%A9%D7%AA%20%D7%94%D7%91%D7%99%D7%AA%20%D7%99%D7%AA%D7%95%D7%A9%20%D7%94%D7%91%D7%99%D7%AA%20%D7%A7%D7%95%D7%9C%D7%A7%D7%A1%20Culex%20pipiens%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FByeZhRWLC%2FByeZhRWLC_0_0_850_479_0_x-large.jpg%22%2C%22alt%22%3A%22%D7%A0%D7%90%D7%95%D7%9D%20%D7%A0%D7%A1%D7%A8%D7%90%D7%9C%D7%9C%D7%94%20%D7%91%D7%9E%D7%A1%D7%92%D7%A8%D7%AA%20%D7%98%D7%A7%D7%A1%20%D7%9C%D7%96%D7%9B%D7%A8%D7%95%20%D7%A9%D7%9C%20%D7%9E%D7%97%D7%9E%D7%93%20%D7%A8%D7%96%D7%90%20%D7%96%D7%90%D7%94%D7%93%D7%99%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FByUT8uZ8A%2FByUT8uZ8A_0_7_367_207_0_medium.jpg%22%2C%22alt%22%3A%22%D7%90%D7%92%D7%9D%20%D7%91%D7%95%D7%97%D7%91%D7%95%D7%98%20%D7%94%D7%95%D7%A4%D7%A2%D7%94%20%D7%91%D7%90%D7%A8%20%D7%98%D7%95%D7%91%D7%99%D7%94%20%D7%A0%D7%A2%D7%A8%20%D7%9E%D7%A9%D7%9A%20%D7%91%D7%A9%D7%99%D7%A2%D7%A8%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FrJlKA11MLC%2FrJlKA11MLC_0_183_1280_721_0_medium.jpg%22%2C%22alt%22%3A%22%D7%94%D7%A4%D7%92%D7%A0%D7%94%20%D7%91%D7%A7%D7%99%D7%A1%D7%A8%D7%99%D7%94%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2Frk9K00abIR%2Frk9K00abIR_0_0_850_479_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A6%D7%97%D7%99%20%D7%94%D7%A0%D7%92%D7%91%D7%99%20%2C%20%D7%95%D7%A8%D7%95%D7%9F%20%D7%93%D7%A8%D7%9E%D7%A8%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FSysuZnWUR%2FSysuZnWUR_0_0_1000_563_0_medium.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fpicserver5%2Fwcm_upload%2F2023%2F01%2F10%2FSy811PC5qj%2F____.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.40 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
824291365.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.vesty.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=604800
date
Thu, 20 Jun 2024 22:06:30 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggBw7WvJwAACAGckiEfAAA
x-77-nzt-ray
25b021317e6c8b90e5a774668c95d530
x-77-pop
frankfurtDE
x-service-version
img-dscr-srv-608f37d5
alts.json
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fad.doubleclick.net%2Fddm%2Ftrackimp%2FN2228804.2069703TABOOLA%2FB31903165.394063426%3Bdc_trk_aid%3D585699809%3Bdc_trk_cid%3D215204199%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bgdpr%3D0%3Bgdpr_consent%3D%3Bltd%3D%3Bdc_tdv%3D1%3F%3Bdc_ref%3Dvesty.co.il%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2012%2F07%2F15%2F4041792%2F4041792_0_0_1000_663_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A6%D0%B5%D0%BD%D1%82%D1%80%20%D1%83%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D1%86%D0%B8%D0%B5%D0%B9%20%D0%B2%20%D0%A5%D0%B0%D0%B4%D0%B5%D1%80%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2017%2F09%2F03%2F8009615%2F8009615_0_0_183_103_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A4%D0%BE%D1%82%D0%BE%3A%20shutterstock%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2018%2F02%2F28%2F8377351%2F8377351_0_0_465_264_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A8%D0%B5%D0%B9%D0%BA%20%5C%22%D0%A1%D0%BD%D0%B8%D0%BA%D0%B5%D1%80%D1%81%5C%22.%20%D0%A4%D0%BE%D1%82%D0%BE%3A%20%D0%94%D0%B0%D0%BD%D0%B8%D1%8D%D0%BB%D1%8C%20%D0%9B%D0%B0%D0%B9%D0%BB%D0%B0%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2018%2F09%2F14%2F8771991%2F8771991_0_70_1300_732_0_medium.jpg%22%2C%22alt%22%3A%22%D7%AA%D7%A0%D7%95%D7%A2%D7%AA%20%D7%94%D7%A6%D7%95%D7%A4%D7%99%D7%9D%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2020%2F10%2F25%2FrJkEP3Guw%2FrJkEP3Guw_2_209_979_552_0_medium.jpg%22%2C%22alt%22%3A%22%D0%91%D0%BE%D0%BB%D1%8C%D1%88%D0%B0%D1%8F%20%D0%B0%D0%BB%D0%B8%D1%8F.%2030%20%D0%BB%D0%B5%D1%82%20%D1%81%D0%BF%D1%83%D1%81%D1%82%D1%8F%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2021%2F02%2F15%2FSJk11D1d11d%2FSJk11D1d11d_0_104_1000_563_0_medium.jpg%22%2C%22alt%22%3A%22%D7%90%D7%99%D7%9C%D7%AA%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2022%2F01%2F05%2FSye6u11r7nY%2FSye6u11r7nY_0_0_980_551_0_medium.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2023%2F05%2F14%2FrkfenXRVh%2FrkfenXRVh_0_0_640_360_0_medium.jpg%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2023%2F07%2F23%2FHyF2KU99n%2FHyF2KU99n_0_16_1000_563_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A2%D7%A7%D7%99%D7%A6%D7%94%20%D7%A9%D7%9C%20%D7%99%D7%AA%D7%95%D7%A9%20%D7%A0%D7%9E%D7%A8%20%D7%90%D7%A1%D7%99%D7%99%D7%AA%D7%99%20%D7%9E%D7%9E%D7%A9%D7%A4%D7%97%D7%AA%20%D7%90%D7%93%D7%A1%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F01%2F03%2FH1lXtnGOa%2FH1lXtnGOa_0_0_2042_1148_0_medium.jpg%22%2C%22alt%22%3A%2224%2F7%20%D0%92%D1%81%D0%B5%20%D1%81%D1%82%D0%B0%D1%82%D1%8C%D0%B8%20%D0%B4%D0%BD%D1%8F%20%D0%B2%20%D0%BE%D0%B4%D0%BD%D0%BE%D0%B9%20%D0%BB%D0%B5%D0%BD%D1%82%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F02%2F12%2FryeIFwwDoa%2FryeIFwwDoa_0_0_980_551_0_medium.jpg%22%2C%22alt%22%3A%22%D0%93%D0%B5%D1%80%D0%BE%D0%B9%20%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D0%B8%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F02%2F29%2FrJBOxJAna%2FrJBOxJAna_0_0_980_551_0_medium.jpg%22%2C%22alt%22%3A%22%D0%9A%D1%83%D0%B4%D0%B0%20%D0%BF%D0%BE%D0%B5%D1%85%D0%B0%D1%82%D1%8C%20%D0%B2%20%D0%B2%D1%8B%D1%85%D0%BE%D0%B4%D0%BD%D1%8B%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F04%2F09%2FB1ZYQOGxA%2FB1ZYQOGxA_0_377_1200_675_0_medium.jpg%22%2C%22alt%22%3A%22%D0%94%D0%BE%D0%BA%D1%82%D0%BE%D1%80%20%D0%AE%D1%80%D0%B8%D0%B9%20%D0%A1%D1%83%D0%BF%D0%BE%D0%BD%D0%B8%D1%86%D0%BA%D0%B8%D0%B9%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F05%2F29%2FBJZoV9VN0%2FBJZoV9VN0_2_0_2041_1148_0_medium.jpg%22%2C%22alt%22%3A%22%D0%90%D0%BF%D0%BF%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D1%8F%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-18-09-05-51/paid/remediation-tool.js?ts=1718701551140
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.40 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
824291365.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
3c94c4422769ef446bc25f0b2fbdac7031bfee13c571622024d59e38dc9f5d2b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:30 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
MISS
x-accel-date
1718917985
alt-svc
h3=":443"; ma=86400
x-service-version
img-dscr-srv-608f37d5
x-77-nzt
EggBw7WvJwFBDAHUZjgRAfeFDAAA
x-accel-expires
@1719522785
x-77-age
3205
server
CDN77-Turbo
etag
W/"10b2-WLJAnElRnuMIJuzbSdtLYwGT/pQ"
x-77-nzt-ray
25b021317e6c8b90e6a774665cd54f07
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=604800
vary
Accept-Encoding
access-control-allow-headers
*
alts.json
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F05%2F29%2FBkqrZMHE0%2FBkqrZMHE0_144_239_1650_928_0_medium.jpg%22%2C%22alt%22%3A%22%D0%93%D1%80%D1%83%D0%BF%D0%BF%D0%B0%20Voca%20People%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F10%2FSJCkmeNrA%2FSJCkmeNrA_29_0_667_375_0_medium.jpg%22%2C%22alt%22%3A%22%D0%A6%D0%90%D0%A5%D0%90%D0%9B%20%D0%B2%20%D0%93%D0%B0%D0%B7%D0%B5%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F12%2FHkEBxgwHC%2FHkEBxgwHC_0_216_3000_1688_0_medium.jpg%22%2C%22alt%22%3A%22%D7%9E%D7%97%D7%A0%D7%94%20%D7%94%D7%A4%D7%9C%D7%99%D7%98%D7%99%D7%9D%20%D7%92%27%D7%91%D7%90%D7%9C%D7%99%D7%94%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F18%2FH1x4S11S1UA%2FH1x4S11S1UA_0_0_1280_720_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A2%D7%9E%D7%99%D7%AA%20%D7%A1%D7%95%D7%A1%D7%A0%D7%94%20%D7%A2%D7%9D%20%D7%A4%D7%A8%D7%95%D7%A4%27%20%D7%A1%D7%99%D7%92%D7%9C%20%D7%A1%D7%93%D7%A6%D7%A7%D7%99%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F18%2Frylh8riRS0%2Frylh8riRS0_0_0_850_479_0_medium.jpg%22%2C%22alt%22%3A%22%D7%93%5C%22%D7%A8%20%D7%98%D7%9C%20%D7%95%D7%99%D7%99%D7%A1%D7%91%D7%90%D7%9A%20%D7%A0%D7%A4%D7%92%D7%A2%D7%94%20%D7%9E%D7%9B%D7%AA%5C%22%D7%96%D7%99%D7%AA%20%D7%9C%D7%99%D7%93%20%D7%91%D7%99%D7%AA%20%D7%A8%D7%90%D7%A9%20%D7%94%D7%9E%D7%9E%D7%A9%D7%9C%D7%94%20%D7%A8%D7%97%D7%95%D7%91%20%D7%A2%D7%96%D7%94%20%D7%99%D7%A8%D7%95%D7%A9%D7%9C%D7%99%D7%9D%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F19%2FHJZHwVeIA%2FHJZHwVeIA_0_535_1200_675_0_medium.jpg%22%2C%22alt%22%3A%22C%D1%82%D0%B0%D1%81%20%D0%94%D0%B0%D0%B2%D1%8B%D0%B4%D0%BE%D0%B2%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F19%2FHySGSpgI0%2FHySGSpgI0_0_275_3000_1688_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A9%D7%90%D7%A7%D7%99%D7%A8%D7%99%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FB1lBsW00ZUA%2FB1lBsW00ZUA_124_76_867_488_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A2%D7%A7%D7%99%D7%A6%D7%AA%20%D7%99%D7%AA%D7%95%D7%A9%D7%AA%20%D7%94%D7%91%D7%99%D7%AA%20%D7%99%D7%AA%D7%95%D7%A9%20%D7%94%D7%91%D7%99%D7%AA%20%D7%A7%D7%95%D7%9C%D7%A7%D7%A1%20Culex%20pipiens%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FByeZhRWLC%2FByeZhRWLC_0_0_850_479_0_x-large.jpg%22%2C%22alt%22%3A%22%D7%A0%D7%90%D7%95%D7%9D%20%D7%A0%D7%A1%D7%A8%D7%90%D7%9C%D7%9C%D7%94%20%D7%91%D7%9E%D7%A1%D7%92%D7%A8%D7%AA%20%D7%98%D7%A7%D7%A1%20%D7%9C%D7%96%D7%9B%D7%A8%D7%95%20%D7%A9%D7%9C%20%D7%9E%D7%97%D7%9E%D7%93%20%D7%A8%D7%96%D7%90%20%D7%96%D7%90%D7%94%D7%93%D7%99%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FByUT8uZ8A%2FByUT8uZ8A_0_7_367_207_0_medium.jpg%22%2C%22alt%22%3A%22%D7%90%D7%92%D7%9D%20%D7%91%D7%95%D7%97%D7%91%D7%95%D7%98%20%D7%94%D7%95%D7%A4%D7%A2%D7%94%20%D7%91%D7%90%D7%A8%20%D7%98%D7%95%D7%91%D7%99%D7%94%20%D7%A0%D7%A2%D7%A8%20%D7%9E%D7%A9%D7%9A%20%D7%91%D7%A9%D7%99%D7%A2%D7%A8%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FrJlKA11MLC%2FrJlKA11MLC_0_183_1280_721_0_medium.jpg%22%2C%22alt%22%3A%22%D7%94%D7%A4%D7%92%D7%A0%D7%94%20%D7%91%D7%A7%D7%99%D7%A1%D7%A8%D7%99%D7%94%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2Frk9K00abIR%2Frk9K00abIR_0_0_850_479_0_medium.jpg%22%2C%22alt%22%3A%22%D7%A6%D7%97%D7%99%20%D7%94%D7%A0%D7%92%D7%91%D7%99%20%2C%20%D7%95%D7%A8%D7%95%D7%9F%20%D7%93%D7%A8%D7%9E%D7%A8%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2024%2F06%2F20%2FSysuZnWUR%2FSysuZnWUR_0_0_1000_563_0_medium.jpg%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fpicserver5%2Fwcm_upload%2F2023%2F01%2F10%2FSy811PC5qj%2F____.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-18-09-05-51/paid/remediation-tool.js?ts=1718701551140
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
195.181.175.40 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
824291365.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
087c6344dcf759b6295b7a759e58cb7a3b984789b43a32f74f21e928cefa4052

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-77-pop
frankfurtDE
date
Thu, 20 Jun 2024 22:06:30 GMT
content-encoding
gzip
x-accel-date-max
1718914522
x-77-cache
HIT
x-cache
HIT
x-age
6668
x-accel-date
1718914522
alt-svc
h3=":443"; ma=86400
x-service-version
img-dscr-srv-608f37d5
x-77-nzt
EgwBw7WvJwH3DBoAAAwBnJIhHwH3XAEAAA
x-accel-expires
@1719518974
x-77-age
6668
server
CDN77-Turbo
etag
W/"e30-5cH4ar3QydqLjzMXiDBQabJuLsk"
x-77-nzt-ray
25b02131c08e15b0e6a77466a3634d19
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=604800
vary
Accept-Encoding
access-control-allow-headers
*
2572728
api.userway.org/api/br-links/v0/contribute/ 		51 B
429 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/contribute/2572728
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-18-09-05-51/paid/remediation-tool.js?ts=1718701551140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.241.96.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-96-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:30 GMT
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
51
x-service-version
apps-ddb67952
2572728
api.userway.org/api/br-links/v0/links/ 		1 KB
898 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links/2572728
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-06-18-09-05-51/paid/remediation-tool.js?ts=1718701551140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.241.96.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-96-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0804360afa5d4ff69398f715bf28fa0488bc35d77db5649d50b3101943448fde

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:30 GMT
content-encoding
gzip
etag
W/"41a-4nwYszr/5BmH72uE/8uKq/tMQco"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
vary
Accept-Encoding
access-control-allow-headers
*
x-service-version
apps-ddb67952
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.vesty.co.il%2Fmain/DESKTOP/WIDGET_ON/ 		77 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.vesty.co.il%2Fmain/DESKTOP/WIDGET_ON/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/widget_app_base_1718701551140.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.241.96.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-96-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 22:06:32 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-e487c77f
csi
csi.gstatic.com/ 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lxntal5g&ctx=0&met.9=1.10a~2.1r6&met.3=112.3j7_1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.67 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.vesty.co.il/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 20 Jun 2024 22:06:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.flowplayer.com
URL
https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Domain
ads.google.com
URL
https://ads.google.com/
Domain
cdn.userway.org
URL
https://cdn.userway.org/widgetapp/2024-06-18-09-05-51/remediation/slick_slider_1718701551140.js

Verdicts & Comments Add Verdict or Comment

269 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 undefined| event object| fence object| sharedStorage object| dataLayer function| _isMobile boolean| isMobile1 string| defaultNativeVideoType string| dcPath object| dcTags string| dcContentID object| googletag string| gen_ban object| general_banners_divs string| gen_ban_size object| general_banners_divs_sizes boolean| page_800 string| dcBgColor string| dcGeo string| ParentCategory string| dcCG string| dcSite number| dcLoadAds number| Dc_refresh_all number| Dc_refresh_jumbo number| Dc_refresh_ozen string| gptVer string| gptCtv string| new_gpt string| newMedia string| browsi_on_gpt string| browsi_prebid string| show_truvid_mobile string| show_truvid_desktop string| adx_interstitial_mobile string| amazon_header_bidding object| ggeac object| google_tag_data object| google_js_reporting_queue object| regeneratorRuntime function| CloseSargel object| AdUnit_template_functions function| video_off object| AdUnit_properties function| renderAd function| closeTransitions function| handlecss object| Templates function| CreativeTemplates object| TemplatesConsole object| __core-js_shared__ string| video_ad_iu_mobile string| video_analytics_src string| video_ad_iu string| video_ad_description_url string| video_ad_yncd object| YITSiteWidgets function| flowplayer object| _flowplayerTimekeeper number| isGa4 object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event function| cnc object| pcode_1047751_default_TnnWZbwArt object| Ya object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds boolean| yandex_context_perf_logging number| pr function| AdFox_getCodeScript object| ya object| yaads object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive function| $ function| jQuery string| fpToken string| analyticsCode string| WCM_POPULARITY_LINK string| siteID object| _taboola function| IframeLightbox undefined| waitForElement boolean| closeBigAd string| dateFormat string| timezone string| languageCode object| currentPlayingYoutubePlayer object| YoutubeAPIControlller function| controlTickerAnimation boolean| isAbroad object| interstitialSlot object| _pageRefresher function| pageRefreshDisable function| pageRefreshEnable function| pushGa4DataLayer object| webpackJsonp object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| _ object| dmp object| IDXSurvey undefined| google_measure_js_timing object| google_reactive_ads_global_state object| $sf object| yaSafeFrameAsyncCallbacks object| UserWayWidgetApp object| __cfBeacon object| AdUnitFunctionsClassObj object| AdUnitPropertiesClassobj function| collectGa4DataFromDomElements object| TRC function| _typeof object| _tblConsole undefined| msg object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| __bt object| __bt_intrnl object| __bt_tag_d function| onYouTubeIframeAPIReady object| gaGlobal object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NWM3ZjQyMGE5MWNjMjQ2Y2xvYWRlcl9qcw== string| NWM3ZjQyMGE5MWNjMjQ2Y2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state number| google_unique_id object| gaplugins object| gaData object| taboolaElementCategory object| taboolaElementArticle boolean| __bt_already_invoked string| nam object| placementData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| criteo_pubtag object| criteo_identitytag_154 object| Criteo object| Criteo_identitytag_154 object| UserWay object| interdeal function| __awaiter function| __generator boolean| 9e9ab4fb-9191-45b4-8740-16a0421f3ed7 function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

33 Cookies

Domain/Path Name / Value
.taboola.com/ynet-vesty/ Name: taboola_session_id
Value: v2_74ab49bd0e80353d5069a849c3726e7e_beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62_1718921186_1718921186_CIi3jgYQyYtDGPKVv72DMiABKAEwZjiI6wpAsJAQSLzS2ANQ____________AVgAYABo4uPVg8u34P65AXAB
cdn.taboola.com/ Name: abLdr
Value: 18
www.vesty.co.il/ Name: dcsyncundefined
Value: true
www.vesty.co.il/ Name: tmcundefined
Value: 1
.vesty.co.il/ Name: _gcl_au
Value: 1.1.262603538.1718921186
.vesty.co.il/ Name: _ga_HBGSDK9P6D
Value: GS1.1.1718921186.1.0.1718921186.60.0.1298040031
.vesty.co.il/ Name: _ga
Value: GA1.3.1733805880.1718921186
.vesty.co.il/ Name: _gid
Value: GA1.3.1944694964.1718921186
.vesty.co.il/ Name: _dc_gtm_UA-5536870-20
Value: 1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.taboola.com/ Name: t_gid
Value: beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62
.taboola.com/ Name: t_pt_gid
Value: beb0e9e1-63f6-475f-ae2d-5f6fa6e3a759-tuctd6e2d62
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
.youtube.com/ Name: YSC
Value: bCyoCZcibJg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: dk_bj-cjPFk
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJJTBIEGgAgZw%3D%3D
.vesty.co.il/ Name: _fbp
Value: fb.2.1718921186680.765242421220583920
.dxmdp.com/ Name: dmpid
Value: 306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
.vesty.co.il/ Name: dmp-FE-cookie-dmpid
Value: 306ec4d0-e7ad-49c1-9ce8-2f684b2303d6
.doubleclick.net/ Name: APC
Value: AfxxVi7InffFAIB8DC09Ywy9MlY9tTiTE7b_N0P7wQqjNn2WYaPClg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.vesty.co.il/ Name: __gads
Value: ID=7c9ab217dfcb4a89:T=1718921186:RT=1718921186:S=ALNI_MYfQWi5GettBlw9-BYg8hdeuddztw
.vesty.co.il/ Name: __gpi
Value: UID=00000e5f2e9f815d:T=1718921186:RT=1718921186:S=ALNI_MaMhTYuNSPKpWXNTl5nuDi-uRJ6gw
.vesty.co.il/ Name: __eoi
Value: ID=4b0d1d7932c1555e:T=1718921186:RT=1718921186:S=AA-AfjZn9IR0fxfltwPNJC35DYld
.dxmdp.com/ Name: sdkFlag
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.vesty.co.il/ Name: dmp-FE-cookie-ts
Value: 1718886089384
.doubleclick.net/ Name: IDE
Value: AHWqTUnuAxVdQ8SXZ_HXHZ6FmbH-UGUei1YNtUCUlIaUadUBc29NBVcprDS9NecR
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMPS
Value: 4991
.vesty.co.il/ Name: FCNEC
Value: %5B%5B%22AKsRol9BEyE8MFE4ja2JxxnEofZMIaorj59m3Q5NWo6tKta9dRsjXurp0HpGmY6gb-on6ft6Rz2tpneTODoYTmAC5-XVB1yoIFf5gxcIvYqw9wdwvna1iPuMlyL-Xe_eS59-oLhrwhkfAXVOjFkUsi3rzjeY-yA6rA%3D%3D%22%5D%5D
.casalemedia.com/ Name: CMID
Value: ZnSn44sFVcgAABF2ALKR-wAA
.casalemedia.com/ Name: CMPRO
Value: 4880

3 Console Messages

Source Level URL
Text
javascript error URL: https://www.vesty.co.il/main
Message:
Access to fetch at 'https://ads.google.com/' from origin 'https://www.vesty.co.il' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://ads.google.com/
Message:
Failed to load resource: net::ERR_FAILED
rendering warning URL: https://www.vesty.co.il/main
Message:
[.WebGL-0x8e801d2cd00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06886738050f922b5511a953b816db13.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
ads.google.com
analytics.google.com
api.btloader.com
api.userway.org
btloader.com
cdn.flowplayer.com
cdn.taboola.com
cdn.userway.org
cdn77.api.userway.org
cds.taboola.com
cf.dxmcdn.com
connect.facebook.net
csi.gstatic.com
event.dxmdp.com
fundingchoicesmessages.google.com
gum.criteo.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
invstatic101.creativecdn.com
mrb.upapi.net
pagead2.googlesyndication.com
pips.taboola.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tags.dxmdp.com
totalmedia2.ynet.co.il
tpc.googlesyndication.com
tr.dxmcdn.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.vesty.co.il
www.ynetnews.com
www.youtube.com
yandex.ru
yastatic.net
ynet-pic1.yit.co.il
ads.google.com
cdn.flowplayer.com
cdn.userway.org
104.16.80.73
104.18.3.189
104.18.6.158
104.22.75.216
104.26.2.70
104.26.9.27
13.32.27.106
13.32.99.13
130.211.23.194
141.226.224.32
142.250.181.226
142.250.184.194
142.250.184.195
142.250.184.228
142.250.184.238
142.250.185.102
142.250.185.161
142.250.185.168
142.250.185.174
142.250.186.142
142.250.186.42
143.204.98.71
151.101.129.44
151.101.193.44
156.146.33.141
157.240.252.13
157.240.252.35
172.217.16.194
172.217.22.67
178.154.131.217
178.250.1.11
178.250.1.3
18.172.112.121
18.66.112.5
185.106.33.48
195.181.175.40
216.58.206.33
216.58.212.142
34.96.70.87
44.241.96.50
5.255.255.77
64.233.184.156
72.247.165.243
003241d1a155418bef20320f23819a7234f1c4ee67f8f9f1cd4c788184b46031
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0804360afa5d4ff69398f715bf28fa0488bc35d77db5649d50b3101943448fde
087c6344dcf759b6295b7a759e58cb7a3b984789b43a32f74f21e928cefa4052
0be5b73c2bc6bfebf5393a50d7575341b01da28f39b59d06e67fb88d641a00bc
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0d3e08b690ccc235eda67e9de273af4e5d4e754d56bc4418175eb0d1a46f5551
0d63746b8f87a688f836fd6abf78fda80ab76dee5a0b61830f93db09331b82e9
0eeabaeb46570908443932d2b15f20d9c8cdd510f9bcc540f2821a6a7d1bb9fa
1100fa96bd3e19c286b7f41f7bbbbb8b73bc4d757ed0f5843380fe25e62fec34
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12d3ca8c01dad1e1a0617524f0b926554459456f507e34944f3ebc16e9dd1a36
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a67ee75b1912121c9bd17376c96ddf752758d76c2cdf775e6426d6a079554ba
1bb878ac4c89b964506e58d71a5ad2c455e8b6275b198251e8627215f669c781
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d7fb3edfc57e64e75db3fb16df9dec0a04c7861a20946e9945e4c69db474ee1
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394
1f58d463f9f9bba6faad4742ac1366ef910498be3dde0fd167542d0819d52b02
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
226ca92a9f4a043e4a3071f8ec64d7d802530d3507f96869bdadca2dc50e5103
242ba2c79486aadc3f6c498e6690df280b718919e62146a63f49ca75e421363e
26fc05db2e55214cec2f18e92b7464f46723ca346b4f9abcf1d51268f9bdd09a
29ae9e4bee88b1e868e0766db32cdeec66cff6f9b903f5ee1c790910d1ae59c6
2af3eb5f02bf5e977078ade1a27774be79d0e8e31bdd3dc723bc5f48550c2b08
2c4063c64a98777825bc06814a556e7534c58768d16979a977f7db94b8af69f7
2efa9dd0761a777a8ddd3044a0d0091db3e59c186f619528d292f02d411b70ed
30d95d6a7be788d690d54398a4ac74d9d2e64146b2cb0b262f9c5d9a5db8acf3
3122b0fcf621aea5194bb26f72870de9e2dd2ee9e2ed6ecfb8e9cd62cee20cfe
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35b7a964c972607c0477c9df639ecad83f81c8bd152e21d4b28df9a150f4a71f
36136c7125bd305688118c54a59897a0b56628f82c0940d34196c062f84f085f
3617aa3ac953bf6992a9c85f607f2ecb7ae362b8d2ffff1902ba39fda60c1c7f
3772990a0b67d22f939a7b53e68cd5b9b58da3e36bddee8dc0b57a6d6763c0ec
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
397e1fa6b641266ac6537f43be08647287bafc72dff55f1b04d58e464e5c3b74
398bf15529d9c37ce4ff329b1fe0b65f0375c4c1d4c0c95475e71423ce8a8428
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39d756e6e5644c860b4f7ff239e41282be673ad7a7cd832eb42ae1d67180636e
3c94c4422769ef446bc25f0b2fbdac7031bfee13c571622024d59e38dc9f5d2b
3d99dd89083eb0188acd22a716288cadc2d45c381dba12aeef4d091bb74e0c0c
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb
40314fe234e13d05d55b6e2e5bceb7e7a941c83d67fa1ed5921a03c485496608
416e13622f327a53639cfeba605442b167c7f802a70bccd1c25d9af00cbb7d3b
427d2c97c9f8c3b1f45585ba46540d428f6a691d532e969bd36b49d18cd7dcba
446f7c65e1de0a18255d01cecde19deece10b1a141de771a4095d30f9782007e
461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d
47e4dc7f1b1175872ccfd77af5f2b8deb9369da8bf33b126121ae25c5af845e6
4ca6c663d7cd5fb4e8f464fa4e4afb37fb53494090e4c1b20cb073bcc0885852
4d023f5a252c9bc8eba0ac1d24bb5ce6dd2b068b9ec613ae8af24c7e36a3d6a2
5011ede4c1be5271190d87175a5ee617703ff83a3335f78d7013cdffa14b8c10
503d7fa3023423149490e799938a272ecf847c78ac5e7a9aa9f311f06a4983e5
50f333fc1aa942122b5ba5eea88bfff45a33a6d71e7a169383bc02d64097deb5
543bee066850ffda34784bf04f96f06246a16f0a57d64a504fe459177e79056e
5823029c1e1326f93b2c542c32de61a23703538d7a53ee617e31455bd2ebc99b
59aaa87b9ed9ef5fd9f320d5bd3697cb5d6a0b6fcc9850bb530fda7c0b378b58
5e4a50c39b2686986b27382eeb318199e50d7c045bcdeeb016fc3a81a2f3b100
60b7cf4ca82fffabf68603dbca3ff084501419becd7ea18f27801a97ee28d5cc
6128e798458b6680c53ac977e650264f7029e70a8847ff1d87ad57670dd5d750
61321ead031ebfad677d31b5d543987c15ed61ed09be355e74212db666d2c2d6
6173946da8b969a96733b6acd5ca2e1af7d825b6b29a5f6803f478954c1fb602
61bed610fa7683e0b9dbd0387170aee7e10f2b792d76250ddd310fc99520f3fd
647f8ddf5cbbe39c5f0159a427d61896e306fa0cb445ef9aa3d147fcdd8ec5e9
64960c3a834c2272ab7af4585b500ac1bf6e1e50d70b1ac6f955442225626942
66af8a828605b97163bf9f894f61463f4a5b0ec2c1dc4e83e2a9c28d1b674200
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6a1dbdd13673e0396c70eed01d5ec5cf4d5de27ddc5ff5649ce67fde533c7a32
6aaebe577c186a50a1a101fc8b8d3717037e9e06b04411aaa1ab6181ca7820bb
6b4f1810d09ba0318aa589cad3007f0012e3646698e17dbb778a3094575d50c3
6fae11c9c633cff7b1d502c425ad3a3805f08824d583e8109e50e7790b1cc060
70c3ce73daf31d043a2758a009436ffaec8b7bdf66445a61710ff0a03ea6fcc2
80087da8f89f2a1d11045cafd56b19c4d9d78461ae890b9113c4bc29fdc4fbc0
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c8f957f413d616fedb6663e2a9b943a751df81d713e65e27130936062ead965
8fc7e83879340895d1dd4f17d9e5d73e288f61c0e95b696b614427d6a3df2731
90e901fbbc352c09a20013f5e984159ab7373e9695dcc4d3569a589c99a6c67b
925e5d05907f2352289564cb678e837b7e556fce0d7d92e832f47d838f3c7289
9360090461f4defaeb9d276f3d863491bdca64cf86c829bd0bee7430706d5d5a
9390bf77e856d4ae698d32f67866d1661993a588b7deced1616eb10fbfc5abde
94e0cc043779a5f2bfd716ab5c063683710b82cab82bb55819a269710d60e158
9615049edd32a33f0f3f46bc6afc9f0b5dd6f8ca372ee4c94159af10ce8ad9ba
96427e500331e6159f5054e7675dcf50b255f5e85cd7dee7447d0ff580cc2d59
96fc098b3f90ec219d13b8f9be634a75b466a6b2c49a5b05e11e7b799568928a
9731c1a890ffb984b3bd85421a8ad751ecf485c215d4dbb80f204231d80964fc
9874144bf97aa4df77c8feb877dd5e0f29b0d2d86e54d38b0ed8828089b95cf1
9944a9ac4c42a172c437074e30b66fa8e8d6c08ad178c1db65a5a210326df5bb
9dce55037d3b645e36e4f8fc30450dbd8682aac63f7c97d281ba71897a54eed1
9f4b01acc31f3a5203fb1a4d1e3883fb8281e04d8496b57f8c3daa51025c09d3
a27b51f0f695fb3a45828855e1c3699fbbbd6f2423c6be13380649dc2d46b052
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a3cfbb5907650fdc2314ce6544acf9f4c69c21eb0464db44c4566615c09a3d61
a4e88216e4b2485d3a1d2a86a9ff63d2bdb82c739587057e1477d7b12235bd84
a67e00c2e0855e12057849df595409f6e1f3180ed9d7a30c8fe3a12874647936
a6938c731f54eb9cd4c8dfd3d38dafe71c66694bed62f8bae48518ec81181f61
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a9a72654f03de616b6fd58b742dff09a02588726c80f6a1fca5809365b591930
a9eb7e6f83af1ed1e5849f77fffbe871072f5097944ccd1013ad73ed6bfe429a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa8144271fd6b2998969ac2c46b42dd806e99e001710234d4935fd853c016d9a
aab449f057334bce7fea011165a3a981cdde87ff3a17673d593d09883de97c68
ac7c3dd84f3cd7cafadf1b5e77814c98d0439c1fe96f5eaf81f2370d2d155d4e
ad4df0629f019ff6f540277bc1c2446be5a48a246260ac87309da7ec64d53c75
af5463753df076ff288879f0685740bc8b4540a9855096cde2cdbf00041b7750
b2ef79fd7b05000bfb5c0175224fbd3a5428baccc438a8eddef4a52745751b3d
b7634461506f4569594878833ad2df264bca0d7a35f1565b5924ce2788fbde9a
bb9660e33b7ee735b54667073afa686be7203007562b4d1a5df360f3fd30d40a
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd285526e277e5e5c34f7e8ecad20c44f470fa073a099af0f8133e9b02253cbd
c25a3a5676769fcf59cfb84f091511d6d969f096bf0ede5fc05a6b33bc8fa806
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b
c3030a37a33ed5ac24ca66e56964b02e646789903d206bb3723c4c9ddf64459a
c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5729a4a54c6732ad2002f0aae9f8e45f4c270306d6855253e481ebd0a3871c5
c69bcd1f46a800b9187d1204f53bf73b7bba06a2a6bf838b7509259e9041734a
c721ff6b7a55b7e2c6d78a6956d5308f750e9bd6896ee2569955740fdc1c1f4d
c75851b25c8fd20b29272929aa27e3f0a84253100c386dfd9b622d4f16a2b149
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533
c97498704bda9d570f12c36b730b94f0107b968c3f82f56df04dbb24b907a698
ca0ef4dd707b36c62aab8862b6ee6e8b7d0c3945e5cc9998fee0cab075c2aee0
cb0999f71e9cd0b3e4840d09fdb2efe0f54f7b5ee4f64c6d339aa0ef6e1eae7f
cbf5a9f7040e655378cbfe0738760b4a2d7c409668c53f83b2c3fb4750fa4834
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01e5e19fc6662b5598386d8a6368e5ba3ff7d9ddc57e43aad766faf24ac7068
d085748a907b1d0d1b981570bc8746cb6e0d9cc1e4bf96beb70f8121dbd2cec4
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d3740094153185f3f2b5c80c643d801342782b2a319e073352131aaf7a8f8ff3
d3c7ad5400850ab634b2e01d9480573a28b57f444ff4aa98d941f0debc962509
d5fe134a8632594aec805a6d7082a0cf93dd217c7a835ad52ce075261ccfa639
d64278fb08a698a85c10c157773ab563f1f286f8e47150ff35337f7ee30eda58
d7029768f2de730c0afd8c527aa83cdc663ead0cf5c795529ba3e17526d7db75
d7724bf048303a0acf190befe1096f5b6afbe6c0f97760e89d481045259ec40c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da79c29bad55b2be5625d3d495f942f5ee409d0eaaa718f5654337b070e8f715
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b
daaa8665415c17083651c7dca5faa946d3c406ee11458c57a54d6c7867b2f4af
dbd31f093629fafbe50e2f4b744532f46eeae9f205173ad836f170596e2eda67
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb33de15825c145ac2510659c251dc6c4fd23ede02e53f351dae0d5bdfb7dff
e3045b94bdbc36a939bad585b2ccbc6451dd3379c84e5bfd2c11a1be3b6b2fa5
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3be41988f4135929c0a73231d1a66a9e0222fc59ff3c3fe846580c99f816b42
e4154dd1f50dcac6aeb2481d3a671d229de77aa2c4ba68c55d4ab1033d23badf
e48306ee3c05c595be9d87107185067c836114e712afe9eda4b2ed4aa27601b8
e6869bfd6c942ddccd9b9867b19da3f945345585e359aed46c4eccec2f4c7645
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072
ec6d1e9b4852c85ff0519fc06a975e3e831b9b1398f07dc51b66ad48ac35d480
ecfef7653c16a466e88659de1a13c45f70da5e77a7a89d43f0a516b7babb3f7f
ede4692ae8120f26ea103c77b4197e4d19219346a941678cadde40af14ee68f7
eedd0b839c19910b7d4537b14f76dcc2b9263e4bc4d388d3e3251681ddc15ac8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effe022f5756dc9697682601c077972515760624d3d8714f2063c6027c028aa1
f2d81a4815bf54044d0276b034c4874b37724c9fdccbfd049879383a5bf71440
f4b5284bb0f68b06457f353f1e53d61b5f4bdf3b626310d6c5bfea130a418ebc
f61b631d362e2c2871913a9ee475bc15f7d313fab09b535163f1c24a87655dca
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6da18b441da27be6f7db38c119f3f3eb49e12b3cb9ef1810f629e326a281a40
f7a86fb86eeb445ba6127d4e1aab289ddb8a190cee892f05a467cfb8718efd47
f8d376e82a994285cc5382ac74d502fa36b999572b352c1a5438026e18a50f79
fa31d9217b31a4e3adb1d2496336bd48753d8d01f8c950c76e3f0c17ee779085
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fba6e5c7640a42ca92ea06178c3def129237a18935bb31b3d6980dc184df3336
fbd219ff458d049346872168c227d9b256e750ff94cde91002a4681ed40f2b54
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7
feb461e9a941f078d5f89899edb21b94159a8d435d461297b25f0214ddc971df