urlscan.io logo urlscan.io
SecurityTrails logo

www.haaretz.com Open in urlscan Pro
151.101.194.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.haaretz.com/
Effective URL: https://www.haaretz.com/
Submission: On January 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 11 countries across 85 domains to perform 980 HTTP transactions. The main IP is 151.101.194.217, located in United States and belongs to FASTLY, US. The main domain is www.haaretz.com. The Cisco Umbrella rank of the primary domain is 96660.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q2 on July 10th 2022. Valid for: a year.
This is the only time www.haaretz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 62 151.101.194.217 54113 (FASTLY)
2 2600:9000:20e... 16509 (AMAZON-02)
1 2a04:4e42:c00... 54113 (FASTLY)
17 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
63 151.101.194.132 54113 (FASTLY)
1 205.185.216.42 20446 (STACKPATH...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a04:4e42:200... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
24 151.101.2.217 54113 (FASTLY)
1 13.224.189.57 16509 (AMAZON-02)
3 13.225.78.76 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:402... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 151.101.65.44 54113 (FASTLY)
2 23.35.237.86 16625 (AKAMAI-AS)
1 172.217.18.6 15169 (GOOGLE)
1 151.101.66.217 54113 (FASTLY)
3 54.236.115.244 14618 (AMAZON-AES)
1 3.223.185.253 14618 (AMAZON-AES)
2 2a04:4e42::485 54113 (FASTLY)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3.125.23.95 16509 (AMAZON-02)
2 17 104.22.69.131 13335 (CLOUDFLAR...)
27 178.32.210.226 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 51.38.120.206 16276 (OVH)
1 44.209.105.236 14618 (AMAZON-AES)
2 48 185.89.211.132 29990 (ASN-APPNEX)
2 34.98.64.218 396982 (GOOGLE-CL...)
16 185.64.189.112 62713 (AS-PUBMATIC)
18 2602:803:c003... 26667 (RUBICONPR...)
16 2a02:2638:1::1a 44788 (ASN-CRITE...)
2 70.42.32.191 22075 (AS-OUTBRAIN)
2 54.78.253.158 16509 (AMAZON-02)
2 188.40.221.212 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
17 23.35.236.201 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
28 216.52.2.19 32475 (SINGLEHOP...)
2 2 184.86.251.81 20940 (AKAMAI-ASN1)
2 52.29.44.9 16509 (AMAZON-02)
2 8.2.108.175 46636 (NATCOWEB)
2 17 185.184.8.90 204995 (RTB-HOUSE...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
16 13.224.189.113 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 185.86.137.133 201081 (SMARTADSE...)
2 2 54.228.83.115 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 69.173.144.138 26667 (RUBICONPR...)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
2 141.226.228.48 200478 (TABOOLA-AS)
115 37.157.6.233 198622 (ADFORM)
1 162.55.101.208 24940 (HETZNER-AS)
226 37.157.5.73 198622 (ADFORM)
4 88.198.239.118 24940 (HETZNER-AS)
3 2a02:2638::3 44788 (ASN-CRITE...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
14 23.35.236.188 16625 (AKAMAI-AS)
28 104.109.78.125 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 4 185.64.190.78 62713 (AS-PUBMATIC)
1 2 37.157.4.28 198622 (ADFORM)
1 1 185.29.134.244 30419 (MEDIAMATH...)
8 18 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 5 67.220.226.234 16509 (AMAZON-02)
5 7 142.250.185.226 15169 (GOOGLE)
1 1 141.94.171.216 16276 (OVH)
3 54.73.182.221 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.229 62713 (AS-PUBMATIC)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
3 15.197.193.217 16509 (AMAZON-02)
4 4 69.173.144.165 26667 (RUBICONPR...)
2 3 209.54.182.161 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 104.18.33.19 13335 (CLOUDFLAR...)
1 9 185.64.190.79 62713 (AS-PUBMATIC)
1 18.196.150.104 16509 (AMAZON-02)
1 162.55.236.225 24940 (HETZNER-AS)
3 198.47.127.20 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 34.193.201.64 14618 (AMAZON-AES)
2 2 151.101.66.49 54113 (FASTLY)
5 5 54.194.123.13 16509 (AMAZON-02)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 1 185.86.139.115 201081 (SMARTADSE...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 213.19.147.44 3356 (LEVEL3)
1 195.5.165.20 44968 (IPROM-AS)
1 1 35.214.223.115 15169 (GOOGLE)
1 162.55.120.196 24940 (HETZNER-AS)
1 35.186.193.173 15169 (GOOGLE)
1 1 141.95.172.216 16276 (OVH)
1 1 141.94.170.77 16276 (OVH)
1 72.251.245.179 32475 (SINGLEHOP...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 52.45.81.218 14618 (AMAZON-AES)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 1 3.126.56.137 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 37.252.171.149 29990 (ASN-APPNEX)
980 102
62    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
www.haaretz.com
2    2600:9000:20eb:fe00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
17    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
63    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
img.haarets.co.il
gif.haarets.co.il
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    2a00:1450:4001:82b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
24    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
services.haaretz.com
1    13.224.189.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-57.fra2.r.cloudfront.net
ecdn.analysis.fi
3    13.225.78.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-76.fra2.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
3    2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
amplify.outbrain.com
widgets.outbrain.com
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net
ad.doubleclick.net
1    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
ms-apps.haaretz.co.il
3    54.236.115.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-115-244.compute-1.amazonaws.com
mabping.chartbeat.net
1    3.223.185.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-185-253.compute-1.amazonaws.com
ping.chartbeat.net
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    3.125.23.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-23-95.eu-central-1.compute.amazonaws.com
tlx.3lift.com
17    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
27    178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu
prg.smartadserver.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    44.209.105.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-105-236.compute-1.amazonaws.com
hb.minutemedia-prebid.com
48    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
16    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
18    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
16    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
tag.escalated.io
2    188.40.221.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: kubeapi-nue.pushwoosh.com
cp.pushwoosh.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
11    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
17    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
28    216.52.2.19 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    184.86.251.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-81.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    52.29.44.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-44-9.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
17    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
1    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
16    13.224.189.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-113.fra2.r.cloudfront.net
flashnetic.com
4    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
4    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    54.228.83.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-83-115.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
15    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
115    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
track.adform.net
1    162.55.101.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.101.55.162.clients.your-server.de
shb.richaudience.com
226    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
4    88.198.239.118 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: r1-front-03.pushwoosh.com
haaretz.pushwoosh.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
14    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
28    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
18    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    67.220.226.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
1    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
3    54.73.182.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-182-221.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
3    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2a05:d018:d29:3602:2bd9:9049:1377:8ebc (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
9    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    18.196.150.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-150-104.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    54.194.123.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-123-13.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    141.95.172.216 (France)

ASN16276 (OVH, FR)
PTR: bixel-4.cloudy.ovh
green.erne.co
1    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    52.45.81.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-81-218.compute-1.amazonaws.com
a.audrte.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
343 adform.net
adx.adform.net — Cisco Umbrella Rank: 4264
track.adform.net — Cisco Umbrella Rank: 3696
s1.adform.net — Cisco Umbrella Rank: 8046
c1.adform.net — Cisco Umbrella Rank: 568
2 MB
86 haaretz.com
www.haaretz.com — Cisco Umbrella Rank: 96660
services.haaretz.com — Cisco Umbrella Rank: 224373
1 MB
68 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450
ads.pubmatic.com — Cisco Umbrella Rank: 463
image6.pubmatic.com — Cisco Umbrella Rank: 733
simage2.pubmatic.com — Cisco Umbrella Rank: 665
image2.pubmatic.com — Cisco Umbrella Rank: 872
aud.pubmatic.com — Cisco Umbrella Rank: 4113
image8.pubmatic.com — Cisco Umbrella Rank: 635
simage4.pubmatic.com — Cisco Umbrella Rank: 1166
image4.pubmatic.com — Cisco Umbrella Rank: 941
199 KB
63 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 534
secure.adnxs.com — Cisco Umbrella Rank: 409
282 KB
63 haarets.co.il
img.haarets.co.il — Cisco Umbrella Rank: 89132
gif.haarets.co.il — Cisco Umbrella Rank: 211103
2 MB
56 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 454
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
eus.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 548
161 KB
32 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1538
sync.smartadserver.com — Cisco Umbrella Rank: 1343
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560
11 KB
28 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 592
14 KB
28 googlesyndication.com
7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
168 KB
27 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 730
gum.criteo.com — Cisco Umbrella Rank: 388
mug.criteo.com — Cisco Umbrella Rank: 2753
dis.criteo.com — Cisco Umbrella Rank: 696
21 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
ad.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
388 KB
17 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 518
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5803
3 KB
17 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5929
csync.smilewanted.com — Cisco Umbrella Rank: 4103
static.smilewanted.com — Cisco Umbrella Rank: 10320
32 KB
16 flashnetic.com
flashnetic.com — Cisco Umbrella Rank: 45747
55 KB
15 adpone.com
hb.adpone.com — Cisco Umbrella Rank: 18648
2 MB
11 gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
fonts.gstatic.com
229 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
6 KB
6 pushwoosh.com
cp.pushwoosh.com — Cisco Umbrella Rank: 50305
haaretz.pushwoosh.com — Cisco Umbrella Rank: 148141
4 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4470
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
3 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 470
2 KB
4 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4907
sync-eu.connectad.io — Cisco Umbrella Rank: 3275
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
192 KB
4 chartbeat.net
mabping.chartbeat.net — Cisco Umbrella Rank: 5180
ping.chartbeat.net — Cisco Umbrella Rank: 1217
802 B
4 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2507
widgets.outbrain.com — Cisco Umbrella Rank: 1279
tr.outbrain.com — Cisco Umbrella Rank: 2418
8 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 886
trc.taboola.com — Cisco Umbrella Rank: 639
trc-events.taboola.com — Cisco Umbrella Rank: 1293
20 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5986
adservice.google.de — Cisco Umbrella Rank: 8741
1 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 76466
122 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22942
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 24369
897 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
793 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 757
795 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 647
87 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2192
mp.4dex.io — Cisco Umbrella Rank: 2045
25 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
21 KB
3 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 23751
cdn.firstimpression.io — Cisco Umbrella Rank: 24152
106 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1457
mab.chartbeat.com — Cisco Umbrella Rank: 2203
26 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2249
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1110
1 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1733
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
743 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3641
1 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2833
pixel-eu.onaudience.com — Cisco Umbrella Rank: 13267
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4143
562 B
2 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4034
sync.richaudience.com — Cisco Umbrella Rank: 1855
459 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1956
645 B
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4625
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 502
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 629
1 KB
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 28308
30 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 640
468 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
363 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 499
eb2.3lift.com — Cisco Umbrella Rank: 329
743 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
10 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
239 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
136 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3445
463 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
518 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1938
555 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 601
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3016
104 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2435
382 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2556
644 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1283
283 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 16334
412 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5049
369 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5624
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 835
226 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5207
277 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 522
673 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
621 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
524 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
146 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
709 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
589 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
725 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
944 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3489
411 B
1 haaretz.co.il
ms-apps.haaretz.co.il — Cisco Umbrella Rank: 465005
555 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 29307
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111123
245 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
76 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1353
462 B
980 85
Domain Requested by
226 s1.adform.net hb.adpone.com
track.adform.net
s1.adform.net
www.haaretz.com
flashnetic.com
cdn.jsdelivr.net
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
89 track.adform.net hb.adpone.com
s1.adform.net
cdn.jsdelivr.net
62 www.haaretz.com 1 redirects www.haaretz.com
59 img.haarets.co.il www.haaretz.com
48 ib.adnxs.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
hb.adpone.com
acdn.adnxs.com
28 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
hb.adpone.com
28 ap.lijit.com csync.smilewanted.com
hb.adpone.com
27 prg.smartadserver.com cdn.valuad.cloud
hb.adpone.com
26 adx.adform.net hb.adpone.com
s1.adform.net
24 services.haaretz.com www.haaretz.com
18 fastlane.rubiconproject.com cdn.valuad.cloud
hb.adpone.com
17 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
csync.smilewanted.com
hb.adpone.com
17 securepubads.g.doubleclick.net www.haaretz.com
securepubads.g.doubleclick.net
www.googletagservices.com
flashnetic.com
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
16 flashnetic.com www.haaretz.com
flashnetic.com
16 bidder.criteo.com cdn.valuad.cloud
hb.adpone.com
16 hbopenbid.pubmatic.com cdn.valuad.cloud
hb.adpone.com
15 prebid-eu.creativecdn.com hb.adpone.com
15 hb.adpone.com flashnetic.com
14 acdn.adnxs.com cdn.valuad.cloud
hb.adpone.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
12 simage2.pubmatic.com 7 redirects ads.pubmatic.com
12 csync.smilewanted.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.haaretz.com
www.googletagservices.com
9 image8.pubmatic.com 1 redirects ads.pubmatic.com
7 cm.g.doubleclick.net 5 redirects
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 gum.criteo.com 3 redirects static.criteo.net
6 pixel.rubiconproject.com 2 redirects csync.smilewanted.com
5 match.prod.bidr.io 5 redirects
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 image6.pubmatic.com 1 redirects ads.pubmatic.com
4 mug.criteo.com
4 haaretz.pushwoosh.com www.haaretz.com
4 sync.smartadserver.com 2 redirects csync.smilewanted.com
4 encrypted-tbn1.gstatic.com 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
4 www.googletagservices.com 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
4 gif.haarets.co.il www.haaretz.com
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 s.amazon-adsystem.com 2 redirects
3 match.adsrvr.org ads.pubmatic.com
3 sync.crwdcntrl.net ads.pubmatic.com
3 static.criteo.net cdn.valuad.cloud
static.criteo.net
hb.adpone.com
3 encrypted-tbn3.gstatic.com 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
3 www.google.com tpc.googlesyndication.com
3 prebid.smilewanted.com cdn.valuad.cloud
3 mabping.chartbeat.net www.haaretz.com
3 www.google-analytics.com www.haaretz.com
www.google-analytics.com
2 cr.frontend.weborama.fr 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 ssum-sec.casalemedia.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 trc-events.taboola.com cdn.taboola.com
2 sync-eu.connectad.io cdn.connectad.io
2 ice.360yield.com 2 redirects
2 cdn.connectad.io csync.smilewanted.com
2 encrypted-tbn2.gstatic.com 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
2 creativecdn.com 2 redirects
2 us.ck-ie.com csync.smilewanted.com
2 match.sharethrough.com csync.smilewanted.com
2 ads.stickyadstv.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 cp.pushwoosh.com www.haaretz.com
2 tag.escalated.io ecdn.firstimpression.io
tag.escalated.io
2 cdn.firstimpression.io ecdn.firstimpression.io
2 tr.outbrain.com amplify.outbrain.com
www.haaretz.com
2 u.openx.net cdn.valuad.cloud
2 onetag-sys.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 cdn.jsdelivr.net cdn.valuad.cloud
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
2 www.facebook.com www.haaretz.com
2 www.google.de www.haaretz.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.haaretz.com
connect.facebook.net
2 static.chartbeat.com www.haaretz.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 ad.turn.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 cm-supply-web.gammaplatform.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 pixel-eu.onaudience.com 1 redirects
1 green.erne.co 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.richaudience.com
1 x.bidswitch.net
1 px.ads.linkedin.com
1 aud.pubmatic.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dis.criteo.com 1 redirects
1 sync.mathtag.com 1 redirects
1 eb2.3lift.com cdn.valuad.cloud
1 shb.richaudience.com hb.adpone.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
1 fonts.googleapis.com 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
1 trc.taboola.com cdn.taboola.com
1 hb.minutemedia-prebid.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 ping.chartbeat.net www.haaretz.com
1 ms-apps.haaretz.co.il www.haaretz.com
1 widgets.outbrain.com www.haaretz.com
1 ad.doubleclick.net www.haaretz.com
1 amplify.outbrain.com www.haaretz.com
1 cdn.taboola.com www.haaretz.com
1 region1.analytics.google.com www.googletagmanager.com
1 ecdn.firstimpression.io www.haaretz.com
1 ecdn.analysis.fi www.haaretz.com
1 mab.chartbeat.com static.chartbeat.com
1 cdn.valuad.cloud www.haaretz.com
1 www.googletagmanager.com www.haaretz.com
1 polyfill.io www.haaretz.com
980 141
Subject Issuer Validity Valid
*.haaretz.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.haarets.co.il
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
valuad.cloud
E1		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-07 -
2023-02-05		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
analysis.fi
Amazon		 2022-11-03 -
2023-12-02		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.haaretz.co.il
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-17 -
2023-06-17		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2023-01-04 -
2024-02-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2023-01-03 -
2024-02-04		 a year crt.sh
*.pushwoosh.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-03 -
2023-04-02		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
flashnetic.com
Amazon		 2022-07-10 -
2023-08-08		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-03-10		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 160 frames:

Primary Page: https://www.haaretz.com/
Frame ID: F21AD244D1D43C00A47AB9FF1BF42F5A
Requests: 221 HTTP requests in this frame

Frame: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 86A8B35307E2AD60B96300EDF90D04BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 848550BA6742C73A44B0B7C5DAF3C946
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04D10E6720F30D16D0AE2F3D1C1C938D
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 85EFFDF727FE2AE7E45900486F11F1C1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: C5F551F8165D15D4ADE5EC8F9BE8DB2B
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Frame ID: CD7C5FB67FED8FBE671A4CA05285C175
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: A968FCAF6C9334BDC18CB647F732DF70
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: ED3260803D3319E4643DF252778A06EF
Requests: 1 HTTP requests in this frame

Frame: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39CD4AEF4D7A50A868D300C8CC1C966C
Requests: 21 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/rjTWKC7ADYsR5D97ssSU?pi=smilewanted&tc=1
Frame ID: F4DEADE6015FB671BE644D16499BF52E
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
Frame ID: 774B61954B0F47EA09E97FFB85F37BE1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHctWnpNoI3Zx2DbSRUUAeCgawgKwxzJlFSJaHAZxYeZJVY14NlRWOS3Hlc0BxGAqKGoyOgHeySbmJuvWau25cqBCklmlPNMSnxUn2vyOo2-5VK7aQ-YqpaUZsU1X5mlijNDpIkpRJ-IC1DmTD3w89rEqwzyREBytL8d_sFBdwr_cyhtBtA3_iGMO_1PFXjoNfql5kGE0lG9fWUFxgEGKwrrL24UQIhrmTLF9LhM_lp4iABUL8MFjLI5cd2zctwY12Yh-QG8jPoFiaAYMV5RHOS-z9eKJL8pQ2wIYmLg9v-R2C0KTw4089JmGbIwbiTM5N_VFw7i4j2gD76JVOiOZXIaAMyg4z03FbVOFJ7cPcJWVWyVm2ppcNdT6kqNOys5mQ0h52V7i_dLxpnsOn&sai=AMfl-YTbMV8vkIUGoKLd-joMv3c0xIsNpHpKiDIiCwjPkoZNiBn-NW5VFk6Z32oql8Uz3Ym9SySVVjNcu7yT32LdBOin0lF2xuTbr6ep-r8HspcIKoGMAr7H_xLGwAGL_IYa4X2LX5kLjqZfZZG4xe_UJoo&sig=Cg0ArKJSzHWLbW1ZSIYlEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F4B6677B436C83A978FC879AF4EBFFA0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: DC260644D8643D297117496756581CF1
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 4B423FE1F001A01ABD981A7C7527E3A6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/99a58a5b-6d27-4695-9cc2-4812ed21afa1&partner_id=1010
Frame ID: 6A50C57E10BAA8DAD131E253A1697177
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 9BF89220E896ACA87CCEA2D85AF572A5
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: C34F40151CAE3FC7B349057C98D17981
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8C11DDDB139EE0F641A566FAB0D28701
Requests: 23 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Frame ID: 8542967BF099E162A8E663AD11666966
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Frame ID: C1F24D0BDAA60219005362FB4BACA66A
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Frame ID: DF788EC7B1A652E94A32DBBF7C417B21
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Frame ID: 5BCCC3416643EDD39BA832C0A6F3A366
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Frame ID: E1D282E2C097001A96270BDECCA33C75
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Frame ID: E5C262B2D8DECD3A3507AD8128C981DF
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Frame ID: 5D268645D9DC1B2F728C89924CEBBA9A
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Frame ID: 3887D71E3DBD3814250F563E8E8807F4
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Frame ID: 594069337574ADF6B61C14F71862A8D5
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hgmw&e=1542649891130
Frame ID: 75720B01200981973E3B82768C91BD80
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Frame ID: 9C6B757AD049311D53EA037C545FE91E
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Frame ID: 207534D62747D99F2C44577BA832830B
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Frame ID: 597C1167384CABDAEC964146FACEEBA2
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Frame ID: 10DE1E6DB686FB4FA5B5AAE76DEB9482
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Frame ID: 248A31E120AED1274537D93478D55A31
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ2AN1q3brLiP2jOHnM1HbzE_aYu_u9EMeEnBWztCkLTxGwrz23QwOYNLq-cX710r-iR48dIq-py-DRtSSywklzx2FPWsiP63nZ7t645Im6Lu0gC8YcKQVVodPqIBgUSCD4MW14k9qeJgcCjBRhKf1Vu4IMwR9jBhX_cmKFhttpgMEsw5Y1Skq-865rNosxyMqWWw1jfJAApRJ3eK7aUbmFpZXh7o5wNGcFsYq7xRBImRKXh-OoD1JleqPESCokI16TDjBRsrBcxNHUUGrrNoBj83JLPXcIygzvY1qcPYLmn6DmY2pU2u3SSGGQB8WnMlYi-u8Qfq7CsFFnRK5NXBx7sSpZnAZ2VY1ZwzNObZnQTjPAhLR60wlz4sadHmKPQ0UuEyjn3cu5cq87aEpAdy9&sai=AMfl-YTrdWt9niBnO6VBcag2XLGffqzIts8p2huowFI7WorMWictVOCvYVcqgPPJ_YgHGzSuT3bPury3u5FhGQsUYmC_WmhHpg2Q-2JgZbO29fmiq9XtI5BTw1ajVal06MoUBe1qLolvuMXN36W-CeKnn8s&sig=Cg0ArKJSzDTgU0NtilyLEAE&uach_m=[UACH]&adurl=
Frame ID: 534F4A8C20829919FF5F4751A667C3F8
Requests: 7 HTTP requests in this frame

Frame: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 71EF0111AD9A7591E28E108393EFBE1E
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=KEfFc34P3_2p2kxE36hBqEHMKAbl6Sq0382mdc6WCXSggZrdYGOX27kjpE4NLSXbFy7KW7q3n2m_vHA9ZKAQP3STM930GoHSzwLi7sy_kMH3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmu3IIOoep6yMmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 132D1FF46BD1E9BBCD1979D41D31FC84
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Bn6VM2oCxsg51t06qyI9E8fUWH9dCBhmVSQxYLjdcXR86rZqip8jpFAnoZODnFtPnwtfd7i5RE17g25inQv47f5ynACOQ6fzxZUzcacswCb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvsZ9FQCEu0KWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 4C982C3A579498EC2F7A081136A9F02C
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=6hySndOYzXV4coIWq0Ij30UUlpnFeQ9GIl1g4qYaN_x-hVaaZsOAajZ9JNJrNRQTLusvVLiBAxEtkzkdWrwnlImcwVX0Z1GrK134J90EXUf3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtxiYBulCJV_WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: E22B09CD67393143F2A0BE143FF4F6B3
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=el6TqoVMDqaQ81uJqFUEJ9EDg8ZJj267s533c8jE2TJxAVMu2CimyDN9KlWqfrAlRFWnFQgCTWzLT9ZFjGAKORnyadsskJWGPazTzKGDhfb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmv23DoS8BcfZWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: BB62369B56BC6FEBECCE407BE34F3DA4
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=R0qCEcXgZSGr0rVivm2D1BUYhRx7PckzkDVDzr1H5PATL4sv7MaPJ32yRoDgrbSgAJz3NH10X-l7sA-Sn0DaSYPQoRaQ4OC2oLfmy-1Bh0D3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmto6vRPSvl1Q2vN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4UtzmZ0-tdyIVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 7D9E227C1B0E39E2DCD8301365B282A7
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA-OZlGRxe_ZVVaZ8ePR4XNtLheqay1llpm98N3Gn0aQV4PGMD3VRZ1RSaEBrjl9QDcp7XzPCLi2Ou0vb079Q9W6VS0zlfUkMsb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG6wpNs2Bbz8eSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 6099AFD0E13DBD8DC49CA10ED60C8F97
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630085;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA868ZFdtcbZ3WRYKaLiWRppH1BUV9AfbcJtBko87Yj3qDZ9JNJrNRQT_Ci8c6NeuE29cb9qmGDUPhpTtXNQPkL4f-N2vfY4-K_3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG-lMBI-nx2Q3SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 542B7F073EAE45D9B1AACFF12BA2504D
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=TJ4qHFkmLj1AkEIJJJUTI_X4x1sMRkj1zJowLFLQMGaQ-b_OCCY5nxmhi8XDu_Q2YEgbFSUm7FjQ58YhiU6ORmM1t3vbpN5Wmy7awOBsN-r3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvNfLWJzBFV1mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: B2BB751E706D0823A37A7C28F21B4FCC
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=ttNmYRvTsQsJ1-OR4g9ERk06L9Y-cBxBZzkRKjGHcnUMRxHO5mMb2H2yRoDgrbSgpjc10G7Kmas4Mkj2meSfaegXxum4OOJ9HBRufA185H73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmt_3tcI1TXPcmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 385EA62817AA0D94CE5119B702F8878A
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=KEfFc34P3_22ad1Uggk9hbtVrnE_jI8EXDi0L1vFM7Bwq0N46A9q-n2yRoDgrbSgakqWrG6VDuVFiR_mffXpMj7MEewznp5CpuX5tiBFIIr3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGyaAJUm3st30SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: E4BB0D047857F208DD6526A4C122D040
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 679BC1B91FE772D90E847822C94C1763
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99350AF841DD33F9054B20817A914927
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630083;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=MU7IUQdm5wjE20blOvQNU4mxdKVG9mrsLohEfus4DaUINmyFY-RjGTkgZx8X_JVdZi37GmJAymzahm91nSZcumBClvI0ezCjbkMck0Mvuy73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvH3ERse20J6mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RhXPb82H5B542u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpqgstM42TqYZevLjYNsmvQiTIBqHxIrXwAOAslM1ZGkKaPcCaci0xCuGqkjFeLmwA5JmoTa7zRbMWUxQEukv_zKvI4KNxgd24IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmvhGj9fvVQOgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: C2CEDF4B422FE76161F7AB1E513F5F80
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=dvkQKAjbaCWlyuPV62lcZ7f8aSVh93h8kdNP5TLyOe916tfM0I5iwZ7RJsIFLDe-iyCsrtm9C8Wz-IgZkihfZ74MoI_VEY_i7HpaGBtINBD3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGycjey6y2LQLSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLwWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt5PIT01uMPBKG1UJUGnkBP-mlM4KJ_TKgmZgatjjt92lwXCquw9okvDHjc_Dzju35snqtF7hupaXAu0ljbDkJevx9y3QenQiPjehQm65vSycg7kbTHoU3oLicB4jOuztTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: E70A2074CE3BC4EF7287CB1C9E53020E
Requests: 7 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=dvkQKAjbaCUvCJAB-Mxhn1SiNMMoYUaobwxlEYm_pC-xLviPj4guqZ7RJsIFLDe-ZVs0kxZjnYgXtvsmCCFVwB5RYftc5Gnsvc6hXD3OFw73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOms5hDAwaeLUxWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: DCD581057AC4D8BE197E86F08019B7DB
Requests: 11 HTTP requests in this frame

Frame: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: B2ABC8DB9765376F3D707D0A5FC2402C
Requests: 7 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: 6527ECCBF6E72A498DD2D4D1734F8EDC
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: EBDB14F5E3EE50C5F9EF33AADED9291B
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028367/12028367.js?ADFassetID=12028367&bv=258
Frame ID: 943DB231D76651931DDD941AD38D01CE
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028367/12028367.js?ADFassetID=12028367&bv=258
Frame ID: F536BB900C3AE7949D0C6C23581191B7
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: 360DB9E77C432CCED90951E1986B3A7F
Requests: 14 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: 8AB4B731A018FD791EA0959AA08C1110
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028468/12028468.js?ADFassetID=12028468&bv=258
Frame ID: 0BBD5862A58523166394BA50A02BA27D
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028367/12028367.js?ADFassetID=12028367&bv=258
Frame ID: BB0AAE0C2710BF3FF87DDC740A6CC912
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: 6D3E1D277B3260203AFB941178E13D07
Requests: 14 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: AB6A4F4FB174E15F3E764CCDC816FB19
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.haaretz.com
Frame ID: 1AF8C34CC2B89172B604D35A44838E1E
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Y7sXdZWOOc-y-yYISIhT-NepH-BX7xFVKUQyX4mcy-f8O_sepBdvW4PGMD3VRZ1RNJywlYy5N0yAuZqLnPuhAfIg5q7ksRWJCe01aC2JKRz3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtoPNaBVlAH6WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nw8TqPNK39h42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoJypMNfmJ11AnScHVW1UpFBhshin1xY2oe-vCcGUlBWernErcjg8aOnOxeW9oy3SpTPmWtY17c9IAXrmyBbGfvaUkAojYxy78IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmoUYtfk_03iQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: D2873D78E72ABF4B28FACBFDCCF70B99
Requests: 7 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028501/12028501.js?ADFassetID=12028501&bv=258
Frame ID: 6A552F49D5D8864DA6CC3E0997120936
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Frame ID: 54A7FCE7369EC110AF2E67FE50549E09
Requests: 13 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028468/12028468.js?ADFassetID=12028468&bv=258
Frame ID: 887424D1ABD674AFD2661630B7A1BC77
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1674986975197
Frame ID: FD97E7AEB592CC5F436FA943763C3488
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 413D3884AF9482938102B56E580CDDE3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: F126B60D777D8858A5DF42E7A1F4D422
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 96159F83AF4934198503834E372D1938
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6AFE6EC1C4FE93C968E73816DFB881B1
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 0131D353C7263A097743693FEFB48CD5
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 455133DB2BE5A2F53ED99766572A0CC7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 935D9AE8FBC3B194E32EED226FE29839
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: ADC3FD2CA10EF0A841279C25470F7FBD
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent=
Frame ID: 6923C2BA1E765CBD6477D98B1784E9FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fba963d6-45e2-4700-82bd-12220325eb1c&gdpr=0&gdpr_consent=
Frame ID: E22B485D6A080E95873B376D99428B85
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123563109499086153
Frame ID: E034D14BA7EEAD905910470613E4D45A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 31447EB8464A695EB23A56B9D0E2674E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj
Frame ID: 3816AC0FA05C7D27A995E1B55B883EAE
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2E0E03CE5DEA797A4DFC740C825E47E8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Frame ID: E24D505E465D8DBF0762C19467EA0EED
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: C8B9367B7420465437BFCDBC8BD49A99
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2139281/12028468/12028468.js?ADFassetID=12028468&bv=258
Frame ID: B6960C7C719ACCAAF779EE59E04BC250
Requests: 13 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 6FE9432A13E0A427966F96868A92A3B7
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
Frame ID: DE63F263001C9118C9AFBC28F4B6E7B0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: EBB23EB7461B32C1F58A1354E6198762
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 4AEE0C14F5187A20570A4D452ED7802F
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 05DA63176AF1468BF8F6A948A0BD6722
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: C74E2E13422F17FF284AB0C780D187F5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 25F18CDD7509CA86DD532E79CE47660E
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y9ZF4zVgq9tEGG92yE.TpwAA%261170
Frame ID: BB7345DFFE5A56A99A7161354A90F9A8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.haaretz.com
Frame ID: 8AE3BE8FD329C8FF8B3671477B123E1D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 438EAB7C4C26ACB8E17895319401A78F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: C66C9DD20D3E861E09FD950F9C7AB9F2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FD41F4C46EF3B65E0C3EAC331737D90C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3718A682C5F3C09BA821753AAA427752
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 8EFE5B8DE954A633972FD6236A36A31E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 9E6BEB5740007090B3AFDC37E54941DD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1F52620AEF6F9BBA4711FCFD230CCC81
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 1D470BF312F0B94F2E3BC7E979A9D47E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C90A5C02790B24A7FBCEBA26CB1F40D6
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 82637215C49A745EA5DEF22641FB2113
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5EEEB6F70922D7532324DF8131CE604D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0E22D61BFEE580167F0114741A4A8706
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: EA8E1FB86629F61255072DBA560E0362
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4B42AFE9B855B2AB454A95FFF15DDF3F
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 0283B194F0AAB8DDBEAC56BD93DA394B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 6508451F82BCFA811E648F53EA31BA20
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 020B699F4742FD6EECE54374C230C1AE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 734E6AD1D6065D699D7DB1F4235AD893
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: F453297F287AC7DA6B2674534CCD7B0E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 131BFB6122504B19C7F4D4236B1C5BD3
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A73DC28B254F903050247DACB9673345
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: D22207150CEA578BE461A1657CD1706A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1D0E79A82FDD11FAD85CD58394BE0B65
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 5B4DBEA246706B5CF07276F0470828EA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6F1866A14386B434D0A75781990E818F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 8208D6B88B15D58FBC8624CF4133E45B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1290587959DC9BC80173D1B4969862B7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E028B4A5F1DAC1DDE6C3D0BF2D837E46
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: E2376868F42AE4DDAF95E3ACDB59D838
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 20A8825B2572D7CAD106FC59509705AF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: DD540BB5C2AA14585FF4A0FE347C75A2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CE1ACB878543400DDB855C91471ECD38
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 6011842B2B3C360DBA5FA4E770A75E8F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 422178C4B3DB574629A1036E78E41C9A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 6A71367857F2EABD0A008BA72DE98FE2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B3406B9538FA5CFE629C6074FA0BDC8B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BCE8CEB8B014601C8DDE1A6B9489A5BA
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 15876A08C6629F788FB6C55844EEE72E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 02A489DE0B2AA62D274B4C1A0B181B28
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: B7696E6C09682406D4B62E3111807197
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 72A08D56CEC9ABD8193CEED6CABB299F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B59611AAA015DBE0CDD3896DAEE34A14
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 86EDB8F1F4A45A0CB41537F3ADB76A61
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 72523C74AA318704D7F8905D25935D36
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 868726F861BB56514B5A09D1B77F1563
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: B381888E1931C3947C7F46EC2B71DE13
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 29593FCA3EE43A990111B905753A7AAA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 31CDCA083B5E7C2844BC9C58E67D0A99
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406526
Frame ID: 0F96D67EDEEA99642E0EF9C3BE3864C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Frame ID: 5685F5CF687B0AE92FD5D910CF4CDEAF
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: CCCFBBCDAED836BA939A0A0CA31F8276
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: BF0B0BABF37B33FDEE8B661D93C11243
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 467060183C7F32CA8DAE21373FAF43AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9ZF5AABT3qOVwBh&gdpr=1&gdpr_consent=&_test=Y9ZF5AABT3qOVwBh
Frame ID: E9706700E70740DE96CBCD30FF3C7E3F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOSE7HrIwAACAkRgoSfQ&gdpr=0&gdpr_consent=
Frame ID: C32ACE3AE4988D5E00707215676BB035
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E77BECB8540A3E5F4D1E50BAE9F0D2F5
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8033261240
Frame ID: B3D64DADBE71D09A978B5E04FA754924
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7080475127C4B486AD1162BF6677D1EA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A87023B1094786F8C34998E9F15AB14B
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 69752234E87F066FCB5C5E63E9B183F6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 5016125A10948D39808297C1E1372C5D
Requests: 1 HTTP requests in this frame

Frame: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQjghRVVjbaVRWUV%2526gdpr%253D0%2526gdpr_consent%253D
Frame ID: 376C213430AD840360C8D67BB0973F8D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DE847220604CF53ADC788F22F82EAC39
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: CCC88E35EE9DE6A8C60F8100FD55761C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: CAA276B1498EE727469D10B9FDF7F865
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/18973734-A6B5-449A-AF9D-BDF475210222
Frame ID: 9F138081400BCF49F285DB9282B6CB35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Haaretz | Israel News, the Middle East and the Jewish World - Haaretz.com

Page URL History Show full URLs

  1. http://www.haaretz.com/ HTTP 301
    https://www.haaretz.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

980
Requests

96 %
HTTPS

32 %
IPv6

85
Domains

141
Subdomains

102
IPs

11
Countries

10027 kB
Transfer

26228 kB
Size

102
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.haaretz.com/ HTTP 301
    https://www.haaretz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 224
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Request Chain 230
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/rjTWKC7ADYsR5D97ssSU?pi=smilewanted&tc=1
Request Chain 248
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
Request Chain 254
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 255
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/99a58a5b-6d27-4695-9cc2-4812ed21afa1&partner_id=1010
Request Chain 679
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=haaretz.com&sn=ChromeSyncframe&so=0&topUrl=www.haaretz.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_D7CzXxWQXJHZFA4b0JHeFRXa2dyM2JPL3kzbUlEdzNqd0NzM2YxNzZFdDJMQlM4SC83NGZBdTZLb2xPQ2VFOW5MOTFLeTRqV2ZLcVlhQVBMbWxVbnJaalpDSW9zd0hKUCtYYWFGb2FYT1ljZGxmT2IvU1hxR1Z5OWFrYnI4YmxHN3pldzVRTUEzUnlIZlZsS3VqR3ZIeHJVNmN5SC9RMWE1VWFvRllKNVZLQ1AvOUl5bGFOMGgwNVdHVUxZNUxra1BUWS90MWkyL1B3VnhmcHNhVGFrampRY011eUdOQ0U2YmFSQnV4MkZsNENOVE1aM01EelNXNEhWK244bzh1WFJUYjZOYjBWQ2w3V1FpbVQxZVI5TDcvR3BMZz09fA&cppv=2
Request Chain 680
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.haaretz.com%2F&domain=www.haaretz.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=StyMtXxXU293UU1NNFBVOGJlamVzTHdMbEF1WHB0TVR0b0pJVGMxcVJPdm4yV0RIMy96YjJRa3dNQ2dsK0IwRFBZZUZhcnFXeXJLRFlQVWdCMVJpZlJyTW1NNk5aakNsbkFMOVhDRE5EQjlaVDNMNnI2TGVUMXUzVy9xdC9EWFJNYTNnMTl1dDA4dEl2YkRLL2NsZHc1UVlOTXk5aFdCL0VNeHRhL2hybTQ5VmFqRHF5NXBNQ25SRVJrOTREUXA3MVZiTFNhSkJidzFGb29sUjBncmFoN1VkNXdERW0yZUE3alBhU0hQTnRIaW1MQ0pqMzVnNUR0SlpRWk1BczJ3dnFuK2pzeU5IVGJpdVlJRU84Q2UyYnV3UVJ5bzZDRmZNODdLQWMxS3hzK0M0NnQvST18&cppv=2
Request Chain 730
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 735
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fba963d6-45e2-4700-82bd-12220325eb1c&gdpr=0&gdpr_consent=
Request Chain 736
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123563109499086153
Request Chain 737
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 738
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj
Request Chain 739
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 740
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GJc3NKa1RJqvnb30dSECIg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 741
  • https://pixel.onaudience.com/?partner=214&mapped=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dcab955c1059465/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 742
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=18973734-A6B5-449A-AF9D-BDF475210222&addseg=19,36,42
Request Chain 743
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTg5NzM3MzQtQTZCNS00NDlBLUFGOUQtQkRGNDc1MjEwMjIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 744
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELtlpiN3ifvkEPxg1QBT2ZQ&google_cver=1
Request Chain 746
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6897747870475212065
Request Chain 748
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Request Chain 749
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERIN1pYS0ItMVktNEw4QQ==
Request Chain 750
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9WjKW7ApSNO-2L9v6fQtyg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9WjKW7ApSNO-2L9v6fQtyg
Request Chain 751
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fs1mIhn5Rd2loCAam4gprg&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fs1mIhn5Rd2loCAam4gprg
Request Chain 753
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDH7ZXKB-1Y-4L8A
Request Chain 754
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECP7Ap-41EAT67v0vWYzs2U&google_cver=1
Request Chain 755
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/R6Rwoxerc64PEql-nUliu8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-neu3ZfxE2oJ8i08s0Zkx39Nus.cE3wc.u2x7vQ--~A
Request Chain 756
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc3NDdiM2E1ODdhYmJlYjViMmMzZTNiYWI1NzE1ZWVlMDRmYTcxMg
Request Chain 773
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
Request Chain 775
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 779
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y9ZF4zVgq9tEGG92yE.TpwAA%261170
Request Chain 832
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=haaretz.com&sn=ChromeSyncframe&so=3&topUrl=www.haaretz.com&bundle=asHJWl8xRG8lMkZTQnZYaGY1bHFFdUxrM0xWdEhnMVBtSWx0QmFwbEJxamxiOENMUlRLcG1nVEFTOGx4MnVaTnBCUUpWOUhBWk9QbUc0TXBSZmRWYVZ1WHNaa3BoUG5UYURmeUJoRHJ1U21qUSUyQmRqRlFXeXU5bDRMQTYxTG14TGFTZGlWbTMlMkY1MElaR1gyM1hPRE53Nkd2MFpDbGclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=v1FTFXwxRVF4NTYrQWt0Q3NxdmRFWG93UG9xSUkrOHRVbElWRFZlb0x5OElpWWtlMWt6QWh4Z3Q2cVQzQlk0ay9aM3d2QVFEdENwZVZ1eVJTdXJtMVhyUC9KVHVBSWQxSndYcERNWVA0ZHhIVzFjMWFMOHNqdzl0cXZlWU42b0J5dmdwNDNucExGY3RIdms3L1RyN2pCeC9NZXRFVmJib3J2ak5nZ2k1b2FMSGMzQVVRN3BTcWFyYUlhejFndXh5ZEZxK3JWbWJYTTN3U2dyajR1b0Rkc2xNdHc5ak9ZVzZkNHdqWDNCM0I3cit4MWd3TXdUeUVaaC9RMnRUMS9ac0Nwdm1tOVRaVFJxTVJxdGNYa1NFR24ya0w4RFlFYkVPdlUvaGxjSHBxaXJCUFJZQT18&cppv=2
Request Chain 833
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156383 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
Request Chain 913
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2077087146620128535&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 914
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194014300368730263&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 915
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Pu_FuvzoTTde91sZ5ezysNly2hg HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 916
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y9ZF5AABT3qOVwBh HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9ZF5AABT3qOVwBh&gdpr=1&gdpr_consent=&_test=Y9ZF5AABT3qOVwBh
Request Chain 917
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCT1NFN0hySXdBQUNBa1Jnb1NmUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABOSE7HrIwAACAkRgoSfQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABOSE7HrIwAACAkRgoSfQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABOSE7HrIwAACAkRgoSfQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4896838604249424223&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOSE7HrIwAACAkRgoSfQ&gdpr=0&gdpr_consent=
Request Chain 918
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 919
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1674986980952 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8033261240
Request Chain 921
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 924
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQjghRVVjbaVRWUV%2526gdpr%253D0%2526gdpr_consent%253D
Request Chain 926
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1j1y44wrk36h HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 927
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BEA0962FA2204CA9BFC747170432F498&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 928
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=18973734-A6B5-449A-AF9D-BDF475210222&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=18973734-A6B5-449A-AF9D-BDF475210222&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 930
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=18973734-A6B5-449A-AF9D-BDF475210222 HTTP 302
  • https://a.audrte.com/p
Request Chain 931
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1852873593 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=18973734-A6B5-449A-AF9D-BDF475210222
Request Chain 933
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xR9zYRtE2uUjTufUrrlyQwXELvFrOGQ-~A&gdpr=0
Request Chain 936
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:896c12a2-c564-4c98-9ee5-4c04f5adc52d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 937
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6958717578072999008&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 938
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2077087146620128535 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

980 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.haaretz.com/
Redirect Chain
  • http://www.haaretz.com/
  • https://www.haaretz.com/
1 MB
149 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ff64ba2858a0417c38105c5b19e1fea15ac1a2783aba4950c1b8fa616295f348
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
230
content-encoding
gzip
content-length
152376
content-type
text/html; charset=utf-8
date
Sun, 29 Jan 2023 10:09:32 GMT
etag
"10c538-Va9Mf5zIx6erdcozUCfRMfAkkRg"
server
istio-envoy
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, HIT, HIT
x-cache-hits
0, 13, 1
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
3291
x-origin-status
200, 200
x-timer
S1674986973.819125,VS0,VE2
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Connection
close
Content-Length
0
Date
Sun, 29 Jan 2023 10:09:32 GMT
Location
https://www.haaretz.com/
Retry-After
0
Server
Varnish
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
0
X-Timer
S1674986973.748038,VS0,VE0
chartbeat_mab_image.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab_image.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:fe00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 00:56:49 GMT
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
33162
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
d8kxxFHKvLzPYGQni7bmXlKNM9vrN2Y0_BC8EbsBCUTg8pZezAZufQ==
expires
Mon, 30 Jan 2023 00:56:49 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&unknown=polyfill&features=fetch%2Csmoothscroll%2CObject.entries%2CArray.prototype.entries%2CIntersectionObserver%2CIntersectionObserverEntry%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.includes%2CFunction.prototype.name%2CArray.prototype.%40%40iterator%2Cdefault
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer
https://www.haaretz.com/
Origin
https://www.haaretz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:32 GMT
content-encoding
br
last-modified
Tue, 17 Jan 2023 14:07:14 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/109.0.0
server-timing
PASS, fastly;desc="Edge time";dur=15
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
94
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f9fc03eee3d731cd12ddaffd694c2853bb19e5e4d31a57849908799410a2fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27594
x-xss-protection
0
server
sffe
etag
"1466 / 670 of 1000 / last-modified: 1674860937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Jan 2023 10:09:33 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MDEFPY237V
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd053f5201426e55578e93b7d5cd6cdd3cc8443409a231558a10d26b212adc2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77878
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 29 Jan 2023 10:09:33 GMT
ad-blocker-1.js
www.haaretz.com/static/ 		63 B
235 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/static/ad-blocker-1.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
891d829143ced903b04b238c2ade216efa7ecfe42bdc33d5f3d5691b8aa8d68d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
content-encoding
gzip
age
360175
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
2
x-origin-status
200, 200
content-length
70
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:00:12 GMT
server
istio-envoy
x-timer
S1674986973.871883,VS0,VE0
etag
W/"3f-185dda452e0"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 25, 11
_app.js
www.haaretz.com/_next/static/3.0.749/pages/ 		363 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5822856bfc377007be189ca56e241e943c01de94c6b0a5e879f3897ce5f91d0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517797
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
10
x-origin-status
200, 200
content-length
140059
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.871894,VS0,VE5
etag
W/"5ab4a-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 62, 1
index.js
www.haaretz.com/_next/static/3.0.749/pages/ 		168 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/3.0.749/pages/index.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c2fad48c645f409b0d0580287a8267d26203507cd46ff3fa6acdaa982bf9cf52
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517714
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
11
x-origin-status
200, 200
content-length
39242
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.872609,VS0,VE0
etag
W/"2a0e5-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 1140, 2
webpack-03f921f9f86e5962e0a7.js
www.haaretz.com/_next/static/runtime/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
67152f0ad992734cf950c784ad38cc5a194b5ac1c00535bdc2455eb88c97257f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517796
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
415
x-origin-status
200, 200
content-length
3571
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.874374,VS0,VE2
etag
W/"1854-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 57, 7
framework.e720d56855ea292faef3.js
www.haaretz.com/_next/static/chunks/ 		146 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
fa4a20c3e38e5309d73c919d11d396fd6eb9343a04f4e6f674e6c469cf3aa13e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
965771
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
49
x-origin-status
200, 200
content-length
45386
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986973.874327,VS0,VE1
etag
W/"249bf-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 6421, 8
53a91a63.acfba3af17a2761b6966.js
www.haaretz.com/_next/static/chunks/ 		166 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/53a91a63.acfba3af17a2761b6966.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9e0467522f4569e44c81cd06aaf43de464d8e8c82519c5c4a86f596fdec6f1c1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
340719
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
11
x-origin-status
200, 200
content-length
8526
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.873426,VS0,VE0
etag
W/"299ba-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 609, 7
commons.aef772f399a0b0e06b27.js
www.haaretz.com/_next/static/chunks/ 		3 MB
377 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4d788047eff085a710d2fb7ad2e1a0f20701159b9731cb65d3f3d0f76514766d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
978301
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
9
x-origin-status
200, 200
content-length
386172
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986973.873364,VS0,VE3
etag
W/"33e6a3-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 9322, 1
2d47944d771918966b3f3fced6319d3ff550a9c0.9fb0e8f09a30d448c21b.js
www.haaretz.com/_next/static/chunks/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/2d47944d771918966b3f3fced6319d3ff550a9c0.9fb0e8f09a30d448c21b.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
54ccddde8057fc88cf47155ec91b8f59cd28569386c6df944dcb72fe6755af9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
9
x-origin-status
200, 200
content-length
4171
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.873341,VS0,VE0
etag
W/"2fc2-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 58, 7
2042e1cb3c4d193de3fc0c874022d8a276cabd3c.e6a8beb1896c1ac1c74f.js
www.haaretz.com/_next/static/chunks/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/2042e1cb3c4d193de3fc0c874022d8a276cabd3c.e6a8beb1896c1ac1c74f.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
fa1e8b3eab983c79faec4ecf6cb1a4af4dc5a9230cb3b3d1ec9e7eb3c8438a49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
7
x-origin-status
200, 200
content-length
9614
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.873309,VS0,VE2
etag
W/"7d10-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 58, 6
main-7635d15925b989cf4c80.js
www.haaretz.com/_next/static/runtime/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/runtime/main-7635d15925b989cf4c80.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c1f763e19118639bebb91db54b083db53ef7d5a2f0e29c0ed9fe84fab97e1a91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
1669580
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
236
x-origin-status
200, 200
content-length
6372
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 08:09:47 GMT
server
istio-envoy
x-timer
S1674986973.872720,VS0,VE0
etag
W/"45e7-18576ade8f8"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 12927, 7
9893e9f1bd720ecb0be233c41309cd140ac05a98.9c2574a6fe3241677e9f.js
www.haaretz.com/_next/static/chunks/ 		168 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/9893e9f1bd720ecb0be233c41309cd140ac05a98.9c2574a6fe3241677e9f.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7d77f0e883358f5a38d42447f1db3b237aa6391792816e063778a88c3f1442d1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
4
x-origin-status
200, 200
content-length
47504
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.898411,VS0,VE0
etag
W/"29fc9-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 60, 7
1fe5ada8f92fffd28978d64bd1d15067ec9caeaa.ae3c42cf78bd0733f029.js
www.haaretz.com/_next/static/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/1fe5ada8f92fffd28978d64bd1d15067ec9caeaa.ae3c42cf78bd0733f029.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
21762a8f5ec49b563037e43632d3d71dcbbb9caa75a5f964f796babad13113ee
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
9
x-origin-status
200, 200
content-length
6191
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895851,VS0,VE0
etag
W/"4770-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 55, 6
9453609f3f037e55a618b1555956b9f54d040e62.ae53e5ed2c04ae52e917.js
www.haaretz.com/_next/static/chunks/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/9453609f3f037e55a618b1555956b9f54d040e62.ae53e5ed2c04ae52e917.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
cf15e0c8bd8cf997ed306a739dcd3a5eb0414da439b28ec32aeb9f5884831461
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
5
x-origin-status
200, 200
content-length
8942
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.897461,VS0,VE0
etag
W/"6aa4-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 61, 6
eb0cc4274f56b8a7013e0b6525eab227bdd753ff.0c524e41968367457f5a.js
www.haaretz.com/_next/static/chunks/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/eb0cc4274f56b8a7013e0b6525eab227bdd753ff.0c524e41968367457f5a.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ed0db47adf896fd074b37ccb5defc17451cc97580a26d4932a9458a6c848ba3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517819
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
10
x-origin-status
200, 200
content-length
4637
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895831,VS0,VE0
etag
W/"37d5-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 59, 6
0f753b5881b6489c0b3f51cb1f0f8d5c77abc559.376aca2e1b5b1b01d902.js
www.haaretz.com/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/0f753b5881b6489c0b3f51cb1f0f8d5c77abc559.376aca2e1b5b1b01d902.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
54418cc58b1030864f88b11db00de1feb6a9a1698bec6b12d7cbae45d64b12f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517801
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
10
x-origin-status
200, 200
content-length
3534
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895923,VS0,VE0
etag
W/"3314-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 62, 7
16e7e2204aaa09fdd3b3ea667ac28964fa16bf0a.461c216d17ec13b4f87b.js
www.haaretz.com/_next/static/chunks/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/16e7e2204aaa09fdd3b3ea667ac28964fa16bf0a.461c216d17ec13b4f87b.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
539b252edbc61e48a231ab4d79fb2e8a4e096d42aae1f81edbd0cff0d1877a96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
5
x-origin-status
200, 200
content-length
13878
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.897348,VS0,VE0
etag
W/"a558-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 55, 6
217383f501784fcb732d439a3875cc8be6ec08d1.79dc44edfda7ea2b6ced.js
www.haaretz.com/_next/static/chunks/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/217383f501784fcb732d439a3875cc8be6ec08d1.79dc44edfda7ea2b6ced.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3ebcddf19983fdeceabc565c9354ebc3fb2897b17f17dcc77ce493c95b8b5bb5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517819
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
7
x-origin-status
200, 200
content-length
18482
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.896763,VS0,VE0
etag
W/"100dd-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 57, 6
44208e32d791d697d925c59dbe6e0882d07707e0.b391998dc0d8e908411e.js
www.haaretz.com/_next/static/chunks/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/44208e32d791d697d925c59dbe6e0882d07707e0.b391998dc0d8e908411e.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a2a393fd224ee98d5b4bce5f71e8768a70ad0fd66de718023024fcb4d1763977
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517819
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
10
x-origin-status
200, 200
content-length
10987
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895567,VS0,VE0
etag
W/"8c86-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 60, 7
2d1df115e1d7c8e2aefee1f7bb3bca44cbb2d1dc.e8c7e1e3e6af75072fa1.js
www.haaretz.com/_next/static/chunks/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/2d1df115e1d7c8e2aefee1f7bb3bca44cbb2d1dc.e8c7e1e3e6af75072fa1.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
be714930fa0e377702a0be9afada4d507367133db4387edcd0f798f9df0e7812
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517799
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
8
x-origin-status
200, 200
content-length
3576
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.896345,VS0,VE0
etag
W/"29f9-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 53, 2
94877ea0444866fff167c04364640b3ada007daa.1acaec232337ff9fe033.js
www.haaretz.com/_next/static/chunks/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/94877ea0444866fff167c04364640b3ada007daa.1acaec232337ff9fe033.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
be65266f8d8b8254d35602c6c1d43e808be9bd34367fd9c674114969aa8ab4b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
6
x-origin-status
200, 200
content-length
18774
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.896645,VS0,VE0
etag
W/"115fe-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 55, 7
cb5e297e7ae0ac78f2561dbb07f7528b4cb5e363.7e1f217a43547ce8b2dd.js
www.haaretz.com/_next/static/chunks/ 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/cb5e297e7ae0ac78f2561dbb07f7528b4cb5e363.7e1f217a43547ce8b2dd.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3ccf0190d0bf0de6293c858256520e9975642203a7a9f3c98fb12070bb88777c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517780
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
10
x-origin-status
200, 200
content-length
14644
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895106,VS0,VE4
etag
W/"e5e0-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 49, 2
3d754ea3a84fef2a9fecb670ce2f52401eb0ebdf.4732c1370790bd6326bf.js
www.haaretz.com/_next/static/chunks/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/3d754ea3a84fef2a9fecb670ce2f52401eb0ebdf.4732c1370790bd6326bf.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
36bb2112ddf8381088156cb3d15e317b5ad4e15f7055bea81b21307793c7fe3e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517739
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
8
x-origin-status
200, 200
content-length
5704
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895045,VS0,VE1
etag
W/"4d15-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 54, 2
e1b85f8f2dfe49aadef6f85f47e28b739922a7a1.73d782d70b86a47a968a.js
www.haaretz.com/_next/static/chunks/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/e1b85f8f2dfe49aadef6f85f47e28b739922a7a1.73d782d70b86a47a968a.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8f52bb7e5e73cfdff4fd51e8c0f46730efd64a3b6e911acf17b5fc045648d744
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517801
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
7
x-origin-status
200, 200
content-length
8505
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.895035,VS0,VE1
etag
W/"7d35-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 54, 7
27b369797b3bc87af983dbbd10b3dfaa1828eb4b.b13feaf49d1d3b1090c2.js
www.haaretz.com/_next/static/chunks/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/27b369797b3bc87af983dbbd10b3dfaa1828eb4b.b13feaf49d1d3b1090c2.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
67eaf092de726f1e46bbb4d84ba50213e5311ca594794e54a46b2332dcd853a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517715
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
40
x-origin-status
200, 200
content-length
7499
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.894988,VS0,VE1
etag
W/"64cc-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 4, 2
03030.jpg
img.haarets.co.il/bs/00000185-fa4a-d4a2-adb5-fa6af8f20000/8e/df/c24b052f48e0934e2b8280da1f75/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fa4a-d4a2-adb5-fa6af8f20000/8e/df/c24b052f48e0934e2b8280da1f75/03030.jpg?precrop=2400,1395,x0,y0&height=351&width=604
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
993dd634dfeba7daf9f746f414d6afbbd0ef45f1718b0d68174c3afb539372c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 22:32:06 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
45446
x-guploader-uploadid
ADPycdsJ9Z5VcFdQr544FDceTc0LML-EPn8WneUXOiKs9U86EG6c322NG66Tu2f_F3fhorDbSxb1Q6YhAwU6a0ltv-PeucUwWcj4
x-cache
HIT, HIT
fastly-io-info
ifsz=513428 idim=2400x1601 ifmt=jpeg ofsz=38678 odim=604x351 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
38678
x-served-by
cache-fra-eddf8230127-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.966100,VS0,VE2
etag
"cp5BfmRlMLqUotWz6f3/ORVzhkhnjicemvuv9cVOMlM"
vary
Accept
x-goog-hash
crc32c=rvrAAw==, md5=AiyIdNHj6OjJrh/mnBCAww==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674941495516471
cache-control
max-age=31536000
x-goog-stored-content-length
513428
accept-ranges
bytes
x-cache-hits
7, 1
1018316866.jpg
img.haarets.co.il/bs/0000017f-da79-dc0c-afff-db7bfdc70000/da/47/35b800e4860313ae3c21da4b3e50/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da79-dc0c-afff-db7bfdc70000/da/47/35b800e4860313ae3c21da4b3e50/1018316866.jpg?precrop=1000,578,x0,y56&height=163&width=280
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
844b93a0c92a05e0521b21770c1debc376958fef2b95d43a1eb687158ecb9855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 21 Jan 2023 10:34:47 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
693285
x-guploader-uploadid
ADPycdt3IURUPssuqSr-Z02JNw6Wjmam89TbxI2OO1DC_1-bVMyWZz6oGoPGxK47nHOpozQRbAsLC4-sjY_9MwH8SmKn6Q
x-cache
HIT, HIT
fastly-io-info
ifsz=85449 idim=1000x745 ifmt=jpeg ofsz=4816 odim=280x163 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
4816
fastly-io-warning
JPEG input may be corrupt
x-served-by
cache-fra-eddf8230091-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.966187,VS0,VE2
etag
"FJLf1SMoz1tANS54721ixZ61TC1s65TAeUKSlGro/ik"
vary
Accept
x-goog-generation
1645801372455269
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-hash
crc32c=jPr2eQ==, md5=2NrVfekI2Q+rptIEq7qvOw==
cache-control
max-age=31536000
x-goog-stored-content-length
85449
accept-ranges
bytes
x-cache-hits
6, 1
386574-1.jpg
img.haarets.co.il/bs/00000185-fc50-d4a2-adb5-fc7811900000/b4/eb/16f6fcda4ff3b7888ce7e0dea90f/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fc50-d4a2-adb5-fc7811900000/b4/eb/16f6fcda4ff3b7888ce7e0dea90f/386574-1.jpg?precrop=2400,1395,x0,y200&height=163&width=280
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc261de27eb3b381cad660a1eda75490cac1bb9a6ebc6c9bfb30c0ca40a9d8aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 29 Jan 2023 07:56:41 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
11572
x-guploader-uploadid
ADPycdsdLQfZ6Bc-Ts9CgeJKwzY5BHcoZqTKHlPpCiwS1DMmAtm5WnHO6WborZEZDycryRnEVG90U9PqjCt5SnWhw7ZnO6ROA6nW
x-cache
HIT, HIT
fastly-io-info
ifsz=1044593 idim=2400x1603 ifmt=jpeg ofsz=15012 odim=280x163 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
15012
x-served-by
cache-fra-eddf8230085-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.966916,VS0,VE2
etag
"qJDbrCHcjtI/b7UqHd49H6gCh7UF92VZDuympvXcmE4"
vary
Accept
x-goog-hash
crc32c=546Dwg==, md5=N/rOrx9BWo0jo06lGPtI5w==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674975383937660
cache-control
max-age=31536000
x-goog-stored-content-length
1044593
accept-ranges
bytes
x-cache-hits
1, 1
05913.jpg
img.haarets.co.il/bs/00000185-fa5f-def6-a7b5-ff5faccb0000/32/99/570284924d769a54aa0c74c16e0c/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fa5f-def6-a7b5-ff5faccb0000/32/99/570284924d769a54aa0c74c16e0c/05913.jpg?precrop=2400,1395,x0,y143&height=163&width=280
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
90aa5bb4c0ac4bc4ded773fdda3c7af4ffd6222824ccd42c61858b517b84333e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 22:54:25 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
44107
x-guploader-uploadid
ADPycdtZG6p3dSND9zvflIhGLz91vzdRacwzY3Fq5ciU7vGy29lIoGylMjSxTkb4hbugeQu81g5wfVv03sr4uiDhLdsqFfeeeVCR
x-cache
HIT, HIT
fastly-io-info
ifsz=325375 idim=2400x1603 ifmt=jpeg ofsz=10736 odim=280x163 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
10736
x-served-by
cache-fra-eddf8230020-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.966432,VS0,VE9
etag
"hu78szKHx3Bw5HuBqqD+HCDuzvjgJIbyXXYC8kj/tPw"
vary
Accept
x-goog-hash
crc32c=Fdv3NA==, md5=B4jpiDPl2LQsCvqWDcx6FA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674942852280032
cache-control
max-age=31536000
x-goog-stored-content-length
325375
accept-ranges
bytes
x-cache-hits
2, 1
83665.jpg
img.haarets.co.il/bs/00000185-f49e-def6-a7b5-fd9e7d4b0006/c4/79/e2d2f50c45ebaa1d581c1e679763/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f49e-def6-a7b5-fd9e7d4b0006/c4/79/e2d2f50c45ebaa1d581c1e679763/83665.jpg?precrop=1229,715,x352,y807&height=163&width=280
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
296d593b3a16e48470ed01a3fe076104cdd81adcd7765f44480a4b95d7099175

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 27 Jan 2023 20:07:35 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
140517
x-guploader-uploadid
ADPycdt7XalkyUzo_Habjv21vz3zn6NVqrJ5JnbmeMxP954YQgU4YYrecfMQZoYGHffSxwbztZe_aXWenlPpC7rZ4geiO0oIJDGZ
x-cache
HIT, HIT
fastly-io-info
ifsz=236650 idim=1603x2400 ifmt=jpeg ofsz=3194 odim=280x163 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
3194
x-served-by
cache-fra-eddf8230078-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.966502,VS0,VE2
etag
"DCDdghmDXUzl5kC74Mi3ehmVHir9akzCwcQ+JshkB84"
vary
Accept
x-goog-hash
crc32c=St5nNQ==, md5=ZA59aZhzjRm5PFwOPmN84Q==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674663382109482
cache-control
max-age=31536000
x-goog-stored-content-length
236650
accept-ranges
bytes
x-cache-hits
1, 1
03703.jpg
img.haarets.co.il/bs/00000185-f8fc-d4a2-adb5-f8fc825b0001/db/f5/ff3f23b240f399cb7096edabedc9/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f8fc-d4a2-adb5-f8fc825b0001/db/f5/ff3f23b240f399cb7096edabedc9/03703.jpg?precrop=1468,1468,x238,y0&height=487&width=487
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8fe08f3bdfb32875597546506834d3c8602c30245fe8c0b1064bb1ee90dde1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 15:34:30 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
66901
x-guploader-uploadid
ADPycdtcBPGPRjAia_xk5_78U8exOab25GTB_QbUB-EX0tb1dwTWPyQgcGYpIB79p7btqvlm4pZ6RCKLo3zd7mHBJtZWgv-hQVNW
x-cache
HIT, HIT
fastly-io-info
ifsz=547606 idim=2200x1468 ifmt=jpeg ofsz=30056 odim=487x487 ofmt=webp
x-goog-meta-content-length
547606
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
30056
x-served-by
cache-fra-eddf8230025-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.966966,VS0,VE2
etag
"lXMK5wHNDzwodric1kbKdvGNPLAiEsIicWYLvucTr2I"
vary
Accept
x-goog-hash
crc32c=WGoPZg==, md5=3nSGbTuyDByoYRTf888IGQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674907309260905
cache-control
max-age=31536000
x-goog-stored-content-length
547606
accept-ranges
bytes
x-cache-hits
1, 1
55714.jpg
img.haarets.co.il/bs/00000185-f5b1-d4a2-adb5-f5b90dde0000/53/f5/88780a774b37ba756d9c183ef2cd/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f5b1-d4a2-adb5-f5b90dde0000/53/f5/88780a774b37ba756d9c183ef2cd/55714.jpg?precrop=1658,1275,x157,y323&height=211&width=274
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1736cf9a5f22411f4452f640e50f39070d9349be5ea07693768b9789716cc9e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 01:05:05 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
122667
x-guploader-uploadid
ADPycdvpnZSJRsVo74AbwoJKn1tAqov4SvhUPdRN_SDNliTf4tLhcwPsFUeWIM8BDw4g1hM2LEEwzRfB2pY7fZPQwPWtoQ
x-cache
HIT, HIT
fastly-io-info
ifsz=502853 idim=2400x1601 ifmt=jpeg ofsz=6574 odim=274x211 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
6574
x-served-by
cache-fra-eddf8230087-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.983511,VS0,VE1
etag
"obbHR5QwSFzSrCFuuW+gXQRV+nrwEXGoA3mcviwC3UA"
vary
Accept
x-goog-hash
crc32c=n+K28g==, md5=2119lnRb3f/imo6wxXDSvA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674119772135517
cache-control
max-age=31536000
x-goog-stored-content-length
502853
accept-ranges
bytes
x-cache-hits
1, 1
429663.jpg
img.haarets.co.il/bs/00000185-f5f4-d4a2-adb5-f5fce7690001/9f/20/35acaafd44ff8f5a38852933acaf/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f5f4-d4a2-adb5-f5fce7690001/9f/20/35acaafd44ff8f5a38852933acaf/429663.jpg?height=211&width=274
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a7ab1c724b890130c4b5cdbed316cc2d14960ac7c350e59edb2dd1e26f8d38d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 01:19:44 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
118189
x-guploader-uploadid
ADPycds8l4ZsNhiI2FOSa3RiwahJ2shsuqU4_x6a4KMrhj8BhCRqc_vmwOzKHkSfJs76JckMHVyAgFoem9JLUzZuZwSoNcUO8a2C
x-cache
HIT, HIT
fastly-io-info
ifsz=615300 idim=2200x1537 ifmt=jpeg ofsz=4658 odim=274x211 ofmt=webp
x-goog-meta-content-length
615300
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
4658
x-served-by
cache-fra-eddf8230103-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.983617,VS0,VE1
etag
"TVA/o9Vm2kYdfw6YKHpOgyIKxewxT4LZbDjud2ALrrE"
vary
Accept
x-goog-hash
crc32c=64ho9Q==, md5=TiDs2OSWt/MMZHbj3Ejhmg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674868759750750
cache-control
max-age=31536000
x-goog-stored-content-length
615300
accept-ranges
bytes
x-cache-hits
7, 1
torching.jpeg
img.haarets.co.il/bs/00000185-fc84-da5b-a1d5-fca58db90001/c6/f6/4f6a9a4b41a38ba8fa75d8530c5a/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fc84-da5b-a1d5-fca58db90001/c6/f6/4f6a9a4b41a38ba8fa75d8530c5a/torching.jpeg?precrop=1200,1200,x198,y0&height=288&width=288
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fd3dbb5a0b3c8289201a8728b5ed3cfb9b513354715d317361f66ef8d07d82a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 07:55:29 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
8044
x-guploader-uploadid
ADPycdtSO3sfFSugtJ8UdYKmCTaThqsvN7teBUSvFuVyyLW1qGl_FZarhkOZdH2IXSsqEwV0M434nnzCOMSpNzAMNW4YQ3MOPv2Y
x-cache
HIT, HIT
fastly-io-info
ifsz=366929 idim=1600x1200 ifmt=jpeg ofsz=18490 odim=288x288 ofmt=webp
x-goog-meta-content-length
366929
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
18490
x-served-by
cache-fra-eddf8230118-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987487,VS0,VE3
etag
"S/aWYqFPAyu0n55Z1CTHMjqXwM4ZcoaplU5nJBNTm80"
vary
Accept
x-goog-hash
crc32c=X0YswQ==, md5=Ia3Sz/iEHvpeIefMr+R2Jg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674978830163899
cache-control
max-age=31536000
x-goog-stored-content-length
366929
accept-ranges
bytes
x-cache-hits
10, 1
08891.jpg
img.haarets.co.il/bs/00000185-fcab-def6-a7b5-fdaf27060001/85/1f/bd87f677484cace809d4a0fd439b/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fcab-def6-a7b5-fdaf27060001/85/1f/bd87f677484cace809d4a0fd439b/08891.jpg?precrop=2200,1279,x0,y99&height=105&width=181
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e94afaa2ecaf1172390abdcd87070841c5dcbf2f7e3b0679a60e4723693e354a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 08:36:46 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
5567
x-guploader-uploadid
ADPycdsbBdZ4h2KK166cTOXJxzmTHGojibnUOwaGrG4qh6JnURJfYbij8MtdEi53XrVRn8FM6IgxoywWg1Tkh7vAx_Qhbw
x-cache
HIT, HIT
fastly-io-info
ifsz=366641 idim=2200x1468 ifmt=jpeg ofsz=3272 odim=181x105 ofmt=webp
x-goog-meta-content-length
366641
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
3272
x-served-by
cache-fra-eddf8230021-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.988148,VS0,VE0
etag
"9aD4Rd/m3yOKqM7rKwIM0PWHYvH8UxrAJtXaXIcXdu4"
vary
Accept
x-goog-hash
crc32c=pZdw2g==, md5=cDxedXg6IQQjKNDrcKDSrQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674975817597362
cache-control
max-age=31536000
x-goog-stored-content-length
366641
accept-ranges
bytes
x-cache-hits
3, 3
52453.jpg
img.haarets.co.il/bs/00000185-fb68-def6-a7b5-ff6eadcb0001/ea/93/302534974279933b21901b723a60/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fb68-def6-a7b5-ff6eadcb0001/ea/93/302534974279933b21901b723a60/52453.jpg?precrop=2400,1395,x0,y206&height=105&width=181
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b932c4db6bf2b4ab97e13688e92c00f59532249e26ba191bf03c652d01895209

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 29 Jan 2023 03:43:48 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
26745
x-guploader-uploadid
ADPycdskfQi_73dthD6yn1FkejANIQbh2CRtjEYs5Y2dHpYo4xBSnTilkDviVHZJptreBFeqv61cg72aqXI0npBcL8uaxA
x-cache
HIT, HIT
fastly-io-info
ifsz=228029 idim=2400x1601 ifmt=jpeg ofsz=3152 odim=181x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
3152
x-served-by
cache-fra-eddf8230114-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987121,VS0,VE4
etag
"WeRy1MSz3+NB1tbYNLckl7m8ICDUFJ1+KlRpWnwiHq4"
vary
Accept
x-goog-hash
crc32c=J0mWpQ==, md5=Wlp0IuCl5kFCc/3tSa2b7g==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674929458136658
cache-control
max-age=31536000
x-goog-stored-content-length
228029
accept-ranges
bytes
x-cache-hits
3, 1
05280.jpg
img.haarets.co.il/bs/00000185-fa13-d4a2-adb5-fa3b30130000/97/1c/9874455e4125b5fe86153f5da402/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fa13-d4a2-adb5-fa3b30130000/97/1c/9874455e4125b5fe86153f5da402/05280.jpg?precrop=2400,1395,x0,y111&height=105&width=181
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
79c5d3d389bb7efd29e12929d46c64ab9aaf62beb2a34c8d41127b927f105806

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 21:30:55 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
49117
x-guploader-uploadid
ADPycdtrC3spMiw4xirFQEArYZX0vLXY_R35kZeOfKRCYb333kVBuLM3sFchC4EtKGx3MAvjcqMZsWdraDaJ_Cmm5uySqA7PnbdX
x-cache
HIT, HIT
fastly-io-info
ifsz=742689 idim=2400x1601 ifmt=jpeg ofsz=8588 odim=181x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
8588
x-served-by
cache-fra-eddf8230103-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.988288,VS0,VE3
etag
"o/lFWhfm/yQ+OfSeOmD2nJiW8P/maM+gNjW9h9lQKnE"
vary
Accept
x-goog-hash
crc32c=YA66/Q==, md5=KKaL7FzlLkcgxW+TmoTRLA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674937839616060
cache-control
max-age=31536000
x-goog-stored-content-length
742689
accept-ranges
bytes
x-cache-hits
4, 1
gpohz0-3779.jpg
img.haarets.co.il/bs/00000185-fb07-d4a2-adb5-fb2f0f9f0001/7c/2f/abe8e7984cf5a1e43c46a3395c18/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fb07-d4a2-adb5-fb2f0f9f0001/7c/2f/abe8e7984cf5a1e43c46a3395c18/gpohz0-3779.jpg?precrop=2344,1363,x13,y0&height=105&width=181
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
84f184c1361efafaee0fa748e06b44818472b20f1e0d25178d828447e0d8e5c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 29 Jan 2023 01:57:09 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
33144
x-guploader-uploadid
ADPycdsB9GXzeQO8s0THnIu1rGl1bns6mpxZElnkRJTM_sIVWf9vMZV9NBwZ3iBubKMy_ZgzhkkxfK23jkeJmP-i8F_uko3x-qmd
x-cache
HIT, HIT
fastly-io-info
ifsz=313080 idim=2400x1363 ifmt=jpeg ofsz=4928 odim=181x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
4928
x-served-by
cache-fra-eddf8230072-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987487,VS0,VE1
etag
"V+KHew62kCTtTgqUXehVqQUvy5mjdzSsn3Y2UN19Kpg"
vary
Accept
x-goog-hash
crc32c=weupMw==, md5=qYxAWyPvLNInuH1epAsakA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674932982425780
cache-control
max-age=31536000
x-goog-stored-content-length
313080
accept-ranges
bytes
x-cache-hits
10, 1
haaretzcom-prod.js
cdn.valuad.cloud/hb/ 		906 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
665164b9794d2aad4341a1c231360f7929ed7ba815a2f121e418013eb1a66c1a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Sun, 22 Jan 2023 11:41:49 GMT
x-sp-metadata
HS256.CO2n2Z4GEokBCiQ4ZWI4ZTYxYi0wMTMzLTQ0YzYtYTZjYi1mMDc4YjExNzE3MzEQ+PLE+NXG+wIaBgjdi9meBiIOMjE3LjExNC4yMTguMjQosKQDMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogM2U5YjIwNjEwMDk4YjZjOWJmZjk1Mzg1NmU1ODAxNmEaLAgBEiQ2ZjIzZDA4NC0xOTRiLTQ1MmUtYWQ0OS0xOWZiNjNjMTA2OGEYp6MPIhgIAhIUY2RzMjI0LmZyOC5od2Nkbi5uZXQ=.QgMHgkUtC5cethqLI46XAuWRuwXolsOel5b94kV/rXs=
x-amz-request-id
tx000000000000067a5a87b-0063d585f1-2b9ec190-fra1a
etag
"97b31dc0f28c6fed80156e2111db1a4b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674986972.dop269.fr8.t,1674986972.cds245.fr8.hn,1674986973.cds224.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
250279
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 29 Jan 2023 10:09:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27815
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
hqg/a9K54dcXwGKB5o954LQ7ZTRm88SDIiJZhzLPImBluUfyVf3w7F0XgtcJhlM2N0Dxq4jY8Y/m8/95MbbyVQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
55714.jpg
img.haarets.co.il/bs/00000185-f5b1-d4a2-adb5-f5b90dde0000/53/f5/88780a774b37ba756d9c183ef2cd/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f5b1-d4a2-adb5-f5b90dde0000/53/f5/88780a774b37ba756d9c183ef2cd/55714.jpg?precrop=1888,1098,x0,y400&height=163&width=281
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cbbfa4fcda4d76802e3e5e6a55d414937a8eb2ef6d3ac77699dd8fa9b27b3ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 01:05:05 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
122667
x-guploader-uploadid
ADPycdvpnZSJRsVo74AbwoJKn1tAqov4SvhUPdRN_SDNliTf4tLhcwPsFUeWIM8BDw4g1hM2LEEwzRfB2pY7fZPQwPWtoQ
x-cache
HIT, HIT
fastly-io-info
ifsz=502853 idim=2400x1601 ifmt=jpeg ofsz=5712 odim=281x163 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
5712
x-served-by
cache-fra-eddf8230087-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987033,VS0,VE2
etag
"diQsttPYOfHyWXUt4gimkb2UN0PGZzkCdFy4MIqHWUs"
vary
Accept
x-goog-hash
crc32c=n+K28g==, md5=2119lnRb3f/imo6wxXDSvA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674119772135517
cache-control
max-age=31536000
x-goog-stored-content-length
502853
accept-ranges
bytes
x-cache-hits
2, 1
95125.jpg
img.haarets.co.il/bs/00000185-f242-def6-a7b5-ff4e960f0001/0d/d2/6c9775f54cd3a89bd33e27b15767/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f242-def6-a7b5-ff4e960f0001/0d/d2/6c9775f54cd3a89bd33e27b15767/95125.jpg?precrop=2200,1279,x0,y188&height=163&width=281
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6cb929b074d47c1d6de8c8ee5127e9cb4cfbe7105fed60d45a5da5493c1f86ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 08:05:35 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
180238
x-guploader-uploadid
ADPycdsjXmPCz19ffHlmcPinqWnQZbWOcWDhqeQIztrjTaQphWMFnIq_zAOTOXKR-DeRfMayvmdVOQzz7UvMaHrCXqhDyQ
x-cache
HIT, HIT
fastly-io-info
ifsz=1006721 idim=2200x1467 ifmt=jpeg ofsz=10250 odim=281x163 ofmt=webp
x-goog-meta-content-length
1006721
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
10250
x-served-by
cache-fra-eddf8230024-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987083,VS0,VE1
etag
"FzCCQTiNIvumKyk+oB3U4Rfe+6fj9qGZTB1jhKUHqgs"
vary
Accept
x-goog-hash
crc32c=jzr4tg==, md5=AQyXBIqqiEooPpPVlPtTQA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674767244565994
cache-control
max-age=31536000
x-goog-stored-content-length
1006721
accept-ranges
bytes
x-cache-hits
1, 1
429663.jpg
img.haarets.co.il/bs/00000185-f5f4-d4a2-adb5-f5fce7690001/9f/20/35acaafd44ff8f5a38852933acaf/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f5f4-d4a2-adb5-f5fce7690001/9f/20/35acaafd44ff8f5a38852933acaf/429663.jpg?height=343&width=590
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9291293555e471ac82e373cebc9e8575893004f15c77a7a3615f11f33a2aa033

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 01:19:44 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
118188
x-guploader-uploadid
ADPycds8l4ZsNhiI2FOSa3RiwahJ2shsuqU4_x6a4KMrhj8BhCRqc_vmwOzKHkSfJs76JckMHVyAgFoem9JLUzZuZwSoNcUO8a2C
x-cache
HIT, HIT
fastly-io-info
ifsz=615300 idim=2200x1537 ifmt=jpeg ofsz=11490 odim=590x343 ofmt=webp
x-goog-meta-content-length
615300
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
11490
x-served-by
cache-fra-eddf8230103-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987935,VS0,VE1
etag
"eSUX/TJirPcU2ZX2miTUNTXUjwjRyLDBbiokjiEuVbE"
vary
Accept
x-goog-hash
crc32c=64ho9Q==, md5=TiDs2OSWt/MMZHbj3Ejhmg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674868759750750
cache-control
max-age=31536000
x-goog-stored-content-length
615300
accept-ranges
bytes
x-cache-hits
2, 1
50375429.JPG
img.haarets.co.il/bs/00000185-f059-d21e-ade5-f25daa540000/bf/1c/a45b134541fba5f281a2d9841713/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f059-d21e-ade5-f25daa540000/bf/1c/a45b134541fba5f281a2d9841713/50375429.JPG?precrop=7103,5464,x374,y0&height=235&width=305
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
520144f6592efeb0f262a9431d74709c87225cf8a63c35fabb005038f9e1db8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 27 Jan 2023 00:11:38 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
212274
x-guploader-uploadid
ADPycdvLdjX3PiVQPKjPhDeOsCtyJzDKM8Qd4KzCbUs7qMQcDAFMTLclhlKl_MWZuqW5aHPslAHCkYoC2vwAIW6qNCbf_g
x-cache
MISS, HIT
fastly-io-info
ifsz=6074674 idim=8192x5464 ifmt=jpeg ofsz=13252 odim=305x235 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
13252
x-served-by
cache-fra-eddf8230081-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987511,VS0,VE4
etag
"BgSq8bMBj4EpPQogTLbFZyXBAZQBTau0BIuVy5kgIfc"
vary
Accept
x-goog-hash
crc32c=cXfm6Q==, md5=mjk6QlPzBvfLRaClrcCaOQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674657433277761
cache-control
max-age=31536000
x-goog-stored-content-length
6074674
accept-ranges
bytes
x-cache-hits
0, 1
17684.jpg
img.haarets.co.il/bs/00000185-ef3e-d160-a39d-ffff1fb20000/7b/c8/c32b8f9d4beda5362c4d17efd2dc/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-ef3e-d160-a39d-ffff1fb20000/7b/c8/c32b8f9d4beda5362c4d17efd2dc/17684.jpg?precrop=1248,1468,x624,y0&height=331&width=281
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
382ebed0fc76b75759c3f5a0139d557bef591ed6603808ed389c69955c5fa452

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 26 Jan 2024 18:01:54 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
230860
x-guploader-uploadid
ADPycdtSR4jbVV1bFzvlzrBVbKTif0H150tEmLDesKBZGRS4muKvhj_5gcv38EakC3JJB-fbxBGwCX937Gq7XqLidn3hkQ
x-cache
HIT, HIT
fastly-io-info
ifsz=512001 idim=2200x1468 ifmt=jpeg ofsz=17152 odim=281x331 ofmt=webp
x-goog-meta-content-length
512001
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
17152
x-served-by
cache-fra-eddf8230020-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.988043,VS0,VE1
etag
"+4qcCzdb/vsOGBl5dWH1O34Sa9zyboLWZU7agOQPNp4"
vary
Accept
x-goog-hash
crc32c=YAyGyQ==, md5=HWfIDZwPltto32vEvuI2PQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674567123835113
cache-control
max-age=31536000
x-goog-stored-content-length
512001
accept-ranges
bytes
x-cache-hits
1, 1
3315319277.png
img.haarets.co.il/bs/0000017f-da28-d249-ab7f-fbe8df740000/0e/8b/dd52f29a5b29b9e4d32747cff5b9/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da28-d249-ab7f-fbe8df740000/0e/8b/dd52f29a5b29b9e4d32747cff5b9/3315319277.png?height=102&width=102
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
498de38d394ae86bda3a4ceeef50d30ded0be75496dab57900f3e9777b672044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 22 Dec 2022 00:05:46 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
3323026
x-guploader-uploadid
ADPycdutnjMtKKYRf_KRyO4KelnVNig0oJolLm2WQLKCfBpgxIqI8jP5iiTx-GrL_yKmgrvU7ISw_W_uPHjTRikxxoz52g
x-cache
HIT, HIT
fastly-io-info
ifsz=17604 idim=600x600 ifmt=png ofsz=3904 odim=102x102 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
3904
x-served-by
cache-fra-eddf8230022-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987540,VS0,VE3
etag
"15oUslKjI7HEps4o8+0VoFb2Nex2Az9AU9EnpTIkUO8"
vary
Accept
x-goog-hash
crc32c=duDMJQ==, md5=7Q35eSvDquTdFM08gOMafg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645652185346820
cache-control
max-age=31536000
x-goog-stored-content-length
17604
accept-ranges
bytes
x-cache-hits
14660, 1
3315319277.png
img.haarets.co.il/bs/0000017f-da28-d249-ab7f-fbe8df740000/0e/8b/dd52f29a5b29b9e4d32747cff5b9/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da28-d249-ab7f-fbe8df740000/0e/8b/dd52f29a5b29b9e4d32747cff5b9/3315319277.png?height=80&width=80
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b778b76b758b15fe9526af45a8e4e9ba5ceb9f5e1ea014fd3e81bff2bcfd310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 22 Dec 2022 00:05:46 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
3323026
x-guploader-uploadid
ADPycdutnjMtKKYRf_KRyO4KelnVNig0oJolLm2WQLKCfBpgxIqI8jP5iiTx-GrL_yKmgrvU7ISw_W_uPHjTRikxxoz52g
x-cache
HIT, HIT
fastly-io-info
ifsz=17604 idim=600x600 ifmt=png ofsz=2988 odim=80x80 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
2988
x-served-by
cache-fra-eddf8230022-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.987118,VS0,VE2
etag
"a/0piympTRxq2RQIdN6RtmbRVGHX9gpv/f1hZ5QHnKg"
vary
Accept
x-goog-hash
crc32c=duDMJQ==, md5=7Q35eSvDquTdFM08gOMafg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645652185346820
cache-control
max-age=31536000
x-goog-stored-content-length
17604
accept-ranges
bytes
x-cache-hits
13834, 1
50377524.JPG
img.haarets.co.il/bs/00000185-f038-def6-a7b5-fd3ea3140000/8d/0e/25dd154b4a218cad267191cd4d38/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f038-def6-a7b5-fd3ea3140000/8d/0e/25dd154b4a218cad267191cd4d38/50377524.JPG?precrop=1949,1133,x109,y0&height=347&width=597
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
36466bc6b444d23e14c0eae8f7299aa957391163419d94a35e62fe064bdfca37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 23:35:28 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
214444
x-guploader-uploadid
ADPycdtcV8LMmrcgjmDrCjiJA1azTlNK-Ne4DF8wTVzjUlXCDpWnbrxk0K6JTCFmE2QlhQzPBiF1jFnU2qPCiMF8P_XbDnH-pDsP
x-cache
HIT, HIT
fastly-io-info
ifsz=196062 idim=2058x1133 ifmt=jpeg ofsz=16168 odim=597x347 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
16168
x-served-by
cache-fra-eddf8230079-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.986720,VS0,VE2
etag
"rjzZjWiOIeSXyoHuPk44jdngOsX21wxP8KE5azmEoo0"
vary
Accept
x-goog-hash
crc32c=3O5L7g==, md5=Jubu9Ysi1EpXxWo6hRv8Hg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674639072679856
cache-control
max-age=31536000
x-goog-stored-content-length
196062
accept-ranges
bytes
x-cache-hits
6, 1
50199371.JPG
img.haarets.co.il/bs/00000185-efcd-d21e-ade5-efcdded70000/3e/bc/02a310fc45cb80d3c6eefb1472a0/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-efcd-d21e-ade5-efcdded70000/3e/bc/02a310fc45cb80d3c6eefb1472a0/50199371.JPG?precrop=5464,5465,x0,y9&height=188&width=188
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
96e1cf15d15f8dd0c510ef86c42529a948c01de9b7265530d3ca8d7f2a3726ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 21:39:00 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
221432
x-guploader-uploadid
ADPycdsbYMOmFX16IDWxvdJwT0HeLU0CC9ScGLMufh4-Wlvz9FnCCsCjMES4_RwueXvvdH1jYrMOUH0GWf-A8zqQWgVKAHu0JAl0
x-cache
HIT, HIT
fastly-io-info
ifsz=3074296 idim=5464x8192 ifmt=jpeg ofsz=2382 odim=188x188 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
2382
x-served-by
cache-fra-eddf8230069-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.986720,VS0,VE2
etag
"gIISP6/GExnfcdz8oX/7VHLUAr45cILbqHxxrk1EG5Q"
vary
Accept
x-goog-hash
crc32c=EpRZrg==, md5=FkbBqSzZXy7LFETJ7tUIfA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1673434007474554
cache-control
max-age=31536000
x-goog-stored-content-length
3074296
accept-ranges
bytes
x-cache-hits
15, 1
verter.jpg
img.haarets.co.il/bs/00000185-f0d0-def6-a7b5-fddeff5c0000/63/9e/4f350be448dab702c910be0cb814/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f0d0-def6-a7b5-fddeff5c0000/63/9e/4f350be448dab702c910be0cb814/verter.jpg?height=145&width=189
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cf4c44aeeccd526d4c9fca6338b11b90d04245aa66509426934b5ebe5c881fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 27 Jan 2024 01:27:43 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
204110
x-guploader-uploadid
ADPycdvTvbUvsJ41l6zdwxii2ghkT0OsHn_LI7Uqj4AL4Qu6nUvjjdVTZMxNvV44CTM1dPTnno7CgKs2mwVOQ8WZI-wc0ZCW3qow
x-cache
HIT, HIT
fastly-io-info
ifsz=520690 idim=1933x1197 ifmt=jpeg ofsz=7182 odim=189x145 ofmt=webp
x-goog-meta-content-length
520690
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
7182
x-served-by
cache-fra-eddf8230135-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.986707,VS0,VE1
etag
"X+QXOdZ5wotxsEBGj2hdau9QKfXm1jIhBIxEfsXAvwM"
vary
Accept
x-goog-hash
crc32c=tbOx8w==, md5=QMpqA7udxIZEk7K1v1DhbA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674782592585942
cache-control
max-age=31536000
x-goog-stored-content-length
520690
accept-ranges
bytes
x-cache-hits
7, 1
50425249.JPG
img.haarets.co.il/bs/00000185-ee36-d21e-ade5-ee77d49a0000/bb/2f/e6e9a3ad496dab165a1a7754bcc6/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-ee36-d21e-ade5-ee77d49a0000/bb/2f/e6e9a3ad496dab165a1a7754bcc6/50425249.JPG?precrop=4523,3479,x223,y0&height=145&width=189
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
91681d244985c90fd357e2773fde599ca5ca061435212d1868e80817db9fe867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 14:15:03 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
248070
x-guploader-uploadid
ADPycduuPG-2WtTS106FNQtxCg9oOwtWPuMCvvHSkgWIRyxPJOGzxX0dylnOcv0yi_S9v6ZJtyTGepeG-0PJaWTQBLGMbg
x-cache
HIT, HIT
fastly-io-info
ifsz=3394161 idim=5293x3479 ifmt=jpeg ofsz=6256 odim=189x145 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
6256
x-served-by
cache-fra-eddf8230081-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.986704,VS0,VE1
etag
"xFBaO09xmq7G8HpddBK+SEt9WkNI3lbFXIO6KLvodf8"
vary
Accept
x-goog-hash
crc32c=50MWig==, md5=39V9u/o4IC4xa6hEucu32A==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674738848899640
cache-control
max-age=31536000
x-goog-stored-content-length
3394161
accept-ranges
bytes
x-cache-hits
5, 1
50425493.JPG
img.haarets.co.il/bs/00000185-ee9b-def6-a7b5-ff9f39fd0000/ea/e5/8d1a2c704ef2ababaa161cf884d3/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-ee9b-def6-a7b5-ff9f39fd0000/ea/e5/8d1a2c704ef2ababaa161cf884d3/50425493.JPG?precrop=1181,511,x0,y461&height=554&width=1280
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e1f12c0cbd4cb0cc378bc489771667d76b86c64e57617b25aa367276fc1927a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 16:04:36 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
241496
x-guploader-uploadid
ADPycdunZzmRLV68jlB9v92kAr1X6GtdBjw7hX_HQrv0AC_fnZHqo6dOZrMZqOOatRT356H9IVlpjCPGkomxFeMqoAdYW1QwW260
x-cache
MISS, HIT
fastly-io-info
ifsz=280351 idim=1181x1772 ifmt=jpeg ofsz=70258 odim=1280x554 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
70258
x-served-by
cache-fra-eddf8230046-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.986706,VS0,VE3
etag
"p7EnDGX5pwFDikvQxH75e5OOZw5y6q205KX3T9HTyBk"
vary
Accept
x-goog-hash
crc32c=/+ldlw==, md5=7epo/UruWuTg3Wd+9cai2w==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674745428460889
cache-control
max-age=31536000
x-goog-stored-content-length
280351
accept-ranges
bytes
x-cache-hits
0, 1
capture.png
img.haarets.co.il/bs/00000185-fac5-def6-a7b5-ffcfadb30001/49/9a/d8c39cce4b80895b19a6391e1f7e/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fac5-def6-a7b5-ffcfadb30001/49/9a/d8c39cce4b80895b19a6391e1f7e/capture.png?height=319&width=548
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4b04715a0857c2ee6ec77c26c0b8fb7e1a7819dfa1a4782b08ce0ad22836ac87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 23:48:16 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
37277
x-guploader-uploadid
ADPycduQQY_MsJA-r8uuqpkrryXIumq3vlBH_7THjYRwup-tTOhN0HKxka-HQOEJGG2IDZe_YcI2cF4a7uyT8ByrKFm0tn1ceSNV
x-cache
HIT, HIT
fastly-io-info
ifsz=170305 idim=1244x749 ifmt=png ofsz=67460 odim=548x319 ofmt=webp
x-goog-meta-content-length
170305
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
67460
x-served-by
cache-fra-eddf8230135-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.986637,VS0,VE8
etag
"83ud9cGklYvgvHddC6ZhaMNoMlO9B5X5+ULCOU61ivQ"
vary
Accept
x-goog-hash
crc32c=HDvtmg==, md5=Ap+rx8AxT09E/0f6ZDjvpg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674949679374462
cache-control
max-age=31536000
x-goog-stored-content-length
170305
accept-ranges
bytes
x-cache-hits
31, 1
4081750672.png
img.haarets.co.il/bs/0000017f-da24-d249-ab7f-fbe4caa50000/ae/59/dea94179c6dcb754a93d1f65925f/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da24-d249-ab7f-fbe4caa50000/ae/59/dea94179c6dcb754a93d1f65925f/4081750672.png?precrop=1492,1492,x142,y8&height=119&width=119
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
038d181945edfb60d26ae33a484c40acf1dee745bdd333be4b3d11364ae6741f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 12 Jan 2023 01:49:38 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
1502395
x-guploader-uploadid
ADPycdu_wmv69w2tZIh6pzof6WrrYIR4YyxJTwSqGmYh2-L4WjZbY6JTXEiWfv48j6yxtfn1-RvC_YQCkvOMreXKn9m2XVDzSoym
x-cache
HIT, HIT
fastly-io-info
ifsz=1968462 idim=1800x1500 ifmt=png ofsz=13304 odim=119x119 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
13304
x-served-by
cache-fra-eddf8230072-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.991967,VS0,VE3
etag
"7tF60HJtuPg2j97LDSQoopoGJx5Hc93xgngvWNulPCE"
vary
Accept
x-goog-hash
crc32c=fLpHPQ==, md5=O/hD8FJtbive5SQidsSKdA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645651908695617
cache-control
max-age=31536000
x-goog-stored-content-length
1968462
accept-ranges
bytes
x-cache-hits
2, 1
1018316866.jpg
img.haarets.co.il/bs/0000017f-da25-d432-a77f-df3f735d0000/9c/9c/571b95610607c8ac69092f0d73c5/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da25-d432-a77f-df3f735d0000/9c/9c/571b95610607c8ac69092f0d73c5/1018316866.jpg?precrop=901,899,x292,y170&height=119&width=119
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
467b72001e753ae4346c3ac1613fcada702e7b610e8fb4dacf03bc42d01724fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 04 Dec 2022 06:18:05 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
4855887
x-guploader-uploadid
ADPycdvf895b4NstfjdGPe597UA9mR9G83VhM3p2UAxjOCj5S0jjdaps6gowbBnxWclT8Kbn32VI065GgSOTr8zqSENjrw
x-cache
HIT, HIT
fastly-io-info
ifsz=595965 idim=1500x1364 ifmt=png ofsz=13036 odim=119x119 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
13036
x-served-by
cache-fra-eddf8230076-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.990375,VS0,VE2
etag
"36XXrNPnpr43Y0sYtRi2tIaMPCjoeMlAiP6b8cuTyBQ"
vary
Accept
x-goog-hash
crc32c=BsT/oQ==, md5=rDDpQDSDHDZgS5g0Tayc7A==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645652043127889
cache-control
max-age=31536000
x-goog-stored-content-length
595965
accept-ranges
bytes
x-cache-hits
1, 1
1018316866.jpg
img.haarets.co.il/bs/0000017f-da25-d42c-afff-dff7d7230000/72/57/cc3611b3e5eabb29a984401d6e5b/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da25-d42c-afff-dff7d7230000/72/57/cc3611b3e5eabb29a984401d6e5b/1018316866.jpg?precrop=924,924,x22,y73&height=119&width=119
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fd71b2685b6b0557e6d16049fbfc15f53843466880bcfd50bc4099b9a9a0cd3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 29 Dec 2022 12:53:32 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
2672160
x-guploader-uploadid
ADPycdtQnebK-qwq_FuuE6QA7zhXvqFolEslXAROkdFxuEpMo0uetReXEOE7_pu5BQy3D8XP_8PdyyNsc8xV_QEAMxXrqrxUgv7S
x-cache
HIT, HIT
fastly-io-info
ifsz=770982 idim=1000x1000 ifmt=png ofsz=14612 odim=119x119 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
14612
x-served-by
cache-fra-eddf8230113-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.991801,VS0,VE1
etag
"GssGO4y1BjyEFY1chuFc5JeQHj+GtnlKRnuq3xWyGus"
vary
Accept
x-goog-hash
crc32c=kxSNLA==, md5=dPnzDiUYKfQrjjq8l4jq3Q==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645651965612397
cache-control
max-age=31536000
x-goog-stored-content-length
770982
accept-ranges
bytes
x-cache-hits
112, 1
1018316866.jpg
img.haarets.co.il/bs/0000017f-da28-d42c-afff-dffae2300000/3e/80/0b1cd615d49917fed4114922fb73/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da28-d42c-afff-dffae2300000/3e/80/0b1cd615d49917fed4114922fb73/1018316866.jpg?precrop=1464,1464,x12,y36&height=119&width=119
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
83b4884036ca04ffe2c2b252cc827d2d390fe7d2c5790f91901ebd20208f358b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 08 Dec 2022 11:01:08 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
4493304
x-guploader-uploadid
ADPycduweIEx5YgAtegaZt6va68fecQ39IXfd_6-Ou6Bt4Y2HU8_fTyu9TcaCoRqVrU7fkXqf7VYGcf0ayy8DTS0RfzouCPrx8V9
x-cache
HIT, HIT
fastly-io-info
ifsz=3452383 idim=1500x1500 ifmt=png ofsz=19574 odim=119x119 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
19574
x-served-by
cache-fra-eddf8230117-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.992170,VS0,VE1
etag
"IT9QviZMhw3rndZ9ysa+NdYgTHDkbS7Pe4ZsuQV/mmg"
vary
Accept
x-goog-hash
crc32c=cfW9mQ==, md5=l8hscC8nqUXzHUuzH082dg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645652099566852
cache-control
max-age=31536000
x-goog-stored-content-length
3452383
accept-ranges
bytes
x-cache-hits
1458, 69
56893151.png
img.haarets.co.il/bs/0000017f-da26-d42c-afff-dff6f18d0000/bd/7e/4f41dbc813660ee5f64c7df46f48/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-da26-d42c-afff-dff6f18d0000/bd/7e/4f41dbc813660ee5f64c7df46f48/56893151.png?precrop=319,320,x136,y0&height=119&width=119
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3c3089892b561a3d7ec81a649a3b7de97d0193cd2fa30cb5a6bb0d52f36bff03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 08 Dec 2022 11:01:15 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
4493297
x-guploader-uploadid
ADPycduw_SP6YcwvSczzdYEDN5ksk0b3QtARplfr6AYq-KBq_7SI08GJPDTNeHLYODTiPiieJc-sPvrA_xiCVl1v5U1RGc2VVxUH
x-cache
HIT, HIT
fastly-io-info
ifsz=140658 idim=612x408 ifmt=png ofsz=10582 odim=119x119 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
10582
x-served-by
cache-fra-eddf8230093-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.992430,VS0,VE2
etag
"NWvJqzndcenyUfP1buzZ/jSFB/pqW7sRB37xRs1CjNg"
vary
Accept
x-goog-hash
crc32c=dSrvYw==, md5=4K1tJptb8wq6IWU6zZVl2w==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1645652193593820
cache-control
max-age=31536000
x-goog-stored-content-length
140658
accept-ranges
bytes
x-cache-hits
214, 1
80468.jpg
img.haarets.co.il/bs/00000185-fc74-da5b-a1d5-fc75855a0001/a6/7b/73c528984e92a3af7dc0e26de22a/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fc74-da5b-a1d5-fc75855a0001/a6/7b/73c528984e92a3af7dc0e26de22a/80468.jpg?height=347&width=597
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ce7c6e0e91231b98526eff3ed05b66e38f60c1a9730da2d903b2e0b312d2dc91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 07:38:11 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
9081
x-guploader-uploadid
ADPycduyxAplrx8FeruEYB2Gg4oTvs2xsE0FCgj3U4vqpXP7ZbMOtwwBUvYzGwyHjYNz8LvPgYstVzMd2vvXKGmtC02JdOyHsNBU
x-cache
MISS, HIT
fastly-io-info
ifsz=581932 idim=2200x1468 ifmt=jpeg ofsz=26238 odim=597x347 ofmt=webp
x-goog-meta-content-length
581932
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
26238
x-served-by
cache-fra-eddf8230020-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.992816,VS0,VE2
etag
"+MbwRqSyAbesnNgjsZfQB+C9ceSwvK0+0nTC+Ea8Azg"
vary
Accept
x-goog-hash
crc32c=d+I8cg==, md5=7sAqOU+iNvlGhUNioxy2Jw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674977782898883
cache-control
max-age=31536000
x-goog-stored-content-length
581932
accept-ranges
bytes
x-cache-hits
0, 1
00907.jpg
img.haarets.co.il/bs/00000185-f929-d4a2-adb5-f929457d0000/f2/79/14b1cce04ea9843e37fcf38f7d73/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f929-d4a2-adb5-f929457d0000/f2/79/14b1cce04ea9843e37fcf38f7d73/00907.jpg?precrop=1468,1468,x380,y0&height=188&width=188
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f1db95f0873d2b44078886c68c04cd2a1737b4249a5ad003eae6d1f0e166ae10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 28 Jan 2024 16:15:16 GMT
date
Sun, 29 Jan 2023 10:09:33 GMT
via
1.1 varnish, 1.1 varnish
age
64456
x-guploader-uploadid
ADPycdsAPDviMaXc8zTZg1d2vKXJVel6HzMVlAKuoeJwAwuStZ0GBbq061LSYsjahoHkRd64ZBc2oxURJ6b6ltgJo4rDi3TPpeqi
x-cache
HIT, HIT
fastly-io-info
ifsz=642700 idim=2200x1468 ifmt=jpeg ofsz=6486 odim=188x188 ofmt=webp
x-goog-meta-content-length
642700
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
6486
x-served-by
cache-fra-eddf8230095-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.993592,VS0,VE23
etag
"FK2opgt/L7utdnzTBw1rr58BnsYeSUPvKN7ZeE/0JnM"
vary
Accept
x-goog-hash
crc32c=mwmeNQ==, md5=W3LceNQu1VGpVYayRvshdQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674871297757440
cache-control
max-age=31536000
x-goog-stored-content-length
642700
accept-ranges
bytes
x-cache-hits
30, 1
10572-1.jpg
img.haarets.co.il/bs/00000185-f935-d0b6-a9ed-fbb780790000/99/69/63b4c15545fbb163aefc3d9c4488/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f935-d0b6-a9ed-fbb780790000/99/69/63b4c15545fbb163aefc3d9c4488/10572-1.jpg?precrop=2084,1603,x39,y0&height=145&width=189
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
16ab490a35fa7a7e0734dd8b32cb6da557032928cec6d0c18992178ae678ccc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 17:29:34 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
63598
x-guploader-uploadid
ADPycdsb-EBikGY_82KY8fUX-4G6lgFPiEinuQueGT8SYElq-xOQs36m1_zbglDUKsBfuKkulbSv0j6Nq7ZJAFOhRmfuNWO1A2dS
x-cache
HIT, HIT
fastly-io-info
ifsz=142884 idim=2400x1603 ifmt=jpeg ofsz=1948 odim=189x145 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
1948
x-served-by
cache-fra-eddf8230034-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.993093,VS0,VE2
etag
"HQzNSpwVivXFO+Z5SDJDQpttW+KL4BRwEwwp+4mmz1w"
vary
Accept
x-goog-hash
crc32c=5YvYCA==, md5=xHm/85IqGDx5HHC/IJ8PWw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674923311209875
cache-control
max-age=31536000
x-goog-stored-content-length
142884
accept-ranges
bytes
x-cache-hits
5, 1
alman.jpeg
img.haarets.co.il/bs/00000185-fc3d-d4a2-adb5-fc3d55930001/f9/2a/044463e14205b737c73364710e7b/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fc3d-d4a2-adb5-fc3d55930001/f9/2a/044463e14205b737c73364710e7b/alman.jpeg?precrop=1003,772,x0,y0&height=145&width=189
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4969993bc22173c8d1068358dfc49a9df060945c6fb3e12e88574cd62cb3c127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 06:36:25 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
12788
x-guploader-uploadid
ADPycdseaoG9oDoLkZGOvYhuTiDvDiN76z9m-UY3hE8K7HUHyV2mVMzrnQaPFALuxBqpaqXrNnK7sxsLmiu6apQk8QQWJw
x-cache
HIT, HIT
fastly-io-info
ifsz=138602 idim=1003x1280 ifmt=jpeg ofsz=8378 odim=189x145 ofmt=webp
x-goog-meta-content-length
138602
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
8378
x-served-by
cache-fra-eddf8230089-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.993339,VS0,VE1
etag
"Lv+tSYlwk+qjfG1woHlkHevaNz6Vt6lNbrWgMqnRxP4"
vary
Accept
x-goog-hash
crc32c=Aus+RA==, md5=/JOOwRTtOO4HSnG9sNBCEg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674974161965702
cache-control
max-age=31536000
x-goog-stored-content-length
138602
accept-ranges
bytes
x-cache-hits
3, 1
4038624834.jpg
img.haarets.co.il/bs/0000017f-dbbd-df9c-a17f-ffbd3b480000/cd/fa/e25e3b28d4142f3baf4b6b1e029d/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/0000017f-dbbd-df9c-a17f-ffbd3b480000/cd/fa/e25e3b28d4142f3baf4b6b1e029d/4038624834.jpg?precrop=2137,1242,x0,y75&height=233&width=400
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d47d2a513e5f4f7cbf6787565043f17d7bdc4a19423208d1b5c3cde1018a20cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 26 Jan 2023 19:43:03 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
228390
x-guploader-uploadid
ADPycduDOI4WlJvm_4hfvuZRvd7YLJPXfVTPWdH7iTO8zkVQ77R8GHMOP_hu6-wdS7z0PtuBSah6O00lkc8jiVCqhE-_xQoquB6U
x-cache
HIT, HIT
fastly-io-info
ifsz=1118936 idim=2200x1468 ifmt=jpeg ofsz=29824 odim=400x233 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
29824
x-served-by
cache-fra-eddf8230132-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.991539,VS0,VE2
etag
"d95clQHuJuAm5/UY3Q2QPmPfxEajCga3Qk2USsioagw"
vary
Accept
x-goog-hash
crc32c=fR5HAQ==, md5=FkWqLiYdbu/0Y6KCjYnSzA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1646148300943076
cache-control
max-age=31536000
x-goog-stored-content-length
1118936
accept-ranges
bytes
x-cache-hits
4, 1
50405295.JPG
img.haarets.co.il/bs/00000185-e808-d8d4-add7-f90f1bc30000/3a/2e/15ed583843d1a759ef00ac235740/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-e808-d8d4-add7-f90f1bc30000/3a/2e/15ed583843d1a759ef00ac235740/50405295.JPG?precrop=5568,3237,x0,y0&height=343&width=590
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c6f6cd0f46fd8d24b7df03525750e9641746a3bbbab1705f3d17d391b445861a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 25 Jan 2023 09:26:14 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
351798
x-guploader-uploadid
ADPycdsGRUU53fCcR0P3Z-lPE_238oAeizxIlHfi49aLHHIVfxXtc7xJ6slZP2qJncgvgQwEocxYkARBsZDn_UfLYo86hA
x-cache
HIT, HIT
fastly-io-info
ifsz=4616263 idim=5568x3712 ifmt=jpeg ofsz=64000 odim=590x343 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
64000
x-served-by
cache-fra-eddf8230133-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.991101,VS0,VE4
etag
"5drVevLuSA+zjlJiJ96SkS93Hjxla7Vn/6BEZjCRShs"
vary
Accept
x-goog-hash
crc32c=s4MJTw==, md5=4NoNiBpT9/lmNbxUqB5cRw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674635123618774
cache-control
max-age=31536000
x-goog-stored-content-length
4616263
accept-ranges
bytes
x-cache-hits
3, 1
50364322.JPG
img.haarets.co.il/bs/00000185-d960-d2d9-ab95-ffe059ed0000/92/c8/3bb7d7c04cb997b468a85c1b3b51/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-d960-d2d9-ab95-ffe059ed0000/92/c8/3bb7d7c04cb997b468a85c1b3b51/50364322.JPG?height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
74ce96eea103fa5f7f38b331108b622fe3c0c7dc3ca2fd8f72d2f75e33bff139

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 22 Jan 2023 13:42:02 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
595651
x-guploader-uploadid
ADPycdtqsqyAf18nXk41GmhNOFCLGjnvrFbm-okOYmEF-V8zYvG-h5mUUpsK88P8Scsi7CMfHdAjkXQqfBvP_mLoucLqNx4TsneK
x-cache
HIT, HIT
fastly-io-info
ifsz=1451250 idim=3456x2304 ifmt=jpeg ofsz=4774 odim=180x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
4774
x-served-by
cache-fra-eddf8230067-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.990683,VS0,VE1
etag
"zGF7CqIOBtgLSXdBi3zdNjP+z0Tmjg9I3Xn4q2FMPd8"
vary
Accept
x-goog-hash
crc32c=hnoKsw==, md5=Ca0MrkfZDTVTeJdNnkUfHQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674389248475791
cache-control
max-age=31536000
x-goog-stored-content-length
1451250
accept-ranges
bytes
x-cache-hits
15, 1
50329591.JPG
img.haarets.co.il/bs/00000185-cf51-d3a8-a3cf-cf712c230000/e6/3c/74d8da534ba08eb56cf4e05a535f/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-cf51-d3a8-a3cf-cf712c230000/e6/3c/74d8da534ba08eb56cf4e05a535f/50329591.JPG?height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2219c76308af1336fa9f8f4e830f48aa338a748d4870733689388168066e8234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 14:15:31 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
766442
x-guploader-uploadid
ADPycduR0Er8SiB5gGRR1b26ffwXjx5whnnP-GP7u_CEnopedVYHRFZET8Cz-PT3b9BbXX_jDVhdv_KD7SbniNFViH1poNxxM6Vf
x-cache
HIT, HIT
fastly-io-info
ifsz=522528 idim=1536x2048 ifmt=jpeg ofsz=7382 odim=180x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
7382
x-served-by
cache-fra-eddf8230137-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.990307,VS0,VE2
etag
"6BNb1g+iPto84+DGozlDFjOfRaVZwSEo4tq62zBB8Po"
vary
Accept
x-goog-hash
crc32c=2OLY4w==, md5=j5xk7E+fIO+YEwAypSnA6w==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674220481551421
cache-control
max-age=31536000
x-goog-stored-content-length
522528
accept-ranges
bytes
x-cache-hits
523, 1
59598.jpg
img.haarets.co.il/bs/00000185-cbbc-d99f-abb5-cbffc6a40001/eb/39/e3634132447e8ae8c6268b96dcd7/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-cbbc-d99f-abb5-cbffc6a40001/eb/39/e3634132447e8ae8c6268b96dcd7/59598.jpg?precrop=1522,885,x0,y661&height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
56049aded0493967de6621a0bb756e4e3af61f1c26785baec028b6c215fb01f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 20:34:43 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
826489
x-guploader-uploadid
ADPycdvA18A7z83tv4QCwT2-cOzfqPjPpfcShEjkGALYmfAdiK4RvZJPBLAmyhNh6e4iyIXumhtXA1FnKA3MPN_758tYR8Pbd71F
x-cache
HIT, HIT
fastly-io-info
ifsz=757991 idim=1522x2200 ifmt=jpeg ofsz=7390 odim=180x105 ofmt=webp
x-goog-meta-content-length
757991
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
7390
x-served-by
cache-fra-eddf8230111-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989826,VS0,VE2
etag
"OXyMF/0ug4g2H906l4a6R+Ytlf7PcfMIKDoaQPbykSI"
vary
Accept
x-goog-hash
crc32c=jVYK1Q==, md5=iwcExd9D1fjY2QMvWOg1fg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674160435988161
cache-control
max-age=31536000
x-goog-stored-content-length
757991
accept-ranges
bytes
x-cache-hits
3, 1
50244841.JPG
img.haarets.co.il/bs/00000185-a53d-d7a2-a1af-a73d8bd70000/8e/a3/99c944e04330b7efc18d48415ef2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-a53d-d7a2-a1af-a73d8bd70000/8e/a3/99c944e04330b7efc18d48415ef2/50244841.JPG?precrop=1858,1080,x0,y0&height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c915dfdcb63824d901872c899663a0f8c85b3805fd37ffd291b2df54d7416064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 12 Jan 2023 10:09:28 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
1472404
x-guploader-uploadid
ADPycdtobbgrGrKXMwqyiaeU1mjSfiCnlSFt1dM-YWCa1PAY2HHILk2SQhGdShSqxiffpPYP4olxF01o-CsMTEsNvwbqfA
x-cache
HIT, HIT
fastly-io-info
ifsz=285172 idim=1920x1080 ifmt=jpeg ofsz=5970 odim=180x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
5970
x-served-by
cache-fra-eddf8230071-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989903,VS0,VE0
etag
"6hemoCX4Fr7LAgOw2+a5h48a905osbuEhqoPlbXnw2o"
vary
Accept
x-goog-hash
crc32c=NMU2Tg==, md5=O+7xnpv9oYnI+lZJIaCRvA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1673514552257986
cache-control
max-age=31536000
x-goog-stored-content-length
285172
accept-ranges
bytes
x-cache-hits
6, 3773
50426564.JPG
img.haarets.co.il/bs/00000185-f75e-def6-a7b5-ff5e47910000/53/56/146b78bb4ddead9909901b77e679/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-f75e-def6-a7b5-ff5e47910000/53/56/146b78bb4ddead9909901b77e679/50426564.JPG?height=347&width=597
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
567bebbad5bdbb364c9d40c3b49be65c69f617923b61519988b70db389dd590e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 28 Jan 2023 08:54:20 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
94513
x-guploader-uploadid
ADPycduVPXGGJU_9TGmBQvNrW4CTzz4uUNvfaGlU6HhAxCcAAV3A4sPcvqinpsimRucu8P9QwQwuKSdjS7t2WfD0lCab1Q
x-cache
HIT, HIT
fastly-io-info
ifsz=445614 idim=2953x1981 ifmt=jpeg ofsz=21116 odim=597x347 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
21116
x-served-by
cache-fra-eddf8230117-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.993803,VS0,VE1
etag
"Oj6E73XTE5flq1g+49k8ryN5mYvMuD4sHzi7qF3XDpw"
vary
Accept
x-goog-hash
crc32c=FT3jig==, md5=HwF2QTPTFJmV01f1vNBBqA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674892429183222
cache-control
max-age=31536000
x-goog-stored-content-length
445614
accept-ranges
bytes
x-cache-hits
1, 1
50336382.JPG
img.haarets.co.il/bs/00000185-d12a-da66-a1bf-f9ba49fb0000/fc/2b/43ab09284c8ea6aa6c8e0976010d/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-d12a-da66-a1bf-f9ba49fb0000/fc/2b/43ab09284c8ea6aa6c8e0976010d/50336382.JPG?precrop=1891,1890,x733,y0&height=188&width=188
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0ffb7827940c11d0b9699778494d5b2ac8b2259164855f3009d643917b78f621

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 22:51:37 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
735476
x-guploader-uploadid
ADPycduGsKvLPd9ZJkU8yz5PDvWLCA7_supiTDRHrDDHOxz-TCJJafFPKNLwo88cbJ1T5beZ-9Ji_S2UL9gTmG9Fpx0Psg
x-cache
HIT, HIT
fastly-io-info
ifsz=617947 idim=2835x1890 ifmt=jpeg ofsz=4664 odim=188x188 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
4664
x-served-by
cache-fra-eddf8230049-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989564,VS0,VE2
etag
"Mt2AYN92GLsuWP54KVN9Ho0f8EFniSbqL3rfec6bBl8"
vary
Accept
x-goog-hash
crc32c=fdYrgw==, md5=DOx7z3CSKoiu8DF+W2Au6A==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674159153374526
cache-control
max-age=31536000
x-goog-stored-content-length
617947
accept-ranges
bytes
x-cache-hits
41, 1
50215384.JPG
img.haarets.co.il/bs/00000185-d13b-d3a8-a3cf-d73b24330001/ac/25/b0d2e1ef46febb1e2f29537701f8/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-d13b-d3a8-a3cf-d73b24330001/ac/25/b0d2e1ef46febb1e2f29537701f8/50215384.JPG?precrop=3195,2458,x454,y0&height=145&width=189
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f9f839ee033714eb1cce371f64929781303bf4c7830f32a30a8d2ca7474a8c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 23:10:01 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
734371
x-guploader-uploadid
ADPycdvAfdmAWKsa3h_Fliu710U4jy0ugnyTfkAvTbGSZH-cIdDgQJebUsl5W1bLQri__g1jg7ryXBKYPt6t6iM8PfIZyIOofo8M
x-cache
HIT, HIT
fastly-io-info
ifsz=1431910 idim=3687x2458 ifmt=jpeg ofsz=7708 odim=189x145 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
7708
x-served-by
cache-fra-eddf8230095-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989559,VS0,VE2
etag
"4nG5FLS1YbCtSIsxLu430sn1KN39xW1urCHHq89B550"
vary
Accept
x-goog-hash
crc32c=hU+8/Q==, md5=LWvwIv/rD8dGaTgQNwcQbA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1673434387102076
cache-control
max-age=31536000
x-goog-stored-content-length
1431910
accept-ranges
bytes
x-cache-hits
170, 1
50142991.JPG
img.haarets.co.il/bs/00000185-d0fa-da66-a1bf-f9fad0a10000/42/67/40caf6b64440b839345182a7a2c9/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-d0fa-da66-a1bf-f9fad0a10000/42/67/40caf6b64440b839345182a7a2c9/50142991.JPG?height=145&width=189
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a5b8830cc5fdd2c3130d5f7bb83022c2fa37b2025eaaf3ad2f22ea5daa12b708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 21:59:55 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
738577
x-guploader-uploadid
ADPycdsTTFk5zc3aSDTRYBeJ6orqKFut0lx0pNPVI2zJJZ_4r54awxHmpIl_WqVOsEuLoa5GvurzD2MSFoXI7RBVo6kG0BtoPWkP
x-cache
HIT, HIT
fastly-io-info
ifsz=987213 idim=3500x2379 ifmt=jpeg ofsz=9860 odim=189x145 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
9860
x-served-by
cache-fra-eddf8230042-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.990308,VS0,VE2
etag
"pAUtxhbwBbyD7fceDoqVzwg61hluA6Pft6qP4GpqaZ0"
vary
Accept
x-goog-hash
crc32c=CqsXSg==, md5=vgTXxfinCgj5w0hXTTcIoA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1672841453969442
cache-control
max-age=31536000
x-goog-stored-content-length
987213
accept-ranges
bytes
x-cache-hits
14, 238
50363157.JPG
img.haarets.co.il/bs/00000185-d901-d3a8-a3cf-df3170780000/58/a8/035900b74aaaa1a637c6889a8e2a/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-d901-d3a8-a3cf-df3170780000/58/a8/035900b74aaaa1a637c6889a8e2a/50363157.JPG?precrop=4032,2344,x0,y680&height=343&width=590
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6ca2dde1fcb8c3401403369e7446b87dfd49973cf9cc51c95a59b8782ffc0ebf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 22 Jan 2023 11:24:16 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
603917
x-guploader-uploadid
ADPycds9bH683pHlWhx8Am9omV29Y8PBtkmxbjTZD5hK6lQNkm6FiV8oELQuJfVcmOAWt-KZqlcgCKXg2DnMDe2pMrxOaQ
x-cache
HIT, HIT
fastly-io-info
ifsz=1073506 idim=4032x3024 ifmt=jpeg ofsz=21818 odim=590x343 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
21818
x-served-by
cache-fra-eddf8230096-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989440,VS0,VE2
etag
"DLb7el25xLEBkexBukst11/aiIVcZM45VP0BUc9bkNs"
vary
Accept
x-goog-hash
crc32c=/1hU0w==, md5=msrxfvNKLKMWYkGc1nO7Cg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674383028323379
cache-control
max-age=31536000
x-goog-stored-content-length
1073506
accept-ranges
bytes
x-cache-hits
8, 1
49910431.JPG
img.haarets.co.il/bs/00000185-2a25-d15f-adf7-7e2f307c0002/d4/c9/af63878e4829b35d477c8853f3ed/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-2a25-d15f-adf7-7e2f307c0002/d4/c9/af63878e4829b35d477c8853f3ed/49910431.JPG?precrop=4862,2827,x0,y1517&height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1e71f13efe58770e60feb392a92a1dba394f5c079ff962a731e99b471fad0e20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Tue, 03 Jan 2023 10:33:14 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
2248578
x-guploader-uploadid
ADPycds2hXrX-RhSEHUCjTmFhGL9ohYtaUIvWwRmDybPAlX7jl8PHtwmfyHo9yDKNvlzi7AjWUsl__XhvaTwg_JsKsDFV_XzLP73
x-cache
HIT, HIT
fastly-io-info
ifsz=1496769 idim=4862x6807 ifmt=jpeg ofsz=4534 odim=180x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
4534
x-served-by
cache-fra-eddf8230049-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989422,VS0,VE6
etag
"sCsupwBUH0xX9hRTT3sPJpcJ8ZMk0Ss/WBRwJtEHJZE"
vary
Accept
x-goog-hash
crc32c=BM1NEg==, md5=XIcKucFexZ/dFTP7At79vg==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1671013443907811
cache-control
max-age=31536000
x-goog-stored-content-length
1496769
accept-ranges
bytes
x-cache-hits
27, 1
hut-knafe-1.jpg
img.haarets.co.il/bs/00000184-e6f7-d991-ad84-eefffd610000/69/7b/32a7c91545fb9183de4f774032a5/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000184-e6f7-d991-ad84-eefffd610000/69/7b/32a7c91545fb9183de4f774032a5/hut-knafe-1.jpg?precrop=4032,2344,x0,y259&height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bdb028bfc51f5570f4c347678d72e055c1d2196e86873b2b758f2707cf7f4039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 06 Dec 2023 10:25:39 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
4664632
x-guploader-uploadid
ADPycdsMKUkM4EjRA2icKXTV_-bLX2eyQX0ZITxzxpxGVYjHk7dpKQbMnBPh1z32l5RqUK6n1dAA-_Y1byLqBz0MocSZsw
x-cache
HIT, HIT
fastly-io-info
ifsz=2540422 idim=4032x3024 ifmt=jpeg ofsz=5770 odim=180x105 ofmt=webp
x-goog-meta-content-length
2540422
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
5770
x-served-by
cache-fra-eddf8230028-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989837,VS0,VE3
etag
"azsxolSX5d1ZG0zNdJWTWNu6fEn+YXHua7FSPA/y2G4"
vary
Accept
x-goog-hash
crc32c=vZEtiw==, md5=xpAXxgd18Suj/otS/vZhmA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1670190276726561
cache-control
max-age=31536000
x-goog-stored-content-length
2540422
accept-ranges
bytes
x-cache-hits
4618, 1
368829.jpg
img.haarets.co.il/bs/00000184-e12f-da6e-a58f-f37f2faf0000/46/4e/05993b4542328e75763e31e93481/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000184-e12f-da6e-a58f-f37f2faf0000/46/4e/05993b4542328e75763e31e93481/368829.jpg?precrop=2400,1395,x0,y63&height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f268066d2d542febc25f1808ad0eb075b35c1be30f8584130fcc88d45f210725

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 05 Jan 2023 07:22:56 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
2087197
x-guploader-uploadid
ADPycdt13jj_DfhWFSb14bqrKcvTIxDn2J2jgxKYGOwQj-QnfRP8aWu3o8FMvjJl73dRWQ-HDKlT9vvtYlwufNyvmGsOAg
x-cache
HIT, HIT
fastly-io-info
ifsz=513927 idim=2400x1601 ifmt=jpeg ofsz=5924 odim=180x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
5924
x-served-by
cache-fra-eddf8230107-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989416,VS0,VE3
etag
"x1MAY6XcwPmOoFH5v9eD9gwIhcFHG0gWfZGn9TNQgTk"
vary
Accept
x-goog-hash
crc32c=ic7LLQ==, md5=h4AekF9Wze+zYz4h3r9lIQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1670225276830534
cache-control
max-age=31536000
x-goog-stored-content-length
513927
accept-ranges
bytes
x-cache-hits
920, 1
18070.jpg
img.haarets.co.il/bs/00000184-dc9b-dc05-adae-fffb50330000/78/59/1c4853904cc19041ac184fccee59/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000184-dc9b-dc05-adae-fffb50330000/78/59/1c4853904cc19041ac184fccee59/18070.jpg?precrop=1601,931,x0,y416&height=105&width=180
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
63ddfe9857bc0ec530bacfa978ae4de5921d7a416b1da508a8bed10634bb65d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 05 Jan 2023 03:22:42 GMT
date
Sun, 29 Jan 2023 10:09:32 GMT
via
1.1 varnish, 1.1 varnish
age
2101611
x-guploader-uploadid
ADPycdsZLDuTDe7-QPaJXeLzI1pNtCI6vkHkySVq0ABacNL76aH7-f32Ob7ddzWvhiBeTcCnsgj8WiSndajjD5RNDNQsmw
x-cache
HIT, HIT
fastly-io-info
ifsz=286442 idim=1601x2400 ifmt=jpeg ofsz=1892 odim=180x105 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
1892
x-served-by
cache-fra-eddf8230097-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986973.989408,VS0,VE2
etag
"E45ZwAGN2ABrA4QPDwXFYz6VolRiLR0XT2yQ9yTWvyw"
vary
Accept
x-goog-hash
crc32c=n5zf8w==, md5=0jobeWzOaFgDlAMWp7JUcw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1669914079278652
cache-control
max-age=31536000
x-goog-stored-content-length
286442
accept-ranges
bytes
x-cache-hits
2088, 1
_buildManifest.js
www.haaretz.com/_next/static/3.0.749/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/3.0.749/_buildManifest.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
42eccd8a881bf664945e5f181674e93664b2b721e8a290aaec3d9d5d90fec293
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
517751
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
27
x-origin-status
200, 200
content-length
1438
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.910540,VS0,VE0
etag
W/"c5a-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 65, 6
_ssgManifest.js
www.haaretz.com/_next/static/3.0.749/ 		76 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/3.0.749/_ssgManifest.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
content-encoding
gzip
age
517800
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
7
x-origin-status
200, 200
content-length
60
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986973.910626,VS0,VE1
etag
W/"4c-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 60, 6
merriweatherLatin-700.woff2
www.haaretz.com/static/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/static/fonts/merriweatherLatin-700.woff2
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.haaretz.com/
Origin
https://www.haaretz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
2075990
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
291
x-origin-status
200, 200
content-length
18924
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 07:54:12 GMT
server
istio-envoy
x-timer
S1674986973.910525,VS0,VE1
etag
W/"49ec-185769fa4a0"
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-cache-hits
0, 516, 1
merriweatherLatin-regular.woff2
www.haaretz.com/static/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/static/fonts/merriweatherLatin-regular.woff2
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.haaretz.com/
Origin
https://www.haaretz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
1652315
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
10
x-origin-status
200, 200
content-length
19300
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 07:54:12 GMT
server
istio-envoy
x-timer
S1674986973.913070,VS0,VE1
etag
W/"4b64-185769fa4a0"
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-cache-hits
0, 437, 1
merriweatherLatin-300.woff2
www.haaretz.com/static/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/static/fonts/merriweatherLatin-300.woff2
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
de878ac09635910d6fdc776b259330509502e11a42aee1881a73a59d491e0000
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.haaretz.com/
Origin
https://www.haaretz.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:32 GMT
age
1542842
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
11
x-origin-status
200, 200
content-length
19128
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 14:31:13 GMT
server
istio-envoy
x-timer
S1674986973.984637,VS0,VE2
etag
W/"4ab8-18596f14768"
x-download-options
noopen
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-cache-hits
0, 153, 1
307252476589397
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/307252476589397?v=2.9.92&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e74b1a4cc4923f1c2c5a303b6f93b5c6be7b441e649813246a7627271c57663d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 29 Jan 2023 10:09:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110037
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
c7fEfabGt1brrcKOoIsJLyOphiIVWCsW8EceaUqUwFCKiHV4cLFfQwYQFiqoev39Hm/Ry9Z8EA8DeF/mly8f5A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=haaretz.com&domain=haaretz.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab_image.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2b6fa55d1f88fcff32787d43b32bddc267559ef07c4b7d70bb0527932b72266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
9
date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
21
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
984
x-served-by
cache-hhn-etou8220057-HHN
x-timer
S1674986973.493863,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 27 Jan 2023 10:09:12 GMT
pubads_impl_2023012301.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133281
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 09:36:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Jan 2024 14:44:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		722 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.haaretz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59764efce632d23b130fc53bf982a8518727a34061c080acc238e4866a74e09c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
expires
Sun, 29 Jan 2023 10:09:33 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.haaretz.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 29 Jan 2023 10:09:33 GMT
server
Google Frontend
x-cloud-trace-context
05b0672739c73f63fdc14d4bbdd42da7
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
x-request-id
51ca013b-ceb0-44c8-acde-7cf2e5a055c2
x-vad-version
0.9.18

Response headers

date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.haaretz.com
x-cloud-trace-context
3f53c4ca262692cae06e3932d38b3cfa
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986974.161351,VS0,VE28
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
0
x-timer
S1674986974.161532,VS0,VE23
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986974.161498,VS0,VE28
request
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/request
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
0
x-timer
S1674986974.350566,VS0,VE51
101.1aae1c707edf42bb5134.js
www.haaretz.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/101.1aae1c707edf42bb5134.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
74a1f35a931af03708ac10eedf2c74513867abb28dc27defccdd4e0fea06f13a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1636725
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
2
x-origin-status
200, 200
content-length
1076
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 14:45:59 GMT
server
istio-envoy
x-timer
S1674986974.693871,VS0,VE1
etag
W/"832-18596fecc58"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 6196, 6
99.2cc0a7915881df58e686.js
www.haaretz.com/_next/static/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/99.2cc0a7915881df58e686.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4827ede535113f77925e68fb11672f713e98bd4c74fc99499aafe6f5b0da2000
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
372885
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
7
x-origin-status
200, 200
content-length
1245
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986974.724068,VS0,VE1
etag
W/"a0a-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 734, 7
119.b2709ee0896a55ede755.js
www.haaretz.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/119.b2709ee0896a55ede755.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8f71d9b04965b8276911ffa4edb5af5fe0bd3e16c4d69d61257f8e357d8a6a0b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1059370
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
12
x-origin-status
200, 200
content-length
948
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986974.790136,VS0,VE1
etag
W/"707-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 272, 2
109.0ea4c32c4b89e0516083.js
www.haaretz.com/_next/static/chunks/ 		1 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/109.0ea4c32c4b89e0516083.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ac42b68f2f836f21d76b3de7f8c2af5ebeb5b86b405ac4d1c2313f7bdbe587ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1636726
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
3
x-origin-status
200, 200
content-length
694
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 14:45:59 GMT
server
istio-envoy
x-timer
S1674986974.813227,VS0,VE1
etag
W/"4ec-18596fecc58"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 6225, 7
168.5c70bfc50ed8ae212669.js
www.haaretz.com/_next/static/chunks/ 		370 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/168.5c70bfc50ed8ae212669.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
88fb1b7a4b5c9d91716a08ccdafe3089dec34289bb1d2b164737713189cea9cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
age
354465
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
8
x-origin-status
200, 200
content-length
292
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986974.979735,VS0,VE1
etag
W/"172-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 137, 2
161.97ef34d39cd9b503224c.js
www.haaretz.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/161.97ef34d39cd9b503224c.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7f3281b843c2c8663dd7ccd37c3f9dd65ccaa4df32e5f3e2c7966c9c5d664dc2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1071063
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
8
x-origin-status
200, 200
content-length
999
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986974.980995,VS0,VE1
etag
W/"894-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 28, 6
160.a74995416d857e772e45.js
www.haaretz.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/160.a74995416d857e772e45.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
8d7002e111026c5ef6afd0c781242353364f3a8b89af35808d0613dd8fd4baf5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1636730
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
3
x-origin-status
200, 200
content-length
1010
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 14:45:59 GMT
server
istio-envoy
x-timer
S1674986974.980999,VS0,VE0
etag
W/"773-18596fecc58"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 6623, 7
169.d11beac8390d3e52ff39.js
www.haaretz.com/_next/static/chunks/ 		972 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/169.d11beac8390d3e52ff39.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
2e6c27b05ea7ae9ec0ade801bbf1d239f1baa9eee748293a7f9ddbbbdf39a6ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
age
340718
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
626
x-origin-status
200, 200
content-length
559
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986974.981733,VS0,VE0
etag
W/"3cc-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 570, 6
164.dd80eab1994eee0fde19.js
www.haaretz.com/_next/static/chunks/ 		589 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/164.dd80eab1994eee0fde19.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0ef2bb18081e7ee5dd5b5e08bd7c571eea64e1d4431bc8cb4354d826ae8dde80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
content-encoding
gzip
age
340722
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
37
x-origin-status
200, 200
content-length
392
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986974.982194,VS0,VE0
etag
W/"24d-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 1, 6
163.00944990fb75a6529801.js
www.haaretz.com/_next/static/chunks/ 		1 KB
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/163.00944990fb75a6529801.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
cff0a5c650eb0ad391da841a1dd3f01a483a6519412610cb616dcf11acd7ac34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1636720
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
3
x-origin-status
200, 200
content-length
640
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 14:45:59 GMT
server
istio-envoy
x-timer
S1674986974.983909,VS0,VE0
etag
W/"4e7-18596fecc58"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 5855, 6
166.abfca149229076defcd6.js
www.haaretz.com/_next/static/chunks/ 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/166.abfca149229076defcd6.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e2e8d82dfedb261a59472b2d87ab4c234f791e41e246027cfa61452e1d20aa2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:33 GMT
age
1568216
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
11
x-origin-status
200, 200
content-length
723
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 14:45:59 GMT
server
istio-envoy
x-timer
S1674986974.983956,VS0,VE0
etag
W/"5ec-18596fecc58"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 5225, 7
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-57.fra2.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:25:07 GMT
content-encoding
gzip
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA2-C1
age
2667
etag
W/"61b8b8ab-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
daO97HnqQt_fBbIsIbj2pGkUdVPvNjIPyRd0iXsfLQVDQEp5kymYQA==
expires
Sun, 29 Jan 2023 10:25:07 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-76.fra2.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
eedf770a802141ae42f3d73fa851f13206702de51c6f4ead5a58ff4f301adc9d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:27:53 GMT
content-encoding
br
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 09:27:53 UTC
server
nginx/1.20.0
x-amz-cf-pop
FRA2-C2
age
2501
x-powered-by
PHP/8.0.14
etag
W/"62fd6b33de077c7adb224dba4b78fd40"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
GcVVyLK11Qc1yAB4P_mi8ty8OnEfAsuVG-InL3l3E3oSkj2dWG80eg==
x-xss-protection
0
gql
www.haaretz.com/ 		254 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql?operationName=GetUserDataForMarketing&variables=%7B%22userId%22%3Anull%2C%22token%22%3Anull%2C%22site%22%3A%22HDC%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22269c166e96ad40e1679cbef55a07b4c1e7121f7071447ab66d3b43d559d8b150%22%7D%7D
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
bdb6a56f2f20a27721a05680c24b16c361358ab4274962c4bba5cfb4a9573c6a

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetUserDataForMarketing
Referer
https://www.haaretz.com/

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.011956,VS0,VE25
etag
W/"fe-NR6UWd8j+Y4vyTPc0A6NEkpBC7w"
x-cache
MISS, MISS, MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
x-envoy-upstream-service-time
4
x-origin-status
400, 400
accept-ranges
bytes
content-length
254
x-cache-hits
0, 0, 0
gql
www.haaretz.com/ 		134 B
254 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql?operationName=GetMarketingToolsStats&variables=%7B%22userId%22%3Anull%2C%22cacheKey%22%3A3359%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e04e225a926ab4f4266e386c18a7926383d28200c4a739e82334bfb4c4850aee%22%7D%7D
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6671359bbee379a6edbb81f32c94848c5118b026c60f17c55dd098e4067089df

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetMarketingToolsStats
Referer
https://www.haaretz.com/

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.013250,VS0,VE62
etag
W/"86-3L82cOp3XANcOen8DoEn4nUZgzY"
x-cache
MISS, MISS, MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
x-envoy-upstream-service-time
37
x-origin-status
400, 400
accept-ranges
bytes
content-length
134
x-cache-hits
0, 0, 0
08891.jpg
img.haarets.co.il/bs/00000185-fcab-def6-a7b5-fdaf27060001/85/1f/bd87f677484cace809d4a0fd439b/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-fcab-def6-a7b5-fdaf27060001/85/1f/bd87f677484cace809d4a0fd439b/08891.jpg?precrop=1468,1468,x503,y0&height=288&width=288
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
037b5bb1bc89b0709a6dd32dbbb1182fdd2fb721ad9d2fe03325e1cdb49b4eb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 29 Jan 2024 08:36:46 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
5568
x-guploader-uploadid
ADPycdsbBdZ4h2KK166cTOXJxzmTHGojibnUOwaGrG4qh6JnURJfYbij8MtdEi53XrVRn8FM6IgxoywWg1Tkh7vAx_Qhbw
x-cache
HIT, HIT
fastly-io-info
ifsz=366641 idim=2200x1468 ifmt=jpeg ofsz=7154 odim=288x288 ofmt=webp
x-goog-meta-content-length
366641
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
7154
x-served-by
cache-fra-eddf8230021-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986974.098418,VS0,VE9
etag
"1wS5hfL4iUWek19krL10rJmIay7G7+ZsXJlGCyLydc8"
vary
Accept
x-goog-hash
crc32c=pZdw2g==, md5=cDxedXg6IQQjKNDrcKDSrQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1674975817597362
cache-control
max-age=31536000
x-goog-stored-content-length
366641
accept-ranges
bytes
x-cache-hits
4, 1
bsp-analytics.min.js
www.haaretz.com/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_resource/analytics/bsp-analytics.min.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/main-7635d15925b989cf4c80.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
server
istio-envoy
age
952049
x-timer
S1674986974.102930,VS0,VE1
vary
Accept-Encoding
x-cache
MISS, HIT, HIT
content-type
text/javascript;charset=UTF-8
cache-control
max-age=8640000
x-envoy-upstream-service-time
28
x-origin-status
200, 200
accept-ranges
bytes
content-length
3003
x-cache-hits
0, 1519, 11
impression
services.haaretz.com/ds/ 		84 B
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.213697,VS0,VE50
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
9
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ 		84 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.206083,VS0,VE27
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
7
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ 		84 B
145 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.214133,VS0,VE32
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
7
accept-ranges
bytes
x-cache-hits
0, 0
gql
www.haaretz.com/ 		38 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql?operationName=GetPersonalizedCampaigns&variables=%7B%22userId%22%3A%2216749869739797149%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22756d864c154cab857539313402f4ba54139a7c9501cc95aa662e3dde1c95dcba%22%7D%7D
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
caa3fa07bccaf288f0ad3d50afd8969023f3d02936422166ba3dbc9db62cc48a

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetPersonalizedCampaigns
Referer
https://www.haaretz.com/

Response headers

source-path
%2Fmarketing%2Fget-user-marketing-campaigns
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
0
x-cache
MISS, MISS, MISS
x-envoy-upstream-service-time
16
x-origin-status
200, 200
content-length
58
server
istio-envoy
x-timer
S1674986974.120140,VS0,VE53
etag
W/"26-TFA7PPeIqNXhkTsHByhdBwZ8JFo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 0, 0
gql
www.haaretz.com/ 		34 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql?operationName=GetMarketingToolsStats&variables=%7B%22userId%22%3A%2216749869739797149%22%2C%22cacheKey%22%3A3359%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e04e225a926ab4f4266e386c18a7926383d28200c4a739e82334bfb4c4850aee%22%7D%7D
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6f33a9620d151c515ad37a65234fdb9a873ae64cd5ce5af3da7e76fcd7fb4f7a

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetMarketingToolsStats
Referer
https://www.haaretz.com/

Response headers

source-path
%2Fmarketing%2Fget-marketing-tools-log
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
0
x-cache
MISS, MISS, MISS
x-envoy-upstream-service-time
18
x-origin-status
200, 200
content-length
54
server
istio-envoy
x-timer
S1674986974.120280,VS0,VE44
etag
W/"22-9g1oiNGsIMdmCmdlap0iEwiTIb0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 0, 0
28.d5c7485219da1994ed05.js
www.haaretz.com/_next/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/28.d5c7485219da1994ed05.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
77ae7e1e425fa36f3561502285ba40116aec221ab2a4af14c476571164770ecd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:34 GMT
age
1064770
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
12
x-origin-status
200, 200
content-length
916
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986974.127918,VS0,VE1
etag
W/"603-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 7, 2
avi-maoz-kicker-2.gif
gif.haarets.co.il/bs/00000185-cae3-da66-a1bf-fbfbd0180004/69/22/b3c29ca14ea0bcac818b09d7fd96/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gif.haarets.co.il/bs/00000185-cae3-da66-a1bf-fbfbd0180004/69/22/b3c29ca14ea0bcac818b09d7fd96/avi-maoz-kicker-2.gif?precrop=464,546,x381,y0&height=588&width=500
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
17ff1af616ac0bbc0cae2c1163774a4070dec271c6da34776d0b3e86a3d53db6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

z-url
/image/fetch/w_464,h_546,x_381,y_0,c_crop/q_auto,w_500,h_588,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/69/22/b3c29ca14ea0bcac818b09d7fd96/avi-maoz-kicker-2.gif
strict-transport-security
max-age=604800
date
Sun, 29 Jan 2023 10:09:34 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
205972
x-cache
HIT
content-disposition
inline; filename="avi-maoz-kicker-2.webp"
server-timing
fastly;dur=548;cpu=0;start=2023-01-27T00:56:41.889Z;desc=miss,rtt;dur=0,cloudinary;dur=106;start=2023-01-27T00:56:42.199Z
z-surrogate-keys
00000185-cae3-da66-a1bf-fbfbd0180004
content-length
109640
x-served-by
cache-hhn-etou8220046-HHN
last-modified
Thu, 12 Jan 2023 09:08:40 GMT
server
Cloudinary
x-timer
S1674986974.355080,VS0,VE0
etag
"7b3cece1eee944b6dd01c8eb09ca31bc"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
z-backend-name
3AQNbhi3UHxe7jdlCQoCam--F_res_cloudinary_com
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
max-age=31536000
z-url-original
/bs/00000185-cae3-da66-a1bf-fbfbd0180004/69/22/b3c29ca14ea0bcac818b09d7fd96/avi-maoz-kicker-2.gif?precrop=464,546,x381,y0&height=588&width=500
z-url-modified
/image/fetch/w_464,h_546,x_381,y_0,c_crop/q_auto,w_500,h_588,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/69/22/b3c29ca14ea0bcac818b09d7fd96/avi-maoz-kicker-2.gif
accept-ranges
bytes
timing-allow-origin
*
z-ttl
365d
x-robots-tag
noindex
x-cache-hits
72
50064475.JPG
img.haarets.co.il/bs/00000185-83ca-d4ba-add5-abdff8be0006/b6/92/b9ceb3fa41c98a61814684382ff9/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-83ca-d4ba-add5-abdff8be0006/b6/92/b9ceb3fa41c98a61814684382ff9/50064475.JPG?precrop=2603,3062,x971,y0&height=588&width=500
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3dcacdbaf381d57286c2cca4bcebcd4a28d7abab1c9aa9f73d7f0aa3c3c3f8e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 05 Jan 2023 22:16:44 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
2033570
x-guploader-uploadid
ADPycdvMCXewAOSYa8I15bIxgSX-hoH8dotqo5WCtxbd2r5LwoWwm8Tk1L6fMwczIfqm2XSDEAUQFDZpsB8lAhBjGeMjyA
x-cache
HIT, HIT
fastly-io-info
ifsz=2077985 idim=4593x3062 ifmt=jpeg ofsz=28454 odim=500x588 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
28454
x-served-by
cache-fra-eddf8230020-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986974.348013,VS0,VE2
etag
"m5Xwovs62edR+0ozQLRJwpon7nTL+r8RVmrMLZLE8/Q"
vary
Accept
x-goog-hash
crc32c=I/2mbg==, md5=2XJBVfqsKmZhMnzt6SO/sQ==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1672225726871119
cache-control
max-age=31536000
x-goog-stored-content-length
2077985
accept-ranges
bytes
x-cache-hits
230, 1
732661.jpg
img.haarets.co.il/bs/00000185-3424-d5aa-adc7-b67d98bc0001/31/fd/f01967f2456ea28e96d2d4af8626/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-3424-d5aa-adc7-b67d98bc0001/31/fd/f01967f2456ea28e96d2d4af8626/732661.jpg?precrop=1468,1727,x0,y111&height=588&width=500
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c7ec5fbe054766e384ec44f8f124f1389f2ff031bb3558f244ddc4564f8f118d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sat, 06 Jan 2024 07:05:26 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
1998247
x-guploader-uploadid
ADPycdua5tRdf2hhini5aOb_L-dAV67W3WrB6INDKIiUz76VlwTeSE3xdKNHMCFQY7abPS1b3BIw60fj-hP5vKm7cGKxZ66GKrc3
x-cache
HIT, HIT
fastly-io-info
ifsz=800414 idim=1468x2200 ifmt=jpeg ofsz=51538 odim=500x588 ofmt=webp
x-goog-meta-content-length
800414
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
51538
x-served-by
cache-fra-eddf8230067-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986974.348440,VS0,VE2
etag
"K50uE5NVIeHBvGuFrVdM0wtf8YzLVWxfXInh3hBQEjA"
vary
Accept
x-goog-hash
crc32c=Qv4iDA==, md5=QOG+T1qWWx88MZ7Uf5S7Nw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1671617101466185
cache-control
max-age=31536000
x-goog-stored-content-length
800414
accept-ranges
bytes
x-cache-hits
256, 1
cameras-promotion01-headline.gif
gif.haarets.co.il/bs/00000185-0bc4-d7db-a9df-7fc7c5fd0003/ca/66/01dac779417599ff1c8fe54824d8/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gif.haarets.co.il/bs/00000185-0bc4-d7db-a9df-7fc7c5fd0003/ca/66/01dac779417599ff1c8fe54824d8/cameras-promotion01-headline.gif?height=588&width=500
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
dfa3dfe9e908a77b0602f7df010209017933d94d6e06cd43de474193b710ce79
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

z-url
/image/fetch/q_auto,w_500,h_588,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/ca/66/01dac779417599ff1c8fe54824d8/cameras-promotion01-headline.gif
strict-transport-security
max-age=604800
date
Sun, 29 Jan 2023 10:09:34 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
379183
x-cache
HIT
content-disposition
inline; filename="cameras-promotion01-headline.webp"
server-timing
fastly;dur=229;cpu=0;start=2023-01-24T02:17:25.228Z;desc=miss,rtt;dur=0,cloudinary;dur=137;start=2023-01-24T02:17:25.275Z
z-surrogate-keys
00000185-0bc4-d7db-a9df-7fc7c5fd0003
content-length
1314854
x-served-by
cache-hhn-etou8220046-HHN
last-modified
Fri, 23 Dec 2022 06:13:44 GMT
server
Cloudinary
x-timer
S1674986974.355051,VS0,VE5
etag
"90ca2c0fc7b31c6073cc8f77b2e5ad32"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
z-backend-name
3AQNbhi3UHxe7jdlCQoCam--F_res_cloudinary_com
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
max-age=31536000
z-url-original
/bs/00000185-0bc4-d7db-a9df-7fc7c5fd0003/ca/66/01dac779417599ff1c8fe54824d8/cameras-promotion01-headline.gif?height=588&width=500
z-url-modified
/image/fetch/q_auto,w_500,h_588,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/ca/66/01dac779417599ff1c8fe54824d8/cameras-promotion01-headline.gif
accept-ranges
bytes
timing-allow-origin
*
z-ttl
365d
x-robots-tag
noindex
x-cache-hits
1
50087675.JPG
img.haarets.co.il/bs/00000185-5da4-d819-a995-fda5e2420000/c4/6c/ace4629f4a909ed2b8facdfb6adb/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-5da4-d819-a995-fda5e2420000/c4/6c/ace4629f4a909ed2b8facdfb6adb/50087675.JPG?precrop=2603,3062,x491,y0&height=588&width=500
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6aca2515cbcb865986cf0680580e7a5f518c60e465ca6646539373f560cf712b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 06 Jan 2023 01:37:04 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
2021550
x-guploader-uploadid
ADPycduTU5gMN-OCan7tIf5ol2h1h_bYVmUpaTq1JlNG7m4R3UVDFE4lGGQSYFN69dY574qghTmmzm4e_tUJjWtCHXn_Jg
x-cache
HIT, HIT
fastly-io-info
ifsz=2332375 idim=4593x3062 ifmt=jpeg ofsz=25562 odim=500x588 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
25562
x-served-by
cache-fra-eddf8230037-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986974.348379,VS0,VE2
etag
"YhznoT3fCFZwtLvZhEbOEZ0JT4xLcBHzCQl8hhOir6I"
vary
Accept
x-goog-hash
crc32c=EI8dWQ==, md5=yIFFVCLEUONvNof7bxUxlA==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1672313365043162
cache-control
max-age=31536000
x-goog-stored-content-length
2332375
accept-ranges
bytes
x-cache-hits
7726, 1
50268387.JPG
img.haarets.co.il/bs/00000185-b5d3-d759-af9f-bfdfc37d0000/b6/32/c044a5854ebb9539134e17534b1d/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-b5d3-d759-af9f-bfdfc37d0000/b6/32/c044a5854ebb9539134e17534b1d/50268387.JPG?precrop=1570,1847,x696,y0&height=588&width=500
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/framework.e720d56855ea292faef3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
83251299e657876f1b4b03ad1c58fec5342ab06c161c56cb0942dfad21d4185b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Sun, 15 Jan 2023 15:30:02 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
1193971
x-guploader-uploadid
ADPycdtJi2gI8Pfqpj1rgSgDKS3jtdkYspqdEVwwAovVL2eogJAv4pwUhhCmgG-3D0EumAvSjUkkajZAZtXmE_hzcRIzGQ
x-cache
HIT, HIT
fastly-io-info
ifsz=952497 idim=2770x1847 ifmt=jpeg ofsz=29234 odim=500x588 ofmt=webp
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
29234
x-served-by
cache-fra-eddf8230067-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986974.348633,VS0,VE2
etag
"YRSSaoK9yCSCvgZhhl7RsJNz2Dv2j72xthQzlQuupsU"
vary
Accept
x-goog-hash
crc32c=ozX0XA==, md5=EqMAvJa+vydjBJ3TMyr72w==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1673717215517630
cache-control
max-age=31536000
x-goog-stored-content-length
952497
accept-ranges
bytes
x-cache-hits
28, 1
request
services.haaretz.com/ds/ 		81 B
146 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/request
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
f19b0612dabdbe5083fc614c848604e0ea2e162bba06993eaa7637bfc2bd8c19

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.429954,VS0,VE25
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
5
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986974.351804,VS0,VE20
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 08:21:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6470
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 29 Jan 2023 10:21:44 GMT
impression
services.haaretz.com/ds/ 		84 B
145 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986974.424442,VS0,VE27
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
7
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986975.547980,VS0,VE25
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986975.548255,VS0,VE53
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986975.548238,VS0,VE21
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:34 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
0
x-timer
S1674986975.548213,VS0,VE23
impression
services.haaretz.com/ds/ 		84 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.604221,VS0,VE123
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
45
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ 		84 B
146 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.626245,VS0,VE35
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
7
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ 		84 B
149 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.604245,VS0,VE27
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
6
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ 		84 B
136 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.604247,VS0,VE27
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
7
accept-ranges
bytes
x-cache-hits
0, 0
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MDEFPY237V&gtm=2oe1p0&_p=355935605&_gaz=1&cid=308643667.1674986975&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674986974&sct=1&seg=0&dl=https%3A%2F%2Fwww.haaretz.com%2F&dt=Haaretz%20%7C%20Israel%20News%2C%20the%20Middle%20East%20and%20the%20Jewish%20World%20-%20Haaretz.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDEFPY237V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MDEFPY237V&cid=308643667.1674986975&gtm=2oe1p0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDEFPY237V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MDEFPY237V&cid=308643667.1674986975&gtm=2oe1p0&aip=1&z=1286374807
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307252476589397&ev=PageView&dl=https%3A%2F%2Fwww.haaretz.com%2F&rl=&if=false&ts=1674986974598&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1674986974597.383803245&it=1674986973205&coo=false&rqm=GET
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 29 Jan 2023 10:09:34 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:47:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
1315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 29 Jan 2023 10:47:39 GMT
227x112-labels-hdc.jpg
img.haarets.co.il/bs/00000180-8397-dcfd-a9c0-c797ab210001/27/d0/6874875a41c1a4f60fea87ce729e/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000180-8397-dcfd-a9c0-c797ab210001/27/d0/6874875a41c1a4f60fea87ce729e/227x112-labels-hdc.jpg?height=98&width=227
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f7db04943eb06e9ddcb12b6379458e70e247a894645e433cb037ca2d6636ec99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Tue, 16 Jan 2024 19:22:29 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
1090026
x-guploader-uploadid
ADPycdultJ6pLBOkj3fZwG6txoXbjjrVuQWn2VyZr9QCQrhaJmLN8fUi62DapXZbMxOo0t2lSzXmspsL4jWodF8coFZe6f5Vggrm
x-cache
HIT, HIT
fastly-io-info
ifsz=7729 idim=227x112 ifmt=jpeg ofsz=2276 odim=227x98 ofmt=webp
x-goog-meta-content-length
7729
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
2276
x-served-by
cache-fra-eddf8230105-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986975.652009,VS0,VE2
etag
"smZehB4bigHr45crNMd94AuUYNp9OXY5NFCJqKicQMA"
vary
Accept
x-goog-hash
crc32c=+IW+lQ==, md5=Rh7OCF7unzPdzYYeWtPnPw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1673896874519855
cache-control
max-age=31536000
x-goog-stored-content-length
7729
accept-ranges
bytes
x-cache-hits
811, 1
haaretz-weekly.png
img.haarets.co.il/bs/00000180-839b-dcfd-a9c0-c79fd3710001/17/9a/487b2b0f424ebc4bc588cb92362e/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000180-839b-dcfd-a9c0-c79fd3710001/17/9a/487b2b0f424ebc4bc588cb92362e/haaretz-weekly.png?height=98&width=227
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
91378051f81ed779457648ffd7ebb7eb7a3986bd2189f630d70073692262378a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Thu, 11 Jan 2024 01:03:50 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
1587943
x-guploader-uploadid
ADPycdsstsfYAXAkN1N953jdKoqwCzK6_D1qzaaj178_1bGHUlLa6cBmCEUdNU4NrqEvGkUWjnBKpDGGatk7B4bgXfbWWfnbNx5G
x-cache
HIT, HIT
fastly-io-info
ifsz=4471 idim=227x112 ifmt=png ofsz=2374 odim=227x98 ofmt=webp
x-goog-meta-content-length
4471
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
2374
x-served-by
cache-fra-eddf8230023-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986975.654777,VS0,VE6
etag
"uCYV/LNjngBpznlt+giRbYG3XZh3wGMaL2yudMPvwkw"
vary
Accept
x-goog-hash
crc32c=VCnKlQ==, md5=bxo+OjFRvcbWXEw/l3sAqw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1651475477764467
cache-control
max-age=31536000
x-goog-stored-content-length
4471
accept-ranges
bytes
x-cache-hits
7178, 1
227x112.gif
gif.haarets.co.il/bs/00000184-185b-d7a2-a7a5-185bb2000001/6a/44/3b75d9864d2a92575e3f5565b25a/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gif.haarets.co.il/bs/00000184-185b-d7a2-a7a5-185bb2000001/6a/44/3b75d9864d2a92575e3f5565b25a/227x112.gif?height=98&width=227
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7806ea178c4d060f7138b1a15893195a66366a07d5f5e99c63f0348a603a6796
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

z-url
/image/fetch/q_auto,w_227,h_98,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/6a/44/3b75d9864d2a92575e3f5565b25a/227x112.gif
strict-transport-security
max-age=604800
date
Sun, 29 Jan 2023 10:09:34 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
297863
x-cache
HIT
content-disposition
inline; filename="227x112.webp"
server-timing
fastly;dur=173;cpu=0;start=2023-01-25T23:25:11.158Z;desc=miss,rtt;dur=0,cloudinary;dur=80;start=2023-01-25T23:25:11.205Z
z-surrogate-keys
00000184-185b-d7a2-a7a5-185bb2000001
content-length
2144
x-served-by
cache-hhn-etou8220046-HHN
last-modified
Mon, 31 Oct 2022 13:57:12 GMT
server
Cloudinary
x-timer
S1674986975.654758,VS0,VE2
etag
"32963289ce216a7bf55338cb33567f6c"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
z-backend-name
3AQNbhi3UHxe7jdlCQoCam--F_res_cloudinary_com
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
max-age=31536000
z-url-original
/bs/00000184-185b-d7a2-a7a5-185bb2000001/6a/44/3b75d9864d2a92575e3f5565b25a/227x112.gif?height=98&width=227
z-url-modified
/image/fetch/q_auto,w_227,h_98,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/6a/44/3b75d9864d2a92575e3f5565b25a/227x112.gif
accept-ranges
bytes
timing-allow-origin
*
z-ttl
365d
x-robots-tag
noindex
x-cache-hits
1
realestate.gif
gif.haarets.co.il/bs/00000180-83a1-dcfd-a9c0-c7a556370001/5d/bb/325be6124749b527eb779f81512e/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gif.haarets.co.il/bs/00000180-83a1-dcfd-a9c0-c7a556370001/5d/bb/325be6124749b527eb779f81512e/realestate.gif?height=98&width=227
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
caa8abeec17287c834f0081a7f9b85051a2bb7e886edc0b735099e6761d348e6
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

z-url
/image/fetch/q_auto,w_227,h_98,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/5d/bb/325be6124749b527eb779f81512e/realestate.gif
strict-transport-security
max-age=604800
date
Sun, 29 Jan 2023 10:09:34 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
986313
x-cache
HIT
content-disposition
inline; filename="realestate.webp"
server-timing
fastly;dur=200;cpu=0;start=2023-01-18T00:11:01.566Z;desc=miss,rtt;dur=0,cloudinary;dur=109;start=2023-01-18T00:11:01.611Z
z-surrogate-keys
00000180-83a1-dcfd-a9c0-c7a556370001
content-length
3138
x-served-by
cache-hhn-etou8220046-HHN
last-modified
Mon, 08 Aug 2022 19:07:05 GMT
server
Cloudinary
x-timer
S1674986975.655181,VS0,VE0
etag
"a4e25ad93ce57347bf9d09cc2b40ef88"
vary
Save-Data
content-type
image/webp
access-control-allow-origin
*
z-backend-name
3AQNbhi3UHxe7jdlCQoCam--F_res_cloudinary_com
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
max-age=31536000
z-url-original
/bs/00000180-83a1-dcfd-a9c0-c7a556370001/5d/bb/325be6124749b527eb779f81512e/realestate.gif?height=98&width=227
z-url-modified
/image/fetch/q_auto,w_227,h_98,c_fill,f_auto/fl_lossy.any_format.preserve_transparency.progressive:none/https://storage.googleapis.com/haaretz-cms-prod/5d/bb/325be6124749b527eb779f81512e/realestate.gif
accept-ranges
bytes
timing-allow-origin
*
z-ttl
365d
x-robots-tag
noindex
x-cache-hits
9436
rediscovering-israel.jpg
img.haarets.co.il/bs/00000181-f155-dab0-a9e1-f1fd6e3a0001/1d/2c/82d986cd4152a8436c1926336f0c/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000181-f155-dab0-a9e1-f1fd6e3a0001/1d/2c/82d986cd4152a8436c1926336f0c/rediscovering-israel.jpg?height=98&width=227
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9316806b7c7062415652f1be58f7af977a200eef1146807f27b1c4171d7e7680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Fri, 01 Dec 2023 03:16:10 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish
age
5122404
x-guploader-uploadid
ADPycdvK62bhAo50CWbU9Y1e-HDfjXLyFu8DmW3lEInSjZDbJ7zbdxq_eSiv_9bRiXA7yrUbuvsilrDib8XJ4KT5uKPAYYFLqA-A
x-cache
HIT, HIT
fastly-io-info
ifsz=4792 idim=227x112 ifmt=jpeg ofsz=3508 odim=227x98 ofmt=webp
x-goog-meta-content-length
4792
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
3508
x-served-by
cache-fra-eddf8230077-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986975.655234,VS0,VE2
etag
"RDr38bSrHHUOKmaJkKGijd7QJQsFJ3Si9We1eKshFF0"
vary
Accept
x-goog-hash
crc32c=TitO2A==, md5=NxWnv7vPggERgL0URyRHGw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1657611442889075
cache-control
max-age=31536000
x-goog-stored-content-length
4792
accept-ranges
bytes
x-cache-hits
16096, 1
0e61faf0.b6c8672d2a08588b56ec.js
www.haaretz.com/_next/static/chunks/ 		393 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
df4a5e202cf1510bb075ff30cd3cbc35177f287a9f65e398e0779bdd5466d3a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:34 GMT
age
462455
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
425
x-origin-status
200, 200
content-length
96538
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986975.656815,VS0,VE1
etag
W/"625f9-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 731, 7
167.7d2c382982e43588f011.js
www.haaretz.com/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/167.7d2c382982e43588f011.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
b0b4fae0df205c1398f239a1be189375414ecabd3e7a8efd6cb31aee53adc563
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
340718
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
32
x-origin-status
200, 200
content-length
1508
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:13:47 GMT
server
istio-envoy
x-timer
S1674986975.656775,VS0,VE1
etag
W/"fa4-185ddb0c278"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 1, 7
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:fe00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 02:57:12 GMT
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA2-C1
age
25942
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
sW73dKRwebmS2IStReKNabnFL_Ud7Q9aUa-KRZCUAaq4lEXKmtaG4w==
expires
Mon, 30 Jan 2023 02:57:12 GMT
ipAcl
www.haaretz.com/srv/ 		1 B
72 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/srv/ipAcl?isProxyServer=false&proxyDomain=www.haaretz.com
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/160.a74995416d857e772e45.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4b68ab3847feda7d6c62c1fbcbeebfa35eab7351ed5e78f4ddadea5df64b8015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.662701,VS0,VE52
x-cache
MISS, MISS, MISS
x-envoy-upstream-service-time
30
x-origin-status
402, 402
accept-ranges
bytes
content-length
1
x-cache-hits
0, 0, 0
tfa.js
cdn.taboola.com/libtrc/unip/1383653/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1383653/tfa.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b38c1898a8b6732b765198d54847081f23b734a5f173cab26a78f556ff9d54d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
uL07tPIhWHytx8epbEOIA2mwErfs7bTr
content-encoding
gzip
via
1.1 varnish
date
Sun, 29 Jan 2023 10:09:34 GMT
x-amz-request-id
VY47N5BA59Z3H1RA
age
32
x-cache
HIT
x-amz-replication-status
PENDING
content-length
18346
x-amz-id-2
MqsCqtcl3Vfh7q322+Lk7ZbIRXAdifOGp0hYNcD6BkgqoIL8zVlNG/9diiTAbSfeKD4rP12iBQY=
x-served-by
cache-hhn-etou8220073-HHN
last-modified
Wed, 25 Jan 2023 10:30:27 GMT
server
AmazonS3
x-timer
S1674986975.736245,VS0,VE5
etag
"9d15db1f39a2d5a8827d69c997c2dc02"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
69
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
obtp.js
amplify.outbrain.com/cp/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
daf842fc24f3934560a1f8338e8e4efcbc7ec7e4393a3360cad7c0bdd43e2aad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:34 GMT
Content-Encoding
gzip
Last-Modified
Sun, 22 Jan 2023 12:08:14 GMT
Server
AkamaiNetStorage
ETag
"9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5884
Expires
Sun, 29 Jan 2023 10:29:34 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 16:23:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 29 Jan 2023 16:23:58 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Tue, 28 Feb 2023 10:09:34 GMT
date
Sun, 29 Jan 2023 10:09:34 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
gql
www.haaretz.com/ 		254 B
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
bdb6a56f2f20a27721a05680c24b16c361358ab4274962c4bba5cfb4a9573c6a

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetUserDataForMarketing
Referer
https://www.haaretz.com/

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.668532,VS0,VE25
etag
W/"fe-NR6UWd8j+Y4vyTPc0A6NEkpBC7w"
x-cache
MISS, MISS, MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
x-envoy-upstream-service-time
4
x-origin-status
400, 400
accept-ranges
bytes
content-length
254
x-cache-hits
0, 0, 0
gql
www.haaretz.com/ 		134 B
227 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6671359bbee379a6edbb81f32c94848c5118b026c60f17c55dd098e4067089df

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetMarketingToolsStats
Referer
https://www.haaretz.com/

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.668515,VS0,VE26
etag
W/"86-3L82cOp3XANcOen8DoEn4nUZgzY"
x-cache
MISS, MISS, MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
x-envoy-upstream-service-time
6
x-origin-status
400, 400
accept-ranges
bytes
content-length
134
x-cache-hits
0, 0, 0
gql
www.haaretz.com/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql?operationName=GetMarketingData&variables=%7B%22facts%22%3A%22%7B%5C%22platform%5C%22%3A%5C%22desktop%5C%22%2C%5C%22pagePaywallLevel%5C%22%3A%5C%22open%5C%22%2C%5C%22referrerUrl%5C%22%3A%5C%22https%3A%2F%2Fwww.haaretz.com%2F%5C%22%2C%5C%22pageType%5C%22%3A%5C%22Homepage%5C%22%2C%5C%22userType%5C%22%3A%5C%22anonymous%5C%22%2C%5C%22user%5C%22%3A%7B%5C%22type%5C%22%3A%5C%22anonymous%5C%22%2C%5C%22anonymousId%5C%22%3A%5C%2216749869739797149%5C%22%2C%5C%22university%5C%22%3Afalse%7D%2C%5C%22personalizedCampaigns%5C%22%3A%5B%5D%2C%5C%22marketingToolsStats%5C%22%3A%5B%5D%2C%5C%22sessionDetails%5C%22%3A%7B%5C%22status%5C%22%3A%5C%22started%5C%22%2C%5C%22created%5C%22%3A1674986973360%7D%7D%22%2C%22slots%22%3A%5B%22top-strip%22%2C%22bottom-strip%22%5D%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a599031469a5379f60f8f0cd44e5ed5bf5b43102af48a109a2388fcd51c1db32%22%7D%7D
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7200ceeef48e41961e87281a19a3aa4667e2bf74b6928b52a55fd788381e8415

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
GetMarketingData
Referer
https://www.haaretz.com/

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
0
x-cache
MISS, MISS, MISS
x-envoy-upstream-service-time
96
x-origin-status
200, 200
content-length
1190
server
istio-envoy
x-timer
S1674986975.716763,VS0,VE122
etag
W/"140b-C1GYPB8Bk8bySFM9noJiuGQpZn8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0, 0, 0
_track
www.haaretz.com/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_track
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_resource/analytics/bsp-analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 29 Jan 2023 10:09:34 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.716949,VS0,VE64
x-cache
MISS, MISS, MISS
cache-control
max-age=0
x-envoy-upstream-service-time
35
x-origin-status
204, 204
accept-ranges
bytes
x-cache-hits
0, 0, 0
get
ms-apps.haaretz.co.il/ms-ip2country/ 		341 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ms-apps.haaretz.co.il/ms-ip2country/get
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac7165704b2c284a66b5b933df6533b3637c15bd8813d9a476d172946be7d319

Request headers

Accept
application/json
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1674986975.142457,VS0,VE133
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache
MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
fastly-restarts
1
x-cache-hits
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=haaretz.com&p=%2F&d=haaretz.com&u=Ghp18BvDUQJEG4UT&c=0&V=139&x=KXLrR3tGUsNYY&v=A&ml=m&sl=eP9EI&e=-1
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.115.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-115-244.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=haaretz.com&p=%2F&d=haaretz.com&u=Ghp18BvDUQJEG4UT&c=0&V=139&x=RnrBVgMETeYxS&v=A&ml=m&sl=CrGo2R&e=-1
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.115.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-115-244.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=haaretz.com&p=%2F&d=haaretz.com&u=Ghp18BvDUQJEG4UT&c=0&V=139&x=noGtKsFh0R3zu&v=A&ml=m&sl=B1Bnnn&e=-1
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.115.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-115-244.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=haaretz.com&p=%2F&u=Ghp18BvDUQJEG4UT&d=haaretz.com&g=5952&g0=CHANGE%20THIS%20TO%20YOUR%20SECTION%20NAME(s)&g1=CHANGE%20THIS%20TO%20YOUR%20AUTHOR%20NAME(s)&n=1&f=00001&c=0&x=0&m=0&y=11453&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.haaretz.com%2F&b=2119&t=DYfKvoS49JUC348ZWBW0-CoDixJz7&V=139&i=Haaretz%20%7C%20Israel%20News%2C%20the%20Middle%20East%20and%20the%20Jewish%20World%20-%20Haaretz.com&tz=0&sn=1&sv=DddDGODmJhqFBLQiMhDQTr3QhmfK&sd=1&im=062b073f&_
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.185.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-185-253.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230129
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e58ba10a2ab7439a6a8cea221d431ff7ab91cbd74d8e6efc95874e2ca7662e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 29 Jan 2023 10:09:35 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
22124
x-jsd-version
1.0.1601
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
881
x-served-by
cache-fra-eddf8230021-FRA, cache-hhn-etou8220099-HHN
x-jsd-version-type
version
etag
W/"636-R/BEkoS6B/RKKiir6L18J1AV+bI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1436973
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpL%2Fi%2F7e8MQ6MkKWk8UU%2Fvhqgzy0B8H7I4QwSu6ziykgc%2FW%2Bj%2BonRFkvbfmZZOwRXbIbxFg8bhhDLby1ssaCR5RyVeajDQrrKmVr5koCXt9g28FgcqWpAB5LcQUaRZbqyPRIeYd7LQJL8brR"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
79112c52a9262ba4-FRA
auction
tlx.3lift.com/header/ 		19 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.haaretz.com%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.23.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-23-95.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
accept-ch
sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
x-auction-status
12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
79112c5299f39944-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
79112c5299f59944-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
79112c5299f99944-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:34 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:34 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
mp.4dex.io/ 		114 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c36014cc07a8f23df7a496f1d84fbc8efc9e4a6115d61e8dfbc281873611afb5

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 29 Jan 2023 10:09:35 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
79112c52a95d92a1-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.haaretz.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.105.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-105-236.compute-1.amazonaws.com
Software
/
Resource Hash
c249ca73a563f761bc0f33de072584a2612e8b9200bc9cdd9b185e211919e4a5

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
x-reason
maxmind hosting provider
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.haaretz.com
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
prebid
ib.adnxs.com/ut/v3/ 		19 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:35 GMT
AN-X-Request-Uuid
dd3183c2-ae3b-4852-88e9-6a54b77e6c65
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.haaretz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
u.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.haaretz.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=459b3ff2-5e1f-438f-8dd0-002cb6e39771%2C8f5d1616-a9f6-4e28-acb0-7254e0bbe476%2C03d02aa4-831a-4681-a0c3-817d12e13758&nocache=1674986974858&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15109%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C300x600%7C336x280%2C300x250&divids=haaretz.com.billboard.desktop%2Chaaretz.com.headline.banner.desktop%2Chaaretz.com.popular.banner&aucs=%252F9401%252Fhaaretz.com%252Fhaaretz.com.billboard.desktop%252Fhaaretz.com.billboard.desktop_homepage%2C%252F9401%252Fhaaretz.com%252Fhaaretz.com.headline.banner.desktop%252Fhaaretz.com.headline.banner.desktop_homepage%2C%252F9401%252Fhaaretz.com%252Fhaaretz.com.popular.banner%252Fhaaretz.com.popular.banner_homepage&auid=541072081%2C541072081%2C541072081
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
800b975a2144a356184893b1d9a7892c2822b516c7c6846bf0bf1f836c27bf68

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.haaretz.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.haaretz.com
date
Sun, 29 Jan 2023 10:09:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		466 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431706&zone_id=2465476&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15109,1,,,&rf=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.ref=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=%2F9401%2Fhaaretz.com%2Fhaaretz.com.billboard.desktop%2Fhaaretz.com.billboard.desktop_homepage&tk_flint=pbjs_lite_v6.29.3&x_source.tid=459b3ff2-5e1f-438f-8dd0-002cb6e39771&l_pb_bid_id=443db199abbc13b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F9401%2Fhaaretz.com%2Fhaaretz.com.billboard.desktop%2Fhaaretz.com.billboard.desktop_homepage&slots=1&rand=0.15994315528305347
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b1e16a224e5aeacd1181de4effeeec8cfd845c56229d54b4379d3655dbb0be13

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.haaretz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
466
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		456 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431706&zone_id=2465476&size_id=10&rp_schain=1.0,1!valuad.io,15109,1,,,&rf=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.ref=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=%2F9401%2Fhaaretz.com%2Fhaaretz.com.headline.banner.desktop%2Fhaaretz.com.headline.banner.desktop_homepage&tk_flint=pbjs_lite_v6.29.3&x_source.tid=8f5d1616-a9f6-4e28-acb0-7254e0bbe476&l_pb_bid_id=4545bc620c5de59&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F9401%2Fhaaretz.com%2Fhaaretz.com.headline.banner.desktop%2Fhaaretz.com.headline.banner.desktop_homepage&slots=1&rand=0.025087199118691617
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c32585fd7f24d1440263dcc4016078f2d0caf51b499531d05e76d4c1fdb07cda

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.haaretz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
456
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		458 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431706&zone_id=2465476&size_id=15&alt_size_ids=16&rp_schain=1.0,1!valuad.io,15109,1,,,&rf=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.ref=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=%2F9401%2Fhaaretz.com%2Fhaaretz.com.popular.banner%2Fhaaretz.com.popular.banner_homepage&tk_flint=pbjs_lite_v6.29.3&x_source.tid=03d02aa4-831a-4681-a0c3-817d12e13758&l_pb_bid_id=46052cdcfa42369&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F9401%2Fhaaretz.com%2Fhaaretz.com.popular.banner%2Fhaaretz.com.popular.banner_homepage&slots=1&rand=0.32566326751958874
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2c948750b1052e44e973b0b638a3297999f350b7695d989e84726341e752ed09

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.haaretz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
458
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=60469827800
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.haaretz.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
c8f7fe3b0e41be846d5687592cf2018ff6e22687.0b447ef9323d532ea20b.js
www.haaretz.com/_next/static/chunks/ 		218 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.0b447ef9323d532ea20b.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
ed97401c3fa69de68eb7ab7b5d9730ff9850d7cafed633c6bf273ac444d2cc95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:35 GMT
age
868245
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
9
x-origin-status
200, 200
content-length
65819
x-xss-protection
1; mode=block
last-modified
Wed, 18 Jan 2023 15:11:44 GMT
server
istio-envoy
x-timer
S1674986975.032777,VS0,VE0
etag
W/"3691e-185c56f9b80"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 6541, 7
153.4391e809063bec2cb1ce.js
www.haaretz.com/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/153.4391e809063bec2cb1ce.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
0519953d01491a97bdca2c1f68267627b706cc85a0d98ece9393aa5714b674bf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:35 GMT
age
1212632
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
4
x-origin-status
200, 200
content-length
1504
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986975.032787,VS0,VE1
etag
W/"c82-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 6, 1
94.3230c635b8af5681573a.js
www.haaretz.com/_next/static/chunks/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/_next/static/chunks/94.3230c635b8af5681573a.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/runtime/webpack-03f921f9f86e5962e0a7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
6a8040dcbd111e4405488f4b9e0ebbf0ed81f2b08ba396dde3d87d752b048faa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:35 GMT
age
1212631
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
3
x-origin-status
200, 200
content-length
4098
x-xss-protection
1; mode=block
last-modified
Wed, 11 Jan 2023 11:58:43 GMT
server
istio-envoy
x-timer
S1674986975.032947,VS0,VE0
etag
W/"3f79-185a0b26138"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 4, 2
gql
www.haaretz.com/ 		182 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b760bd6ef3a2fadd5d47ad2e70e3f9cd055d7e7b4b3c59157fdba99c23d3ee

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
SetMarketingToolsStats
Referer
https://www.haaretz.com/

Response headers

source-path
%2Fmarketing%2Fupdate-marketing-tools-log
date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-envoy-upstream-service-time
19
x-origin-status
200, 200
content-length
182
server
istio-envoy
x-timer
S1674986975.032542,VS0,VE40
etag
W/"b6-OF+olc5WoNp7EijghoS3JLl+BqE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
x-cache-hits
0, 0, 0
gql
www.haaretz.com/ 		182 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/gql
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/3.0.749/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3d3cfe539879b3cb1c02a8c36f130e03788533dfe192fe1dcc9601aa42c1e5f2

Request headers

bot
undefined
isPreview
false
accept-language
de-DE,de;q=0.9
dateFormat
MM-yyyy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json
hostname
hdc-app.haaretz.com
accept
*/*
operationName
SetMarketingToolsStats
Referer
https://www.haaretz.com/

Response headers

source-path
%2Fmarketing%2Fupdate-marketing-tools-log
date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-envoy-upstream-service-time
13
x-origin-status
200, 200
content-length
182
server
istio-envoy
x-timer
S1674986975.033663,VS0,VE34
etag
W/"b6-SoEsV6wVn99az915bMFmSPZ1ox8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0
accept-ranges
bytes
x-cache-hits
0, 0, 0
cachedClickId
tr.outbrain.com/ 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=undefined
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
X-TraceId
b2b930be01bba87f99b5eb96cee2f810
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=004560e91dfb180af0ae56237c73f87ef5&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.haaretz.com%2F&optOut=false&bust=09894911496825467&referrer=
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
Cache-Control
no-cache
X-TraceId
992b322209afd6aff206336c0a02737e
Content-Length
53
Content-Type
image/gif;
json
trc.taboola.com/1383653/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1383653/trc/3/json?tim=1674986975031&data=%7B%22id%22%3A325%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1674986975027%2C%22cv%22%3A%2220230125-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.haaretz.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dhaaretzthemarkerlabels-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1674986975030%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.haaretz.com%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1383653/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
52fe57520f8757a648fbe137454179ec94a6c731a811dad7354db7f5ea79daba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn-etou8220073-HHN
server
nginx
x-timer
S1674986975.050017,VS0,VE17
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
spc_fi.php
cdn.firstimpression.io/delivery/ 		68 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6956&url=%2F&charset=UTF-8&ch=10&ref=www.haaretz.com&viewerId=null&referer=&_firid=8014365
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-76.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
659ed1fb5734c46a41f27ede459a330ccff5563eaca788d203dc47a5dc0a230a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
13124
pragma
no-cache
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
CoqRUEQjVUfbe18qBBlR7_2-gaux6mAfOU5PuO103MaoOmNViESuEg==
expires
0
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=307252476589397&ev=Microdata&dl=https%3A%2F%2Fwww.haaretz.com%2F&rl=&if=false&ts=1674986975105&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Haaretz%20%7C%20Israel%20News%2C%20the%20Middle%20East%20and%20the%20Jewish%20World%20-%20Haaretz.com%22%2C%22meta%3Adescription%22%3A%22Haaretz.com%20-%20Homepage%20-%20Breaking%20News%2C%20Analysis%20and%20Opinion%20From%20Israel%2C%20the%20Middle%20East%20and%20the%20Jewish%20World%20-%20Haaretz%22%7D&cd[OpenGraph]=%7B%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fhaaretzcom%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Haaretz%22%2C%22url%22%3A%22http%3A%2F%2Fwww.haaretz.com%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fen.wikipedia.org%2Fwiki%2FHaaretz%22%2C%22https%3A%2F%2Fwww.facebook.com%2Fhaaretzcom%22%2C%22https%3A%2F%2Ftwitter.com%2Fhaaretzcom%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2Fhaaretzcom%22%5D%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Fgif.haarets.co.il%2Fbs%2F00000180-5ba0-db1e-a1d4-dfe147760001%2F26%2F33%2F264b70274ef7999398477796d771%2Fhdclogo.gif%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1674986974597.383803245&it=1674986973205&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 29 Jan 2023 10:09:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ruller-pic-biden-bibi.png
img.haarets.co.il/bs/00000185-6dcc-dde5-aba7-fddf72ff0000/7b/93/dc6e5a1b430e9a36b80ba6392402/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.haarets.co.il/bs/00000185-6dcc-dde5-aba7-fddf72ff0000/7b/93/dc6e5a1b430e9a36b80ba6392402/ruller-pic-biden-bibi.png?height=245&width=318
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
eba269880434e80a1164042d7a55ca40806712656922d91038a1f512572f49f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Mon, 01 Jan 2024 14:47:16 GMT
date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish, 1.1 varnish
age
2402539
x-guploader-uploadid
ADPycdt2NqvNdrjEV5IsKOYT1-Dn9b7_52_8HgObib8sS1pmOBicmmewiWHg1q7CJdeQo_enPD6vdA-oSLRlZDrqoBvVfw8JrpPD
x-cache
HIT, HIT
fastly-io-info
ifsz=35108 idim=245x191 ifmt=png ofsz=29828 odim=318x245 ofmt=webp
x-goog-meta-content-length
35108
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
29828
x-served-by
cache-fra-eddf8230064-FRA, cache-hhn-etou8220046-HHN
server
UploadServer
x-timer
S1674986975.163993,VS0,VE1
etag
"glRXXaaAq2JQyntpZOeJe4iUR4zhto10jCrPiuO5qb0"
vary
Accept
x-goog-hash
crc32c=gZSgyg==, md5=TuvF/Zu7498aN38xPWfwMw==
content-type
image/webp
access-control-allow-origin
https://www.haaretz.co.il
x-goog-generation
1672584416199469
cache-control
max-age=31536000
x-goog-stored-content-length
35108
accept-ranges
bytes
x-cache-hits
8284, 1
/
tag.escalated.io/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.haaretz.com&type=display&cust=6956&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5b8df9ca9d91dbde345c3da756f87adf40404e4cdbf74d436f09b37231a08274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Jan 2023 16:01:27 GMT
Server
Apache
ETag
"134a3-5f304a0d0a3c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
30406
X-XSS-Protection
1; mode=block
impression
services.haaretz.com/ds/ 		84 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.251820,VS0,VE43
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
8
accept-ranges
bytes
x-cache-hits
0, 0
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:35 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986975.200897,VS0,VE21
impression
services.haaretz.com/ds/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:35 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986975.251793,VS0,VE21
impression
services.haaretz.com/ds/ 		84 B
136 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ds/impression
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/commons.aef772f399a0b0e06b27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986975.294681,VS0,VE33
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
6
accept-ranges
bytes
x-cache-hits
0, 0
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SVPQ63GF7Y1KYBNP
Age
519548
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
ktgbU0cmljCH5W/qrdoEHeX4+9JwQ1mGv2uOqPcR9OX7ZpbrUVPvhv/UQpVQsycqP9g54Jz9vUtBbYSVjfMXsg==
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CojObulF%2F0Ls4OAc0I%2FzaU9qiUER8JF517RkskBU5r%2BQ%2B9JUD1Cbh9JLO5%2F5nJjr9PszaeZSD3cCEXLrS7mleRXETLElokdElrr4bFKcuBfCbLxx%2BnQiti4JvnX8wQfq2aY%2B%2FhOS375GdG0"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
79112c53ab919019-FRA
getConfig
cp.pushwoosh.com/json/1.3/ 		350 B
851 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cp.pushwoosh.com/json/1.3/getConfig
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.221.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kubeapi-nue.pushwoosh.com
Software
nginx / pushwoosh/device-api
Resource Hash
16ae22c6ae2ff1f86ecfc0f395c6c68c061ee65d42a99996bd51814bd2675119

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
pushwoosh/device-api
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.haaretz.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 29 Jan 2023 10:09:35 GMT
server
Google Frontend
x-cloud-trace-context
51e7bdf838945ccae2fc50cb816ed02d
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
x-request-id
1aa01c4a-7ba4-48c8-aff3-e18166d333b4
x-vad-version
0.9.18

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.haaretz.com
x-cloud-trace-context
36c5e89ed4ba7c78fd6db17ea734f838
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.haaretz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.haaretz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1966782282335760&correlator=4217575789680341&eid=31071826%2C31071830%2C31071867&output=ldjh&gdfp_req=1&vrg=2023012301&ptt=17&impl=fif&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.billboard.desktop%2Chaaretz.com.billboard.desktop_homepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250%7C980x190%7C1200x330%7C3x3&ifi=1&adks=1110902944&didk=1852119507&sfv=1-0-40&eri=1&cust_params=react%3Dtrue%26pageType%3Dhdc_hp%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26articleId%3D0%26anonymousIdKey%3D16749869739797149&sc=1&cookie_enabled=1&abxe=1&dt=1674986975415&lmt=1674986975&dlt=1674986972837&idt=1917&adxs=436&adys=245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.haaretz.com%2F&frm=20&vis=1&psz=1260x35&msz=1260x0&fws=4&ohw=1260&ga_vid=308643667.1674986975&ga_sid=1674986975&ga_hid=355935605&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5ba71a14d3f2ac9ad80242a30ceda532b507c13dc42013438a3eb89c12f7448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13077
x-xss-protection
0
google-lineitem-id
6063151435
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397949324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		144 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1966782282335760&correlator=4217575789680341&eid=31071826%2C31071830%2C31071867&output=ldjh&gdfp_req=1&vrg=2023012301&ptt=17&impl=fif&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.headline.banner.desktop%2Chaaretz.com.headline.banner.desktop_homepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=2&adks=2533732038&didk=230136020&sfv=1-0-40&eri=1&cust_params=react%3Dtrue%26pageType%3Dhdc_hp%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26articleId%3D0%26anonymousIdKey%3D16749869739797149&sc=1&cookie_enabled=1&abxe=1&dt=1674986975423&lmt=1674986975&dlt=1674986972837&idt=1917&adxs=1101&adys=606&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.haaretz.com%2F&frm=20&vis=1&psz=302x0&msz=302x0&fws=4&ohw=302&ga_vid=308643667.1674986975&ga_sid=1674986975&ga_hid=355935605&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e3ecf7303c3cb1a86b38cb9a73ce7efdbd75f1806a9a47aec5220e453cdc364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38065
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1966782282335760&correlator=4217575789680341&eid=31071826%2C31071830%2C31071867&output=ldjh&gdfp_req=1&vrg=2023012301&ptt=17&impl=fif&iu_parts=9401%2Chaaretz.com%2Chaaretz.com.popular.banner%2Chaaretz.com.popular.banner_homepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=336x280%7C300x250&ifi=3&adks=1596751752&didk=4234022441&sfv=1-0-40&eri=1&cust_params=react%3Dtrue%26pageType%3Dhdc_hp%26htz_user_type%3Danonymous%26tm_user_type%3Danonymous%26hdc_user_type%3Danonymous%26articleId%3D0%26anonymousIdKey%3D16749869739797149&sc=1&cookie_enabled=1&abxe=1&dt=1674986975429&lmt=1674986975&dlt=1674986972837&idt=1917&adxs=1043&adys=8144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.haaretz.com%2F&frm=20&vis=1&psz=382x0&msz=382x0&fws=4&ohw=382&ga_vid=308643667.1674986975&ga_sid=1674986975&ga_hid=355935605&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fa67796966c55bd4de359a0a89b90c3e3c86f298e49fa3cf15aee888c6e2c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9656
x-xss-protection
0
google-lineitem-id
6040957592
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138394611902
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 86A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:35 GMT
expires
Mon, 29 Jan 2024 10:09:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lg.php
cdn.firstimpression.io/delivery/ 		1 B
453 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=105418&campaignid=947&zoneid=115878&dt=1&_fiid=A7&cb=38538123
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-76.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.haaretz.com
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
OYVmq5Fes0HcpHBRuIhUF5IpmjWDiqOIoThiNWins2nKlPfTWG39DQ==
expires
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
post
tag.escalated.io/ 		31 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.haaretz.com&type=display&cust=6956&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7b1d77153cd55fc5b3085fabd7b5b468ea6294bfdde84821afcabbc274ffd549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
applicationOpen
cp.pushwoosh.com/json/1.3/ 		128 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cp.pushwoosh.com/json/1.3/applicationOpen
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.221.212 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
kubeapi-nue.pushwoosh.com
Software
nginx /
Resource Hash
47d9389b2083e710b360a87521e8c78bc4b04e6a9832961d1b4a13233b2f0d48

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 29 Jan 2023 10:09:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, OPTIONS, DELETE, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
getCombinedUserCampaign
services.haaretz.com/ms-gstat-campaign/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ms-gstat-campaign/getCombinedUserCampaign?id=16749869739797149
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.haaretz.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 29 Jan 2023 10:09:35 GMT
server
istio-envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-envoy-upstream-service-time
1
x-timer
S1674986976.589520,VS0,VE22
getCombinedUserCampaign
services.haaretz.com/ms-gstat-campaign/ 		22 B
84 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://services.haaretz.com/ms-gstat-campaign/getCombinedUserCampaign?id=16749869739797149
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/9893e9f1bd720ecb0be233c41309cd140ac05a98.9c2574a6fe3241677e9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5605688c45f66162b8214898b46b49c92d193feff3c73fdb813e9b68b9ecb8a1

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
via
1.1 varnish, 1.1 varnish
server
istio-envoy
x-timer
S1674986976.632455,VS0,VE22
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cache
MISS, MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0, 0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
008509b21c5884fb7ce3949d641477168d95c172a3111ed763fe70e0b3ad0f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11236
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 10:09:35 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62
8096267
date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99760
accept-ranges
bytes
content-length
82748
expires
Mon, 30 Jan 2023 13:52:15 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2836a92ed5effcbaf0543c232ba75c2f7f3de25e33d182461fc9192b709eadf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
79112c5708959944-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
818779
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
79112c5758f09944-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8485 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
176733
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Jan 2023 09:04:02 GMT
expires
Sat, 27 Jan 2024 09:04:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 04D1 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e4210bc403f6050aeb0467ee483b825d80d5e28059b8082937b2eb798a3a4964
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oCFdH2TYa-gIZh3lLkweYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-oCFdH2TYa-gIZh3lLkweYg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:36 GMT
expires
Sun, 29 Jan 2023 10:09:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
drop_cookie_sw.php
csync.smilewanted.com/ Frame 85EF 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c57a94d9944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:35 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame C5F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 29 Jan 2023 10:09:36 GMT
X-Sovrn-Pod
ad_ap4ams1
CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
pagead2.googlesyndication.com/bg/ Frame 8485 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:24:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
254692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Jan 2024 11:24:44 GMT
e1a3e0ab8b6a236ec57fb2812fd4ce7
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame CD7C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
0
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c59ac539944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 29 Jan 2023 10:09:36 GMT
Expires
Sun, 29 Jan 2023 10:09:36 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1674986976156096-363
v1
match.sharethrough.com/universal/ Frame A968 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.44.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-44-9.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
smw888.gif
us.ck-ie.com/ Frame ED32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 29 Jan 2023 10:09:36 GMT
Server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 04D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012301&jk=1966782282335760&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8485 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sD4jFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39CD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:35 GMT
expires
Mon, 29 Jan 2024 10:09:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rjTWKC7ADYsR5D97ssSU
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame F4DE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/rjTWKC7ADYsR5D97ssSU?pi=smilewanted&tc=1
0
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/rjTWKC7ADYsR5D97ssSU?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c59bc649944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 29 Jan 2023 10:09:36 GMT Sun, 29 Jan 2023 10:09:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/rjTWKC7ADYsR5D97ssSU?pi=smilewanted&tc=1
pragma
no-cache
css
fonts.googleapis.com/ Frame 39CD 		2 KB
944 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 29 Jan 2023 10:03:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 29 Jan 2023 10:09:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 39CD 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:35:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
2041
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 09:35:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 39CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzNEv30XWY8abHcDhnsEPudmW0A-50OnYbsXmpuGMEZr5jYP8OBABILf6wiBglYKAgLQHoAH7rrGKA8gBCakC2FH_lG07sj7gAgCoAwHIA8sEqgSTAk_Qr9tMszrh9olkZPvx1BxZIeWPYc6xx_NKXePIru1Mgm7YnKpbe1awfZ7_X8lbtZWMI8zt4ipGHYHt1bbU2jsxdXvMhiqIKrZWRDUVB6MBE6t9JhCbM66wIZqo66U5PVCtBW2_r6oO10ngY_am2vTICWyqNP0bAooHTzqVvDxDFHOhr5XMeS-ijXKrfGpkah32m4Xys18v3meIVi-gL28P3F8N4hcB4ABvjDMurpDi7UQUd0W4RYAJsJEIJ9kSc1YjLy8PegZ2aE2vuFZCLTBecGrgn9TPPpYT4XfdUF9B2PZUPaDxmzn7E85Z8zVIxANoujPUTZG-GaZzkh9-zAw3YAQw8j8fAhVxXCJHauB2lz_IwATS_M2mpwTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHpMadI6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCaxSfSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTC9AVAYAXAbIXHgocCAASFHB1Yi01MDkxMDg4OTAzOTcyMzExGOrbFA&sigh=DOsd-2vr878&uach_m=[UACH]&cid=CAQSSwDUE5ym1fJV99was9QlcmtlCfu-Iajf4W9HazBHyLMLgxxH6nYrSIss7VaYHYlegTefUqQM6Tp0Cz7dujZLHDuLaxgVjfUOsVKQdhgBIBM&template_id=494
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 39CD 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
2040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8871
x-xss-protection
0
server
cafe
etag
9510037503091481574
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 09:35:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 39CD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:55:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 09:55:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 39CD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:52:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
1045
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 09:52:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39CD 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 10:09:36 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame 39CD 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:35:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 09:35:35 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 39CD 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQD0ST62t6wPvPAtNUz8rU6-kC_QpOCTb01XKbcX4tlewND_xbkXvXXbYZqnA&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48277350fc657c0b7b836aa8e351eebe37c786a48ac7f55c218056e29437831e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 20:57:39 GMT
x-content-type-options
nosniff
age
133917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17760
x-xss-protection
0
last-modified
Sun, 22 Jan 2023 08:25:27 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 20:57:39 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 39CD 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT-tv7eGMfVkgKZPyNzrhrkehMasfQpsiBIN6_RkiZpWTrySxfplZBpI3qL9TM&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32e996e076670c9d6006e8e3de2fc5fbe84f308c8480d708a999baa8aaa8062a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 07:20:52 GMT
x-content-type-options
nosniff
age
96524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20564
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 12:47:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 28 Jan 2024 07:20:52 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 39CD 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTHrJYsFAEXq6xfVUMqO9YXdhpWnhOMB4-jDtyZYCsDakeXAx3EKZFM0KA-Uuc&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea9f85118857e49b3b8bcfe9eae04adede89bc408690e7adb55f1a81d4033f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 12:57:37 GMT
x-content-type-options
nosniff
age
162719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16602
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 21:27:56 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 12:57:37 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 39CD 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRxjJV5EkuKgy7BMg8lTN9SJBPV_LoPenR-zkSouMgccA9AZZiHEYKyrrLm07M&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baac2048d8dd38f892e75666b09b83707092fbdc547d541d9d11df75f68de0f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 07:13:59 GMT
x-content-type-options
nosniff
age
183337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16717
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 01:54:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 07:13:59 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 39CD 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTEdaJNQlqlkfNbg4WwQEEgsmd8jzijwSNQPD4WB9XgqRVUmg1LM8JT0h3qZVw&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c88f56245527d2cf5538b3d0bd0407d14d854e9ff615a6ee56f4ee10cf69a0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 00:52:37 GMT
x-content-type-options
nosniff
age
206219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23342
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 06:15:30 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 00:52:37 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 39CD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcReS9FkVOUQDOzESFl8vts_DxdpxajtuD-TfDsuuTP-M9RKI7jOWurqldZsYGI&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edc408e5037384f6bb5b90eefa6906cc63728a4a4fdfbf7eef4e01a5ffe6334f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 04:25:58 GMT
x-content-type-options
nosniff
age
107018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15439
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 01:21:40 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 28 Jan 2024 04:25:58 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 39CD 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTwn6WEwOaOmzrOLVBeQitMjV_Qa4SpDU5sGPUtSP1NooL6VfF-rajqWRFBh_U&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a3aae8b2322ba5132df7387b44f8d7ef3188d425df78216d03ff79b8bd3f68f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:26:57 GMT
x-content-type-options
nosniff
age
204159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45384
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 07:36:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 01:26:57 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 39CD 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQb5IlPx03r_rcxJCHCV5CRlX21jK_M6B6eAcS0hER4UlFUhiQvjrEzU1UKeQ&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18a91fa692c86600e7a854770e29cb7aae71cb966aa8e6740c4dcfd3cf88a42a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:19:34 GMT
x-content-type-options
nosniff
age
201002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21416
x-xss-protection
0
last-modified
Mon, 02 Jan 2023 08:21:13 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 02:19:34 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 39CD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcS91ZZ_cn84MwAA3AKd2CdIniKXY4iXdPvMBxj0fknaGXzLb4o&usqp=CAI
Requested by
Host: 7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
URL: https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63647029f38149510989825af7eb63d3d70755f3b7bab7ee95375b5642fdd6a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 18:14:12 GMT
x-content-type-options
nosniff
age
316524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19154
x-xss-protection
0
last-modified
Thu, 05 Apr 2018 09:30:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 25 Jan 2024 18:14:12 GMT
setuid
ib.adnxs.com/prebid/ Frame 774B
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
98c332e7-d5de-4a30-a8a0-4e7acfd0ce79
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 29 Jan 2023 10:09:36 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c593b949944-FRA
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:36 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
server
cloudflare
truncated
/ Frame 39CD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5b9d769a144e100fdcd8d49566a6f7902516c22df8abd30ff02c1f10209ea38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F4B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHctWnpNoI3Zx2DbSRUUAeCgawgKwxzJlFSJaHAZxYeZJVY14NlRWOS3Hlc0BxGAqKGoyOgHeySbmJuvWau25cqBCklmlPNMSnxUn2vyOo2-5VK7aQ-YqpaUZsU1X5mlijNDpIkpRJ-IC1DmTD3w89rEqwzyREBytL8d_sFBdwr_cyhtBtA3_iGMO_1PFXjoNfql5kGE0lG9fWUFxgEGKwrrL24UQIhrmTLF9LhM_lp4iABUL8MFjLI5cd2zctwY12Yh-QG8jPoFiaAYMV5RHOS-z9eKJL8pQ2wIYmLg9v-R2C0KTw4089JmGbIwbiTM5N_VFw7i4j2gD76JVOiOZXIaAMyg4z03FbVOFJ7cPcJWVWyVm2ppcNdT6kqNOys5mQ0h52V7i_dLxpnsOn&sai=AMfl-YTbMV8vkIUGoKLd-joMv3c0xIsNpHpKiDIiCwjPkoZNiBn-NW5VFk6Z32oql8Uz3Ym9SySVVjNcu7yT32LdBOin0lF2xuTbr6ep-r8HspcIKoGMAr7H_xLGwAGL_IYa4X2LX5kLjqZfZZG4xe_UJoo&sig=Cg0ArKJSzHWLbW1ZSIYlEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t.js
flashnetic.com/ Frame F4B6 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b18a1b380949bcb3167ac8e9023fa146b000aaeef1a3e7d0e473c0eb26130f99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
d9TUuNfK07FAhZMLfVt8QhlIP0dGzjFx
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
date
Sun, 29 Jan 2023 07:02:28 GMT
last-modified
Tue, 17 Jan 2023 11:58:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
11229
etag
W/"40b4331e9e2a1d8b2f52cc188cd1855e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
kog20ADam4QndXX-8mRbTcmQS1MwEIGBcH_D-RZA-Aso-09sob3LzA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4B6 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 10:09:36 GMT
connectmyusers.php
cdn.connectad.io/ Frame DC26 		1 KB
883 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2979
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
79112c59f9a7bbd1-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:36 GMT
last-modified
Sun, 29 Jan 2023 09:19:57 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame 4B42
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 29 Jan 2023 10:09:35 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 29 Jan 2023 10:09:36 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
99a58a5b-6d27-4695-9cc2-4812ed21afa1&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 6A50
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/99a58a5b-6d27-4695-9cc2-4812ed21afa1&partner_id=1010
0
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/99a58a5b-6d27-4695-9cc2-4812ed21afa1&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c5bcfa59944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:36 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 29 Jan 2023 10:09:36 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/99a58a5b-6d27-4695-9cc2-4812ed21afa1&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
truncated
/ Frame F4B6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
081785acd235aa02a32ce5fc1eaafffea35327fa423aeefe2429bf2a7ab7ae7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 39CD 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:33:43 GMT
x-content-type-options
nosniff
age
131753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:33:43 GMT
l0d6721sz2vc6a5t8zika.json
flashnetic.com/c/ Frame F4B6 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/c/l0d6721sz2vc6a5t8zika.json?cb=1674986976387
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
314e4c92a985cce875bdda69f818ab7406c015f98cf574ed79eb47e7e0e7c635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
CEUg61UpXBw8wv4LmSDZo6lWhVhVDREq
date
Sun, 29 Jan 2023 05:46:21 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
15895
x-cache
Hit from cloudfront
content-length
1728
last-modified
Thu, 10 Nov 2022 12:35:16 GMT
server
AmazonS3
etag
"b68980bb23ebdcee9ec14764afb0ac04"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
0mnXoFXmB8Ez_lCj0CZRRt89yGvI7kJ0M2tsmsP4GVK0WfieYlIojA==
1
sync-eu.connectad.io/syncer/ Frame 9BF8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
79112c5a8ac9bbd1-FRA
date
Sun, 29 Jan 2023 10:09:36 GMT
server
cloudflare
sync.php
pixel.rubiconproject.com/exchange/ Frame C34F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
402fba8a82f093def2459220061c8d31
view
securepubads.g.doubleclick.net/pcs/ Frame F4B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvklHXHyYE-URAdrh4LNdpnERKHirYL5nNPVMPOgNb0ZgruwpqUVoYt-SEXCUtYgjiUL83TqMUqTdr4S7AHBK5pOczhF_T7S-efGEb2wIALJrnhcApeKYB8mxlMt82g3x3hOqwBjtHUcEQSfhK7f7cHHVHdLNLX1R-s8UatYmyBzFx2c38HEnqnatK2-eJL6DSatBK_YuYT_KfXh-T2hcfLvSxkn0-4U3hiJ6FqYmqpGSpm9sbtQuK4A1ingYQEOBC093ukLhUFD8lgy9yxraFTtZybjWs1NTPRVo6YMTPx33y5lU0ASuqGpzQYhwD0NmjodpNQw07tWApvgek3rhkGMxtVrIIUT6T1q8qJtY5Cdcmn09kKlxm7GLezhOVZhvNV3PwsnDxN3ZpuGNaMFQY&sai=AMfl-YTzAeRkW9NkP2N6EjDcFBA5jysBwfZ4e65-_BHi7jgdqE2APdz5DzC1jvpeDB2sF4MYSF6w2AZZrHiGhvjkgEirMSDAXKMtjSP0jBqeHPF3PU3M1Ba9D1XDndZMW8KgZAd-Ok4VfwO7mhxkmKZ1ORU&sig=Cg0ArKJSzFC2-OJB5q9eEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 10:09:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8C11 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cf79b9aa07bca3a96720a477c5ec0d5e579f61ce4ee7dd6b6e853145de4b964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27568
x-xss-protection
0
server
sffe
etag
"1466 / 169 of 1000 / last-modified: 1674860937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 29 Jan 2023 10:09:36 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 8C11 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi95LJL6tvDsdyXMOS8xQye23TWD4jT%2BngkqvdxIA8YBE4Deah1n7Jkdwlx3koNBGYzN8p6Nee5YN08FkupjPuSKwI7okx6vE8kK8duzcjSiGviZ6Nsof4YcLKYlK52TNny7YXelU9Bwiw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5b7a189152-FRA
p.html
flashnetic.com/r/ Frame 8542 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
bQbYTT0jMwBZ5nUoTyGBpPB01QohF4j3LumNjIJf_DtaWiUiqQX_7Q==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame C1F2 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
lsITaljxPu4RVu3PLAGl040X6vIvaCLrjP93cOBZJD_FNxsPG1f1hw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame DF78 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
oQuIQkyzzNF5qm9EGdF_D4MFBPh6JQU-v1jRBWCubp7QHP3097eebA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 5BCC 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
5--NSC2TMDdJ1FOlZmv0hWfg3qUsz21hj3KDWw_F8yc8ApIw-4sRBQ==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame E1D2 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
x3qzreiQA3tmG18Mbb7OTpciyJThI0GtruUhHv-7rb8L5xiadZIlrA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame E5C2 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
UgEQRCy1kHRBT6Pw6-ySwSfn01CrATADA-t2z_f-3ziAAlLpQO1aMg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 5D26 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
gcqo_h1b3Q3cu5mXwXds7OcBXhaVOT5320l3vedtIA-TnZ-2nymVbg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 3887 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
YAztk8DAEsS5pjB4XFeWUnLUFawejW2LsagvU_3VdgPvdfZGLBYySg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 5940 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
lrPsFIM2b-M5NXEY_SM5DH9hKLAzwNvAEhzdXk4UuAWdFYQkJkTzvg==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 7572 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=hgmw&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
POLkoeGCAS4Yb_roGxhnQRLf1Yf9Cukq4vZXa4wrCGmHBtXiA_qKOw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 9C6B 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
gtxiM2h_HW0B5IaxHxNHeRMZ8MqG4E0mgHs5_yu0wglh11rF7Yk8BA==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 2075 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
07LkzOGypu7kwh2TwZCZC99TSMU_wA0AG9OsE2ZCQWitQo7BtB_T-g==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 597C 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
BfHFmP2MoS1CI_lnqXGKhabauVVszzFLjbbTBvG_6a8wrrWOmmudbw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
p.html
flashnetic.com/r/ Frame 10DE 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=l0d6721sz2vc6a5t8zika&cb=2499791674986976248
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
24643
content-encoding
gzip
content-type
text/html
date
Sun, 29 Jan 2023 03:18:54 GMT
etag
W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified
Tue, 25 Oct 2022 13:58:03 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
6rsskC1DLJgP55K6FtJTFvnuKzK01in0UADbFRKxtAG6JOFfMU8PFw==
x-amz-cf-pop
FRA2-C1
x-amz-version-id
6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache
Hit from cloudfront
CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
pagead2.googlesyndication.com/bg/ Frame 248A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:24:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
254692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Jan 2024 11:24:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 534F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ2AN1q3brLiP2jOHnM1HbzE_aYu_u9EMeEnBWztCkLTxGwrz23QwOYNLq-cX710r-iR48dIq-py-DRtSSywklzx2FPWsiP63nZ7t645Im6Lu0gC8YcKQVVodPqIBgUSCD4MW14k9qeJgcCjBRhKf1Vu4IMwR9jBhX_cmKFhttpgMEsw5Y1Skq-865rNosxyMqWWw1jfJAApRJ3eK7aUbmFpZXh7o5wNGcFsYq7xRBImRKXh-OoD1JleqPESCokI16TDjBRsrBcxNHUUGrrNoBj83JLPXcIygzvY1qcPYLmn6DmY2pU2u3SSGGQB8WnMlYi-u8Qfq7CsFFnRK5NXBx7sSpZnAZ2VY1ZwzNObZnQTjPAhLR60wlz4sadHmKPQ0UuEyjn3cu5cq87aEpAdy9&sai=AMfl-YTrdWt9niBnO6VBcag2XLGffqzIts8p2huowFI7WorMWictVOCvYVcqgPPJ_YgHGzSuT3bPury3u5FhGQsUYmC_WmhHpg2Q-2JgZbO29fmiq9XtI5BTw1ajVal06MoUBe1qLolvuMXN36W-CeKnn8s&sig=Cg0ArKJSzDTgU0NtilyLEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 534F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:55:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
862
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 09:55:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 534F 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 10:09:36 GMT
3048859826183583761
tpc.googlesyndication.com/simgad/ Frame 534F 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3048859826183583761
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012301.js?cb=31071867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd4be3e5587207c62ac45765bb974a95d3da3694685d10b5b49d04c489215cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 00:54:00 GMT
x-content-type-options
nosniff
age
33336
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44928
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 06:57:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jan 2024 00:54:00 GMT
truncated
/ Frame 534F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6da2c6ea32dbc977b7830da2667c725081f75c6b5cbd0609bc1b8c6e53676f9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
unip
trc-events.taboola.com/1383653/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1383653/log/3/unip?en=pre_d_eng_tb&tos=1627&scd=0&ssd=1&est=1674986975029&ver=36&isls=true&src=i&invt=1500&msa=10253&rv=1&tim=1674986976656&vi=1674986975027&ri=7746d0f4088bc10f394f92bead0b9336&ref=null&cv=20230125-5-RELEASE&item-url=https%3A%2F%2Fwww.haaretz.com%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1383653/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
https://www.haaretz.com
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubads_impl_2023012601.js
securepubads.g.doubleclick.net/gpt/ Frame 8C11 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 20:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 09:36:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Jan 2024 20:49:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 8C11 		2 KB
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.haaretz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14a190890f613a93e40b282fab10c8ab27443c8c503f775d53012a6dc0e357b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
569
x-xss-protection
0
expires
Sun, 29 Jan 2023 10:09:36 GMT
prebid7.19.0.js
hb.adpone.com/ Frame 8542 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8Bt0SbM2ppYo2e4It4JuhJzIXDUcoIfCH2vRsXHYYSucY3swxsie33bnrtUTgQ4OAuBsS6ng3zhfnQUUSefr0%2Fl2yVs8ZWlXmY9kfEDCkHP4488RfzvxisGbtMZZ3T3cgMm5LzBR7%2F23Xc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5cbce49152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame C1F2 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8bpbBp2mxB9xU2FnT7hLVJtMGROBIk33J8G%2FhvCxKL2zDg3XQpoHBHKXiXY4rPAXQ3FqfP2jWImMlU5f9UBu5uXTyV4ZOM4pBS4dAnHDwCyvyniJyi8sIuW9BQLATPo%2FlpPJtVEAU2p%2F3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5cccfc9152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame DF78 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=775y%2BdiJY4JqnN5v66JalAoUzRUsBPKbzWpPyfy0TGNE0xsvKzBQThfj41rY8VfMapLtBP7oXpYCGhHqv5WGgJu3SWEJGzr81II%2FrgKZXY3ZBMrQ8Hcj1xSuoeyJ3AVFxj%2F%2FkKMWfYjqSfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5ccd109152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 5BCC 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L5RluhB0KwmASz5kDWwkbXXxGU049b3M2MgxZyrG6A91UTxeBVsBf%2BVX6cDC7FlQbabf0%2BNVcVreStWoy35f0Xp7RCRXq0YRxJfLi6TLMAdOSVjrQNusVZB%2BsDbvqQlHNi4lSi42lTmOvo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5cdd1b9152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame E1D2 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YvvAjmwdppXYeZcWKdjDV13GzSD9Z%2FkMES%2FFtVyeuy9pSRGsk9NTDsRYwrYP3UTrKgNQ69lX7WOfA6NNY6lzhbJn%2Fkcnxljh1ea2OZ05i77GL35T2Kt%2B%2F6sJxSEIsn1lKGRyMKscK2Z%2FK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d0d729152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame E5C2 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmPBX0npLnRnpGez7RtjnvSQVHOJJ6F%2Fh%2FEZtnwCgirMoRDePeicPgLpABnGUsZA2%2BfCbguPWImZGliPEQgFNe%2FgX9CtdWlLN1D%2FTTP2H3w5sk5eWmJh00dNnTMibPWR7tmDXFRJvTGyigI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d0d7d9152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 5D26 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hZtyJvrdXR2YZJURHgYo47EB3lt4G3000O8OqzzZKFp2sxmtwWijH0uCfFl7a1gs5l6v15stQogR9pHoTMWCXtH%2F5NSDxSgaZI6PRnYTzRS1z1%2FrUibWKU2eBsdhHM4bX18vmq3EvRbeV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d1d959152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 3887 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KARBCHg%2FRK8kS0UdseoatTx094aWbHAhNvJGK9VrpWGw4qC9za%2F2eVwfYNeSp64Il8JLhLK1%2BprFhDrUBE5lUg3LZUaAeA%2FBzxzZXVXfLpI6JH3PFhnj7LlkxQ1R6BYpKg3vQCokv6CKtEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d1daa9152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 5940 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZy2x9DevsSEyAfnXMpxGbU83AH%2FyXgN%2BO3I3p9HFoQ2uW5KTsfnZ70hgxIu3nSxF6EFlCLr9IWmnoRFh%2BW%2BCoo5BKfHWqeiDkPARXMhiGJKBqOt3jOhMXdXZRMK9zdLV%2FXlYaTtP%2B9r5bE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d2dba9152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 7572 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hgmw&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oG7Cr4izMDYFuSqGNLRYJu1Ugqp9DRgONH7ag4mYxNLevMdh8qK56X7m6wf6NRUR%2BewkK1XurtswMDgtIyjbOWl2EFPCyFrpckfjPSTFhw5gNy4LQnDWXR3giqLMcNrADE%2BD7gfuqnPGXY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d3dd39152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 9C6B 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfMW16UnWw00%2FG4V9POOWo6%2Bu5WelXzATgVSFBchiqbwI%2Fx%2FYxPyQx%2FJu1TMyYUZTQCmii7ji%2BZJ2mMgI9l8WADTae3FMOqc0Ir8P5dDb5neZpbd6uQU7H4W1a%2BcCdL7Eglf6h9KxPLaOQo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d5e119152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 2075 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDpVSSQq%2BF5m19vzuDF05%2BYFybjUSm3H%2FO8GZv2UoSuWTNkMLFJyrCFBF1FbJJh8XV4yoBQKJ1rVIq9KvIf%2ByxkWQQ7TacZ5hfl2o5wKP0nHTLSfJ36p0SgOey9DhJZngFSd5V7QrkI%2FjtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d6e429152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 597C 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTofvCre00vd4Y4FGvK5Y%2FgjG5ZsylQyY5A%2F32Hk8IqbyUTHJimokNEoDlzKZaWJUG6Vi1toYJNffQKE%2FH1BgozDAl4nStlBGOf05%2BNTqb%2FSGzqqIklb0ZzKIfl84%2BvY1Lg1IQKMOfABoZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d7e589152-FRA
prebid7.19.0.js
hb.adpone.com/ Frame 10DE 		424 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid7.19.0.js
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-amz-version-id
mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
M0KSET0SMARA7YK8
age
2221
x-amz-id-2
SU++ksxJ4CTdEQ6wj1iJM6RzFjuUmOETtKnC/ADy2ibrsuiDmtTf8Wc8d++l+n4sNvlauGbObSw=
last-modified
Tue, 25 Oct 2022 11:05:38 GMT
server
cloudflare
etag
W/"c5676242a8c3f69dca478f87ab473b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18jtrJUnxBJxGUUggEFLalgqNlMQCsN3geUCuAMrBThbNFgqJuCeBrpy0ZJQ8IRbM1HxO3JLcoPLPFCjuFKfm930ahCB4eBbx0lzSMCOs1S4ty%2BDvWHuBJDzcZwhZM2LPKIyh22uyUJzWMk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
79112c5d8e709152-FRA
bid
ap.lijit.com/rtb/ Frame 8C11 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f1eac78cf74cfcddb5957f18a2d8f04c183831ad3b142fe76e1448cd95dd41b0

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:36 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.haaretz.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ Frame 8C11 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 8C11 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=27531968683&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.haaretz.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
openrtb
adx.adform.net/adx/ Frame 8C11 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
29c6a64db3a3bb9138bfc613283f2bef86da2d01f8101264db1e05474bfdc090
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.haaretz.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
shb.richaudience.com/hb/ Frame 8C11 		4 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.101.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.208.101.55.162.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:22 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 8C11 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.haaretz.com
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 8C11 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8C11 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.haaretz.com
date
Sun, 29 Jan 2023 10:09:36 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 8C11 		139 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
503b2b746796a8f9b3e5fba8f596f60395b4995e565c25fc35f02d2671007226
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:36 GMT
AN-X-Request-Uuid
5f58dd57-d569-4346-9638-532033f2d1de
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.haaretz.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8C11 		370 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=%2F21671350435%2C141850047%2F300x250-haaretz-haaretz.com&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d3e33ad4-4927-4902-a594-1a310b793d83&l_pb_bid_id=2006776aa94c4e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8971731731121964
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b21ddd56394009bf4d874492e2408b0926f0e0f1f16f2a0ab05b143c6c315114

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.haaretz.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 534F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsterCHuk3oThsIjwsJ5y0VDUulmb7ODXL7a24pXUFh_c9X3Ccezn8dnc4poZ-huT2hei09095MtLJ2JdiATq_ZSH9A2wjoP1s3AXoOaJAC9O5I6CR7HefaRLNKHVlb1RwnQtI5I-invX7YoMdQE51S9jCIT-6KdboG73Z-VGQVR7c4pG5aZvmrmnwzxveYc0VQMVYo8GzGpHdQ9DjjDgnovbwDgHo83sew9ge1Z9uGaeRewdGCT0E4uF4_HWzkZyl0aDoVRaLS0IuTPS1Rcep2mTr4Rsdu4tKHQcH5gMTNNxKgKOTcjFJbtjPUREQhVY3hmHqpiPPrCcj-mwUlJqJMJSE0Yx4Z6dmoUlQEcYpWgf5ehobIMMGkQYW7o9Q36oM6uh6ecAPoJexIxpy7utBptAzg&sai=AMfl-YQmcvFQdKh7mLJkKZCC9q9T2dQncVaa1vVpmsKzywjLxfFek1mblOZjuP9jdNbjuSoxkhCV7Z7rd2rMv3HcpXtIBtD957PuKPfRK4PQk4F8QlFtXcwL4jOPTrDK5mQPURQHVQEI2_NU0FfivKkfUwA&sig=Cg0ArKJSzDtd4qmi0GLWEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 10:09:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012301&jk=1966782282335760&bg=!OjmlOX3NAAZSrDxfcqw7ACkAdvg8WoR1zEM_NgA06J1xVvpqDMzjMJ952Pdv2McaCxuMeQWjEx5zKAIAAAByUgAAAAJoAQcKACUoFIrRUEYazUxPkJqeAo7p042DusLmL3wv4DYfq4k9yvJljME9mQKecpMlLs6BNC-KYP2HuIyTEnoGgVhbcFkjnMVtcd--NZ_03AfOGja1_cbzImuiB5LLmUveBZy7N6B9nyZqI2mMLMnW--0GGvRvFFSiXvobPVcCGq2NnRfFAnQJezOrGV9LdRGM9Wv8gT_gKpskHnn_oxroS_20BEwrLY54poeZSuBoCsx4T2JNpYk24PZzv77isFxcDMJ81FpCUCwilKbuaG_kIc4ElyPo2lJ5j7jREfTbd0E5SA4wFS7OKNO4JBOpGjL4rnfAfs3q8eb1kej0V-K9J5O8uBlqdFUVvaLIm-6czd0gjg6-wwQImlwSfPL8GprSCVthvucRbYXM6eQE1k5ueWKVPSlz1M1CvtU4fuEjKyJGLBi2Hcz_9u8_kTkN_P5EwhpILV_Zz2S22ygGikg2xiVgmO-17Zq02CN0r-FhDVYYO1z7J7gSeILMpbDah-ihlkDDJxFPB__bPtt2x1W1_04HiZY02VyOzyysJc5nFokYKnxs3Vl5pVXlkGIpRyI3AEftTToEXO6LQf81MyA4pUKRNMHbz22JDqLKLwQsHqbSS-5q2PAK01glhrjwHrdxHwV9gkAcHlH5m3xV17ng0r7mr9fLZ4WqSrmtA2h37lv1ys4Ogemvz2Q93lhb_QFM5Ucw6JChykOut8binXkqit1qbghlUdTFg3UtxrDgmxt4xHv9azdi2ofAD66xmO8wh8Pzp3fpus0QFJfbwoZDjNzzCv6N_2qO605lQzNfQ27wnizsdLazN6sONNWDaHryYT52sFs0SuCqKPU959qAIvNSszuxlqchLw2cz8kvfdLqFZDLu0Q5seLB5rG-0ZAYKSsCtByaMRhm0nT4s6iwo0m1zDrH6nsEqtoOhrLLF8ZayXszfXGH-IpNtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E1D2 		338 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976792&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f3097e0d-bf9a-435e-8b9c-cbd868159c0e&l_pb_bid_id=2d377a90b09bb6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15370380281637908
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9ed91b58ff3a133681af553834e2e4b5625747c6b0fe6011fcff87ac45c52ac5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame E1D2 		171 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E1D2 		24 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1b75c28df6fd8c1153615aa6005c4901339377b0d90e57e865d9c994a6d20901

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ Frame E1D2 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E1D2 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ Frame E1D2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3fb4726c80feca01622e51345e7df69b35cb6d7c11e641b4d389c477fa1ff5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame E1D2 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame E1D2 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=7495444651&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame E1D2 		139 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
23b214a07580d29f7de43418d1b7305f417a2684a9f3c6a6441bb3dc5f30b013
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
bbf4731d-0770-4838-8a0d-c41bbe4e0ae2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 5BCC 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5BCC 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 5BCC 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 5BCC 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
836d1cae5524a9fafe5e4126ddde116c865befe777f0ceed256da8ea35a96092
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
a7a0f02c-a286-436f-8bcd-6d14738873c3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 5BCC 		94 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5584f66cc879608f3001274a34502f6664b9e45743e862eadfaccf9149095264

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5BCC 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976767&tk_flint=pbjs_lite_v7.19.0&x_source.tid=931ff41d-d329-4607-8b0a-74864627ce4e&l_pb_bid_id=12904a014294a4b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8539536933007841
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
daaa445966a86d28f91ac9f9df054170438084ec500d91b15d58d97e410804bf

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 5BCC 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
openrtb
adx.adform.net/adx/ Frame 5BCC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3413595f269255459244e8a5ffed42015b376f041f7d8f023fd86b5b1d671eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 5BCC 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94662378813&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ Frame DF78 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame DF78 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DF78 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976761&tk_flint=pbjs_lite_v7.19.0&x_source.tid=92a205ec-601b-4373-a1fe-a0bda88fce2f&l_pb_bid_id=6b8206b7225cab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3445242594422042
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71a9a18095bc4d0e0c8ef02f2faf4649acde4f334956419552d5bc4654e7fc85

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame DF78 		94 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
929d52c7ede7bb3549499b2090de49f21ea2b610ff5dcecd7666ee105515758b

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cdb
bidder.criteo.com/ Frame DF78 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=16711095294&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ Frame DF78 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame DF78 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fefded2f7cc1ce2fe88de97ea917c6e0bfd197c145a06ec9e0f9b94b2326969f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ Frame DF78 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame DF78 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
e648cec1-62b8-4419-bbe1-da95e8a537a7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8542 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 8542 		24 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
df3744801e0adb62117f4cae2cb2c93402b601038a6fe7b4e8e71902ec689c93

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ Frame 8542 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8542 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 8542 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8542 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976746&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bfc45c4a-84ca-45bb-a8ed-401cd1b4881d&l_pb_bid_id=120f300f9ae9c68&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7823562402659954
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
da277f533270b7b16d1952dcf6a0d9ce6ebec2d52cf5ab2c0bfdc23f70d28586

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame 8542 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
85baca5ed0e2a067dfe4e7301ef0de01e95298c24d60a2aae47e16eddf372aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 8542 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=3483742727&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame 8542 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
51557a625fd6ce2c5038230fb4ad03000ab338caf2fcdd4eaed768182a80adbe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
9ac9b05b-f632-44f0-a42a-4990405ee598
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame C1F2 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C1F2 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976754&tk_flint=pbjs_lite_v7.19.0&x_source.tid=64131bc5-e54a-46f9-9580-fee0c8b5845b&l_pb_bid_id=4a0fee5fd931b6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6768490119778121
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a2311abf896ef61c620270ae75e78a9e653ac8ae5721fbd06f93aa989a7a1077

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/ Frame C1F2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
592a91d6dc754fed8e3c6a924d15635a5b5231d08e13366f2b0e4210a787d533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame C1F2 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=1837814509&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ Frame C1F2 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame C1F2 		139 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
de8293d9cac26daca349744f1695e7b1a393452fa690e111df85113c2e515815
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
48ebb10a-5cf3-4d34-8703-9414bfb1afa1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame C1F2 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
75772ac766fd99ebb9e7dec5f00f32a87dbfd7fbd1111e2db15a0fc4a1c5a535

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
3847
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame C1F2 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame C1F2 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 3887 		94 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2e2331c054c418f8fd8444fd3c1d71a5b5b9f5715d2b6c8c3dc012fca1de8946

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
prg.smartadserver.com/prebid/ Frame 3887 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 3887 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7d2f98ec838cdcbb6533da0d76ad9cc895cfb1dd6aa60b21fed047c0dd59f73f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
ab6832ab-92e1-4ac7-86de-dca832a87893
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3887 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976811&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e31adb26-584e-4a71-877f-c11d9d329490&l_pb_bid_id=8cf1ae2e3cdff8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5177612892887633
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c269335f1602d5504755d74d7616be558341f8b9c39cbda45d2d61d46d035fd3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 3887 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 3887 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3887 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ Frame 3887 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2a9777e955a2a1bccf75f63008071703762a179abbb238f12cfaa33211fc8dc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 3887 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=69650453541&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ Frame E5C2 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ Frame E5C2 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame E5C2 		94 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d685c5ff4e272731073c5ba6cd26456f7e73fcf8c8f5c86ab22c4051561615b5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
openrtb
adx.adform.net/adx/ Frame E5C2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6688ef1b03b2edabdb0ab2859e1f4301a0ec1ae14412defab7a3de78cbe5e07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E5C2 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5C2 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976799&tk_flint=pbjs_lite_v7.19.0&x_source.tid=73693d29-46fa-4d7e-9d1f-d4dc798ee607&l_pb_bid_id=122f7d50c8acb1e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06365972097204042
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
db80de8512792118b546a0d7283278522a340bb0250f20a9a66b28e158da48d5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E5C2 		19 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
eac91ca2-5ffe-47c8-86b4-c2ebdd952e74
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame E5C2 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56400777095&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ Frame E5C2 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
openrtb
adx.adform.net/adx/ Frame 7572 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 7572 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=45841109386&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7572 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976826&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bddd2b1b-dae3-445a-91ff-b8cf8525299b&l_pb_bid_id=646596ac80eb4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5411346444182263
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b6d496d50fc1faa25d2cf3bf6dd490ec927de01b55761233a10c5b2af8b4d6e5

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 7572 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
translator
hbopenbid.pubmatic.com/ Frame 7572 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 7572 		93 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
353b4c6b1e2bb1a9a13dca7e5ebc1d9e801d9753f7f0ecb785c4ef646aa2b48c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ib.adnxs.com/ut/v3/ Frame 7572 		139 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
65d5f5f01d3b21937c8a55e943d710ff72b31c5067746f8f38472ed497a1b8a7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
1100c9df-216b-4804-bb5a-121420d0839d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 7572 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ Frame 5D26 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
433793553572ce02d64969be889c1bffbba2061aee095867857f204867513942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5D26 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5D26 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976805&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1f83c320-439e-4f39-a5a4-2d7dc349592c&l_pb_bid_id=68ff0b081d7ef1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7134494308100834
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b55671127e0f7d1bbff952d7169b0d3a910d0fddfa432a4d2b2188494c87369

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 5D26 		94 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0a8260a2ef2f7cfa8c810ca24d35113047e1da563a91ba526a768e325e441

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ Frame 5D26 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 5D26 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
44db46718503e099f0492650b3549d5a22c7bd442a1e0e694abc2d777e1b74f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
dbd3c149-7437-42a2-a3eb-92a39d537feb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 5D26 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 5D26 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=39823471238&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ Frame 5D26 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
openrtb
adx.adform.net/adx/ Frame 5940 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d95ad97a5486af1a83c7221ebef0ea8d2282b5054ca706b1aa8eded52a47249c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ Frame 5940 		94 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
54e6719e924a0ceac3582e94ddbe1e4efd576064e5f8b37197a74f32aa2cdd79

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
translator
hbopenbid.pubmatic.com/ Frame 5940 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5940 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976818&tk_flint=pbjs_lite_v7.19.0&x_source.tid=de668403-4fda-4f88-824b-69d4fcc4588e&l_pb_bid_id=88b90544fc1b0e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10844574211547231
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
add3e5b7677d241670e1a5b02427d2484d9047b84c1153a217fbd0209fa52e23

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5940 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ Frame 5940 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ Frame 5940 		139 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
53015c0b2ba3b114c1ff1ef4c67e65bec34d2aacb9e0fc1b1dbef09e25d23b41
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
4e6a6c0b-16a5-4900-8dd6-869923e495f4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 5940 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=24653918643&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
prg.smartadserver.com/prebid/ Frame 9C6B 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 9C6B 		94 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c4c72d52f956b04115d6b66500e9d26095a6f304a79d36e9790d3eff4df2c21c

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
ib.adnxs.com/ut/v3/ Frame 9C6B 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bd6ea37bd63450cce4c3edfa2fa52647dc1b70be06e13a2e3966cdc4c14ca3f6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
71278866-4c9d-45ba-b59e-ca349cb42ee2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 9C6B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0740db05f86aca1ebf4327e87adda339c4a353e69663b9923eafaad3cf7a4730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
translator
hbopenbid.pubmatic.com/ Frame 9C6B 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9C6B 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976847&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5a06a2d5-83d7-44ba-afa4-f0e65e92d741&l_pb_bid_id=12e285e3233dc29&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.445823239136963
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
39f2d511476c2f99bfb1a7c9d9975bf49cb1e2127d735627abe34017bd14404f

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 9C6B 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75017864246&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9C6B 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=355935605&t=pageview&_s=1&dl=https%3A%2F%2Fwww.haaretz.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Haaretz%20%7C%20Israel%20News%2C%20the%20Middle%20East%20and%20the%20Jewish%20World%20-%20Haaretz.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACAIJBAAAACAMI~&jid=2001299640&gjid=169021458&cid=308643667.1674986975&uid=Non-registered&tid=UA-589309-2&_gid=898517137.1674986975&_r=1&_slc=1&promo1nm=undefined-navigation&promo1id=undefined-navigation&promo1ps=40_demo&promo2nm=undefined-navigation&promo2id=undefined-navigation&promo2ps=40_demo&z=631570123
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 8C11 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.haaretz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8C11 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.haaretz.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8C11 		20 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1624592090527482&correlator=3122180651972190&eid=31071363%2C31071822%2C31071972%2C44761477%2C31068366%2C31071603%2C31071663&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=21671350435%3A141850047%2C300x250-haaretz-haaretz.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4272469860&sfv=1-0-40&fsfs=1&prev_scp=hb_format_adf%3Dbanner%26hb_size_adf%3D300x250%26hb_pb_adf%3D0.14%26hb_adid_adf%3D230365acc8f2f4d%26hb_bidder_adf%3Dadf%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.14%26hb_adid%3D230365acc8f2f4d%26hb_bidder%3Dadf&eri=1&sc=1&cookie=ID%3Db6cac8f2056b2ff3%3AT%3D1674986975%3AS%3DALNI_MYc6mgqc9iR9rFAFXEExM4p1V3Azg&gpic=UID%3D00000bce9d858538%3AT%3D1674986975%3ART%3D1674986975%3AS%3DALNI_Majp_hmDJ7b1Qgl42oiJ5GIyyC5gg&abxe=1&dt=1674986977218&lmt=1674986977&dlt=1674986976466&idt=491&adxs=1061&adys=8427&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=7ydvuqaeygir&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.haaretz.com%2F&ref=https%3A%2F%2Fwww.haaretz.com%2F&top=https%3A%2F%2Fwww.haaretz.com%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=308643667.1674986975&ga_sid=1674986977&ga_hid=1867126678&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40bcbfe7da4ee32f29799d9e42f241998bdbbd348be6efa22ca94bc1671a2a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9908
x-xss-protection
0
google-lineitem-id
5834576130
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138370577442
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8C11 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b0a9b8a6db2edd442ef5d273f1ca9362424cee6fa281f7342f9a40b9c87a65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11227
x-xss-protection
0
container.html
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71EF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:37 GMT
expires
Mon, 29 Jan 2024 10:09:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
translator
hbopenbid.pubmatic.com/ Frame 2075 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2075 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 2075 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8eb37484327ac3fc11e966a3358118042cafb3d3ed230be058997fb6de4c063b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
1286dab1-50dc-40f2-a4da-efd04393abb8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 2075 		94 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
402bf071369c5073816773184311e7a1e1f60f1d9d3b88f56ace6343051d31f3

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ Frame 2075 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 2075 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=76042938597&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
openrtb
adx.adform.net/adx/ Frame 2075 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ba2c514831ef4d774b5f5c52e743680637fcaf81c7b04de8f3f409b2b9573c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2075 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976857&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a93980aa-dbe6-49d1-a903-9c2c2523f2a0&l_pb_bid_id=166972f58eb5abc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.772035201573783
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2b6606f8d237bc49ca6a2627fe9cecd5c755eaf55c6bca6de4bfc81a73430dd1

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 597C 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976865&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d04c4a8a-48d8-4cee-a882-e72fdc808acf&l_pb_bid_id=2e268f269f55f2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4349195574174971
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1e774d7b181f3b3e64e3ec531eb89a2079dbaab197017903fca8779d170ae93e

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 597C 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame 597C 		138 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9e96bb43ae87ad1899961559986e416eaa68d54a7e2f856f075f15f5b84659d6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
a1c51828-adb7-4471-93a7-6eeecb1dd388
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 597C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4958e78cfee88461d58417c872607303100708465368c8788c70bd1425eb2ffb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bid
ap.lijit.com/rtb/ Frame 597C 		94 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a5df1cf1ffad7076b1f677a5d703eb4aea370c7272de245aed1a7c27554186b4

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
cdb
bidder.criteo.com/ Frame 597C 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=35819524196&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
translator
hbopenbid.pubmatic.com/ Frame 597C 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 597C 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
ap.lijit.com/rtb/ Frame 10DE 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
14e2f8424788792bc69bb4492f9a1e28ca0b75b2bf6756ae9b8c5c6276cd5bbb

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 29 Jan 2023 10:09:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://flashnetic.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
3829
translator
hbopenbid.pubmatic.com/ Frame 10DE 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 10DE 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://flashnetic.com
date
Sun, 29 Jan 2023 10:09:37 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 10DE 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=33013824250&lsavail=0
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://flashnetic.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame 10DE 		139 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bd39d870bd99043818bad9e53f9e200ead2f992f72572e0d484d4ca6241d0982
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:37 GMT
AN-X-Request-Uuid
35cc9549-23db-42e8-9431-25c09cf1b8af
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://flashnetic.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 10DE 		338 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,0715416ff27e6b216f5,1,,,&rf=haaretz.com&tg_i.page=https%3A%2F%2Fwww.haaretz.com%2F&tg_i.domain=haaretz.com&tg_i.pbadslot=adpn-adtag-1674986976871&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c9ac1348-f136-4ac0-8dfa-93deeb88d130&l_pb_bid_id=1295b6eb2dc5216&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18602761024110248
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d755d069841a5f5767edd909210c5bfe47b72e0c988caef65d528d02a8672b28

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
338
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame 10DE 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:36 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://flashnetic.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
openrtb
adx.adform.net/adx/ Frame 10DE 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f997a5991999ceaa06b3f5f69ea42b5e16341099fc2c1196e8613a7a9f607656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-589309-2&cid=308643667.1674986975&jid=2001299640&uid=Non-registered&gjid=169021458&_gid=898517137.1674986975&_u=aCDACAIIBAAAACAMI~&z=1873624869
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 29 Jan 2023 10:09:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 132D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=KEfFc34P3_2p2kxE36hBqEHMKAbl6Sq0382mdc6WCXSggZrdYGOX27kjpE4NLSXbFy7KW7q3n2m_vHA9ZKAQP3STM930GoHSzwLi7sy_kMH3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmu3IIOoep6yMmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
088de7aafcacb781e7791ca6be69980db693ce9bd15da0dc42e20ec236fddc94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1209
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 132D 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/adfscript/ Frame 4C98 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Bn6VM2oCxsg51t06qyI9E8fUWH9dCBhmVSQxYLjdcXR86rZqip8jpFAnoZODnFtPnwtfd7i5RE17g25inQv47f5ynACOQ6fzxZUzcacswCb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvsZ9FQCEu0KWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8cd8c979688a61701eda1ef4c62c597196b3e0a67ef5bb4bdf1e4484286c3634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1198
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 4C98 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/adfscript/ Frame E22B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=6hySndOYzXV4coIWq0Ij30UUlpnFeQ9GIl1g4qYaN_x-hVaaZsOAajZ9JNJrNRQTLusvVLiBAxEtkzkdWrwnlImcwVX0Z1GrK134J90EXUf3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtxiYBulCJV_WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a0bf73206e0baa6596bfb20b31596ca7bbc7e45eec0d156ead6114c58c69fd74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1199
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame E22B 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/adfscript/ Frame BB62 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=el6TqoVMDqaQ81uJqFUEJ9EDg8ZJj267s533c8jE2TJxAVMu2CimyDN9KlWqfrAlRFWnFQgCTWzLT9ZFjGAKORnyadsskJWGPazTzKGDhfb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmv23DoS8BcfZWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2058c1ec6b7af97da5812980f187d26ddb4553aa8f6f801b92b33270bbd1532a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1201
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame BB62 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/adfscript/ Frame 7D9E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=R0qCEcXgZSGr0rVivm2D1BUYhRx7PckzkDVDzr1H5PATL4sv7MaPJ32yRoDgrbSgAJz3NH10X-l7sA-Sn0DaSYPQoRaQ4OC2oLfmy-1Bh0D3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmto6vRPSvl1Q2vN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4UtzmZ0-tdyIVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
85a71d3c5d986562e96c26dff6859b3396daa46a0489c9979074bc9a0b430953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1194
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 7D9E 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-589309-2&cid=308643667.1674986975&jid=2001299640&_u=aCDACAIIBAAAACAMI~&z=562812922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-589309-2&cid=308643667.1674986975&jid=2001299640&_u=aCDACAIIBAAAACAMI~&z=562812922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 6099 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA-OZlGRxe_ZVVaZ8ePR4XNtLheqay1llpm98N3Gn0aQV4PGMD3VRZ1RSaEBrjl9QDcp7XzPCLi2Ou0vb079Q9W6VS0zlfUkMsb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG6wpNs2Bbz8eSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
855d8a40709f57c93feb15e9e8f7932c445b7706609f6c4a7ad1c40acef0d02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1211
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 6099 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8C11 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 10:09:37 GMT
/
track.adform.net/adfscript/ Frame 542B 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630085;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA868ZFdtcbZ3WRYKaLiWRppH1BUV9AfbcJtBko87Yj3qDZ9JNJrNRQT_Ci8c6NeuE29cb9qmGDUPhpTtXNQPkL4f-N2vfY4-K_3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG-lMBI-nx2Q3SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0095214404df62ba26bd04461b0cc9f22f4c173da0624f3d95b46ea166fb654a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1218
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 542B 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/adfscript/ Frame B2BB 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=TJ4qHFkmLj1AkEIJJJUTI_X4x1sMRkj1zJowLFLQMGaQ-b_OCCY5nxmhi8XDu_Q2YEgbFSUm7FjQ58YhiU6ORmM1t3vbpN5Wmy7awOBsN-r3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvNfLWJzBFV1mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
401814d771be610e537d3b10238d77a155cdbd415d6a45a9d1b7eea88e9d4b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1199
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame B2BB 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/adfscript/ Frame 385E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=ttNmYRvTsQsJ1-OR4g9ERk06L9Y-cBxBZzkRKjGHcnUMRxHO5mMb2H2yRoDgrbSgpjc10G7Kmas4Mkj2meSfaegXxum4OOJ9HBRufA185H73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmt_3tcI1TXPcmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ca81297ba1f3d04013307677de9785ec25333c2b94605b0e0c718717f11ee3c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1190
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame 385E 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame BB62 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=el6TqoVMDqaQ81uJqFUEJ9EDg8ZJj267s533c8jE2TJxAVMu2CimyDN9KlWqfrAlRFWnFQgCTWzLT9ZFjGAKORnyadsskJWGPazTzKGDhfb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmv23DoS8BcfZWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E22B 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=6hySndOYzXV4coIWq0Ij30UUlpnFeQ9GIl1g4qYaN_x-hVaaZsOAajZ9JNJrNRQTLusvVLiBAxEtkzkdWrwnlImcwVX0Z1GrK134J90EXUf3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtxiYBulCJV_WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 132D 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=KEfFc34P3_2p2kxE36hBqEHMKAbl6Sq0382mdc6WCXSggZrdYGOX27kjpE4NLSXbFy7KW7q3n2m_vHA9ZKAQP3STM930GoHSzwLi7sy_kMH3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmu3IIOoep6yMmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 4C98 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Bn6VM2oCxsg51t06qyI9E8fUWH9dCBhmVSQxYLjdcXR86rZqip8jpFAnoZODnFtPnwtfd7i5RE17g25inQv47f5ynACOQ6fzxZUzcacswCb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvsZ9FQCEu0KWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7D9E 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=R0qCEcXgZSGr0rVivm2D1BUYhRx7PckzkDVDzr1H5PATL4sv7MaPJ32yRoDgrbSgAJz3NH10X-l7sA-Sn0DaSYPQoRaQ4OC2oLfmy-1Bh0D3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmto6vRPSvl1Q2vN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4UtzmZ0-tdyIVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
/
track.adform.net/adfscript/ Frame E4BB 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=KEfFc34P3_22ad1Uggk9hbtVrnE_jI8EXDi0L1vFM7Bwq0N46A9q-n2yRoDgrbSgakqWrG6VDuVFiR_mffXpMj7MEewznp5CpuX5tiBFIIr3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGyaAJUm3st30SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c4bfefd063e4e59430170035e922af641811fda733fc0d2778768406244e0b68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1214
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame E4BB 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 6099 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA-OZlGRxe_ZVVaZ8ePR4XNtLheqay1llpm98N3Gn0aQV4PGMD3VRZ1RSaEBrjl9QDcp7XzPCLi2Ou0vb079Q9W6VS0zlfUkMsb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG6wpNs2Bbz8eSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 542B 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630085;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA868ZFdtcbZ3WRYKaLiWRppH1BUV9AfbcJtBko87Yj3qDZ9JNJrNRQT_Ci8c6NeuE29cb9qmGDUPhpTtXNQPkL4f-N2vfY4-K_3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG-lMBI-nx2Q3SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 385E 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=ttNmYRvTsQsJ1-OR4g9ERk06L9Y-cBxBZzkRKjGHcnUMRxHO5mMb2H2yRoDgrbSgpjc10G7Kmas4Mkj2meSfaegXxum4OOJ9HBRufA185H73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmt_3tcI1TXPcmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame B2BB 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=TJ4qHFkmLj1AkEIJJJUTI_X4x1sMRkj1zJowLFLQMGaQ-b_OCCY5nxmhi8XDu_Q2YEgbFSUm7FjQ58YhiU6ORmM1t3vbpN5Wmy7awOBsN-r3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvNfLWJzBFV1mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 679B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
176735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 Jan 2023 09:04:02 GMT
expires
Sat, 27 Jan 2024 09:04:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9935 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c0a1d4f175ecab8ed51ab16cb06cd3293585d91621aa9e209481cdda85872dcb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yPHlMb_z31KPe26Yc2YCmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-yPHlMb_z31KPe26Yc2YCmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:37 GMT
expires
Sun, 29 Jan 2023 10:09:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
track.adform.net/adfscript/ Frame C2CE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630083;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=MU7IUQdm5wjE20blOvQNU4mxdKVG9mrsLohEfus4DaUINmyFY-RjGTkgZx8X_JVdZi37GmJAymzahm91nSZcumBClvI0ezCjbkMck0Mvuy73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvH3ERse20J6mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RhXPb82H5B542u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpqgstM42TqYZevLjYNsmvQiTIBqHxIrXwAOAslM1ZGkKaPcCaci0xCuGqkjFeLmwA5JmoTa7zRbMWUxQEukv_zKvI4KNxgd24IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmvhGj9fvVQOgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4fd33a95b593471c14ee77e46f66e76fdd70ecc7d80b55469801f5e06eba55e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1190
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame C2CE 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
getInApps
haaretz.pushwoosh.com/json/1.3/ 		619 B
681 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://haaretz.pushwoosh.com/json/1.3/getInApps
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.239.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
r1-front-03.pushwoosh.com
Software
nginx /
Resource Hash
597ddec386b4e2925fc5b06dd76f07cbb2cf4e983bb4edeb07412325849b9dfe

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
/
track.adform.net/adfscript/ Frame E70A 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=dvkQKAjbaCWlyuPV62lcZ7f8aSVh93h8kdNP5TLyOe916tfM0I5iwZ7RJsIFLDe-iyCsrtm9C8Wz-IgZkihfZ74MoI_VEY_i7HpaGBtINBD3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGycjey6y2LQLSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLwWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt5PIT01uMPBKG1UJUGnkBP-mlM4KJ_TKgmZgatjjt92lwXCquw9okvDHjc_Dzju35snqtF7hupaXAu0ljbDkJevx9y3QenQiPjehQm65vSycg7kbTHoU3oLicB4jOuztTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ce6052b7b719b64f6e3c538ab2d3161322b529ca9ef2bf1ef67995af08a64814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1205
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame E70A 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
activeview
pagead2.googlesyndication.com/pcs/ Frame 39CD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWAegdaR-DbmeCu4JFIseTUeYd3souwPSGJI49nn7T2X8XyBW2Tm7eKEch-6vIM6DX_ZeHqiyxNmlTMg7gbMBF3JJkwbdLtLbJIAy5yVZnKgKjVwrf2hG1vr5HCnr5196GMYYAkA&sai=AMfl-YQH0BlexaDArqODul7rofvC9ltSyfSfvmxKtJagHEPs24C9VJcQYH7Z6gOzBb54C-KpUF_fcwjjLMZWlDHOIWo1oAuzZW6QoZEH3TIc6JPbr3KC1PeU3-8VKrI3L_LziEVqmFxZxatJ83tOy7g&sig=Cg0ArKJSzHdYtQ55wpGcEAE&cid=CAQSSwDUE5ym1fJV99was9QlcmtlCfu-Iajf4W9HazBHyLMLgxxH6nYrSIss7VaYHYlegTefUqQM6Tp0Cz7dujZLHDuLaxgVjfUOsVKQdhgBIBM&id=lidar2&mcvt=1001&p=322,1101,922,1401&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2533732038&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674986976111&rpt=417&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E4BB 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=KEfFc34P3_22ad1Uggk9hbtVrnE_jI8EXDi0L1vFM7Bwq0N46A9q-n2yRoDgrbSgakqWrG6VDuVFiR_mffXpMj7MEewznp5CpuX5tiBFIIr3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGyaAJUm3st30SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame C2CE 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630083;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=MU7IUQdm5wjE20blOvQNU4mxdKVG9mrsLohEfus4DaUINmyFY-RjGTkgZx8X_JVdZi37GmJAymzahm91nSZcumBClvI0ezCjbkMck0Mvuy73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvH3ERse20J6mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RhXPb82H5B542u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpqgstM42TqYZevLjYNsmvQiTIBqHxIrXwAOAslM1ZGkKaPcCaci0xCuGqkjFeLmwA5JmoTa7zRbMWUxQEukv_zKvI4KNxgd24IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmvhGj9fvVQOgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame E70A 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=dvkQKAjbaCWlyuPV62lcZ7f8aSVh93h8kdNP5TLyOe916tfM0I5iwZ7RJsIFLDe-iyCsrtm9C8Wz-IgZkihfZ74MoI_VEY_i7HpaGBtINBD3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGycjey6y2LQLSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLwWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt5PIT01uMPBKG1UJUGnkBP-mlM4KJ_TKgmZgatjjt92lwXCquw9okvDHjc_Dzju35snqtF7hupaXAu0ljbDkJevx9y3QenQiPjehQm65vSycg7kbTHoU3oLicB4jOuztTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
/
track.adform.net/adfscript/ Frame DCD5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=dvkQKAjbaCUvCJAB-Mxhn1SiNMMoYUaobwxlEYm_pC-xLviPj4guqZ7RJsIFLDe-ZVs0kxZjnYgXtvsmCCFVwB5RYftc5Gnsvc6hXD3OFw73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOms5hDAwaeLUxWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4fb03420e2ea8581228aa369542994c5caf65569ad09caff7d8f0b3275c349b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1190
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame DCD5 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
pagead2.googlesyndication.com/bg/ Frame 679B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CVWD2nJNUzbSofuWlZwBPxvQXb897jpMaT8Oq2Cr1NY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:24:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
254693
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14191
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Jan 2024 11:24:44 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame DCD5 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=dvkQKAjbaCUvCJAB-Mxhn1SiNMMoYUaobwxlEYm_pC-xLviPj4guqZ7RJsIFLDe-ZVs0kxZjnYgXtvsmCCFVwB5RYftc5Gnsvc6hXD3OFw73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOms5hDAwaeLUxWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9935 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=1624592090527482&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 679B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?c3Exjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
manifest.json
www.haaretz.com/ 		146 B
333 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.haaretz.com/manifest.json
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9e75413a117334abe05e20c2252839eda3bcca78731578df160248d2e5724add
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
age
1652594
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
4
x-origin-status
200, 200
content-length
124
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 07:54:12 GMT
server
istio-envoy
x-timer
S1674986978.752098,VS0,VE1
etag
W/"92-185769fa4a0"
x-download-options
noopen
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=8640000
accept-ranges
bytes
x-cache-hits
0, 9342, 15
/
track.adform.net/adfserve/ Frame 385E 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=ttNmYRvTsQsJ1-OR4g9ERk06L9Y-cBxBZzkRKjGHcnUMRxHO5mMb2H2yRoDgrbSgpjc10G7Kmas4Mkj2meSfaegXxum4OOJ9HBRufA185H73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmt_3tcI1TXPcmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;5766;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
59419c973ee1031873ab8c7c9ee0e161cf5855b5c9ee52832046b9b08e4a395f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3174
expires
-1
/
track.adform.net/adfserve/ Frame 7D9E 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=R0qCEcXgZSGr0rVivm2D1BUYhRx7PckzkDVDzr1H5PATL4sv7MaPJ32yRoDgrbSgAJz3NH10X-l7sA-Sn0DaSYPQoRaQ4OC2oLfmy-1Bh0D3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmto6vRPSvl1Q2vN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4UtzmZ0-tdyIVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;330;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
264791bf26603105daf8fb27b1c422c40d7dd3e992054b85da4fa86e75390ac3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3169
expires
-1
/
track.adform.net/adfserve/ Frame 4C98 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Bn6VM2oCxsg51t06qyI9E8fUWH9dCBhmVSQxYLjdcXR86rZqip8jpFAnoZODnFtPnwtfd7i5RE17g25inQv47f5ynACOQ6fzxZUzcacswCb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvsZ9FQCEu0KWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;6696;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a0e88bdb00fa5040f103e67411b1e74d851dffb96863f63aab44cfe095da3d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3176
expires
-1
/
track.adform.net/adfserve/ Frame 132D 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=KEfFc34P3_2p2kxE36hBqEHMKAbl6Sq0382mdc6WCXSggZrdYGOX27kjpE4NLSXbFy7KW7q3n2m_vHA9ZKAQP3STM930GoHSzwLi7sy_kMH3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmu3IIOoep6yMmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;2913;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
58e8f040b5696c3ed0586cc5772f2c7276aadd79c143977220c72a69b6c0661b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3187
expires
-1
/
track.adform.net/adfserve/ Frame B2BB 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=TJ4qHFkmLj1AkEIJJJUTI_X4x1sMRkj1zJowLFLQMGaQ-b_OCCY5nxmhi8XDu_Q2YEgbFSUm7FjQ58YhiU6ORmM1t3vbpN5Wmy7awOBsN-r3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvNfLWJzBFV1mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;61;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0bdf4384bfc235583257f1fd37d9595b3f2d982830c4d0a78398e1b953c68c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3172
expires
-1
/
track.adform.net/adfserve/ Frame 6099 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA-OZlGRxe_ZVVaZ8ePR4XNtLheqay1llpm98N3Gn0aQV4PGMD3VRZ1RSaEBrjl9QDcp7XzPCLi2Ou0vb079Q9W6VS0zlfUkMsb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG6wpNs2Bbz8eSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;3880;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cf9986dc3d170cbc26f80130277d4e368fb52d4f64f987218b28133aee5e29e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3238
expires
-1
/
track.adform.net/adfserve/ Frame 542B 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630085;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=E6tQbzBjLA868ZFdtcbZ3WRYKaLiWRppH1BUV9AfbcJtBko87Yj3qDZ9JNJrNRQT_Ci8c6NeuE29cb9qmGDUPhpTtXNQPkL4f-N2vfY4-K_3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG-lMBI-nx2Q3SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;1377;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d037e0646f33794cd1912e5f062a0f9d32eeaf28adda87a04ced3dc62c82ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3238
expires
-1
/
track.adform.net/adfserve/ Frame E4BB 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=KEfFc34P3_22ad1Uggk9hbtVrnE_jI8EXDi0L1vFM7Bwq0N46A9q-n2yRoDgrbSgakqWrG6VDuVFiR_mffXpMj7MEewznp5CpuX5tiBFIIr3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGyaAJUm3st30SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;8716;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
99dbc3df10969f59b93f56189db173677528aa2916f51261c03324086c0c46c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3243
expires
-1
/
track.adform.net/adfserve/ Frame BB62 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59630076;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=el6TqoVMDqaQ81uJqFUEJ9EDg8ZJj267s533c8jE2TJxAVMu2CimyDN9KlWqfrAlRFWnFQgCTWzLT9ZFjGAKORnyadsskJWGPazTzKGDhfb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmv23DoS8BcfZWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;2049;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
acf74a1a720d11cf904cb6916a2b869955080ceb9e5e8ffc8adaf9b34b991379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3184
expires
-1
/
track.adform.net/adfserve/ Frame E22B 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=59630082;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=6hySndOYzXV4coIWq0Ij30UUlpnFeQ9GIl1g4qYaN_x-hVaaZsOAajZ9JNJrNRQTLusvVLiBAxEtkzkdWrwnlImcwVX0Z1GrK134J90EXUf3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtxiYBulCJV_WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;787;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a973a6a91cc085714f1d4c778543c2d9fc6393b7c73ae953e3eaa5d5a61f32cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3182
expires
-1
/
track.adform.net/adfserve/ Frame C2CE 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630083;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=MU7IUQdm5wjE20blOvQNU4mxdKVG9mrsLohEfus4DaUINmyFY-RjGTkgZx8X_JVdZi37GmJAymzahm91nSZcumBClvI0ezCjbkMck0Mvuy73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvH3ERse20J6mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=RhXPb82H5B542u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpqgstM42TqYZevLjYNsmvQiTIBqHxIrXwAOAslM1ZGkKaPcCaci0xCuGqkjFeLmwA5JmoTa7zRbMWUxQEukv_zKvI4KNxgd24IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmvhGj9fvVQOgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;7084;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94a4976f6f6777b423316d4baa0a2d635d59e3241c1ca3ec8a97b500f3801d24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3162
expires
-1
/
track.adform.net/adfserve/ Frame E70A 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630082;rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0;rtbdata=dvkQKAjbaCWlyuPV62lcZ7f8aSVh93h8kdNP5TLyOe916tfM0I5iwZ7RJsIFLDe-iyCsrtm9C8Wz-IgZkihfZ74MoI_VEY_i7HpaGBtINBD3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGycjey6y2LQLSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLwWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt5PIT01uMPBKG1UJUGnkBP-mlM4KJ_TKgmZgatjjt92lwXCquw9okvDHjc_Dzju35snqtF7hupaXAu0ljbDkJevx9y3QenQiPjehQm65vSycg7kbTHoU3oLicB4jOuztTdTwnSr-FYyA2;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=12x;2818;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
323aa089a2fb24191e17a1773addd37951d9fd30e42fcf1d52d634b62c4fc570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3232
expires
-1
/
track.adform.net/adfserve/ Frame DCD5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=dvkQKAjbaCUvCJAB-Mxhn1SiNMMoYUaobwxlEYm_pC-xLviPj4guqZ7RJsIFLDe-ZVs0kxZjnYgXtvsmCCFVwB5RYftc5Gnsvc6hXD3OFw73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOms5hDAwaeLUxWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;8892;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
046581e2aa5d22f7f8b909b6e4796e99297e8068d10f3c58e95a77b818eac8ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3166
expires
-1
container.html
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:37 GMT
expires
Mon, 29 Jan 2024 10:09:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 385E 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 7D9E 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 4C98 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Jan 2023 10:09:37 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 132D 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame B2BB 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 6099 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 542B 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame E4BB 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame BB62 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame E22B 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
/
track.adform.net/csimpr/ Frame 7D9E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=bVPYPVPQbHVNqvMQIw5TC-cGr7XvVvxddj92VK9RUz3rygPkIxxfk70lidH4-gmQbVfkUwPsUxMbbBdFbklunmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 534F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU8KEopNXgUdUfFAesF2ELlOdoLtfEpuhV277pqQWo4g83AeNc7IoLXCS5Xdc3l8curhw34mwrcBFUpbZhTpdmrmGEP-ucfRC3npuVKjiGDfLZauyH&sig=Cg0ArKJSzJgE5WYdkn-PEAE&id=lidar2&mcvt=1011&p=245,315,495,1285&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230125&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1110902944&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674986976608&rpt=313&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/csimpr/ Frame 385E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=CIeyj1cHik1K8TonmlUuwf42N4ohD-Ladj92VK9RUz3rygPkIxxfkzqEpovxh8VDp90_OpCyzjJ2Qv178yKM1WQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame 4C98 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630076&csi=rgWwNAt7nJ-i4oDB5oHuXn7UHlgoyVNAdj92VK9RUz3rygPkIxxfkwgnHMcYnP38KxYXbI3QjNgs0yC4Pih6sGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame 132D 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630076&csi=z15sM8L9szrH5gXb0fRkUsLnXEwu4orKdj92VK9RUz3rygPkIxxfkwyTGV_7JPn_pPptG9d8IBuZw2ygGQK0xGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame B2BB 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=A60C6JlqtRxUHat5mIRodmtjonUpQ1D1dj92VK9RUz3rygPkIxxfk4Sx0-AALneWeyapoP80Q2cMDMxFWUrMumQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame 6099 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=EzdtvXAgMFbiNeq49TlNuHaRRw5YoGkqdj92VK9RUz3rygPkIxxfk5jS8ts5X_ydGOTtfOmFo7NMMBP0NrZoDGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame 6527 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/csimpr/ Frame 542B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630085&csi=EzdtvXAgMFauWI_WOqA79_dfVu4YwfHzz530es7IXBzrygPkIxxfkzvsZrMQqPcCWxNbmLchJb1MMBP0NrZoDGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame BB62 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630076&csi=eWdcFkUaGaHoffDtuT2HN2J5zZMLQA_Wdj92VK9RUz3rygPkIxxfk1Vupwt1W3oOscxZUzMqa9PFGWWcRGB7hmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame E4BB 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=EzdtvXAgMFY8JUcYwqyn4wG7F-nlOa86dj92VK9RUz3rygPkIxxfk62TgJtYnJ7avqDmAb3ThRJMMBP0NrZoDGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B2AB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 09:55:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 29 Jan 2024 09:55:14 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame B2AB 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 29 Jan 2023 10:09:38 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
13494
x-jsd-version
1.15.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8852
x-served-by
cache-fra-eddf8230118-FRA, cache-hhn-etou8220060-HHN
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2AB 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 29 Jan 2023 10:09:38 GMT
/
track.adform.net/csimpr/ Frame E22B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=HfJ0VIYvJ4Eyo0A2Rco-c83YjzokJrr8dj92VK9RUz0JDwKV3Zer3DqEpovxh8VDDh0cC2LXdqB0-u-fcVOTkmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame EBDB 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028367.js
s1.adform.net/Banners/Elements/Files/2139281/12028367/ Frame 943D 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/12028367.js?ADFassetID=12028367&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
594004dc5d6291c70e8914ce964da794000434722f2e0fee15a4883d427908f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:37 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000817698589c3fa36b-0063c2732d-329354d9-default
etag
W/"59e913bcfb71a5c7a1a1f001596dec51"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028367.js
s1.adform.net/Banners/Elements/Files/2139281/12028367/ Frame F536 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/12028367.js?ADFassetID=12028367&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
594004dc5d6291c70e8914ce964da794000434722f2e0fee15a4883d427908f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000817698589c3fa36b-0063c2732d-329354d9-default
etag
W/"59e913bcfb71a5c7a1a1f001596dec51"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame 360D 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame C2CE 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame 8AB4 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame E70A 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame DCD5 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 6527 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame 6527 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6527 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xduryiwoa&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
12028468.js
s1.adform.net/Banners/Elements/Files/2139281/12028468/ Frame 0BBD 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/12028468.js?ADFassetID=12028468&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx0000039a53a4a3697b776-0063c276d0-3294539b-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028367.js
s1.adform.net/Banners/Elements/Files/2139281/12028367/ Frame BB0A 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/12028367.js?ADFassetID=12028367&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
594004dc5d6291c70e8914ce964da794000434722f2e0fee15a4883d427908f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000817698589c3fa36b-0063c2732d-329354d9-default
etag
W/"59e913bcfb71a5c7a1a1f001596dec51"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame 6D3E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame AB6A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
syncframe
gum.criteo.com/ Frame 1AF8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.haaretz.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:38 GMT
server
Kestrel
server-processing-duration-in-ticks
341742
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Jan 2023 10:09:38 GMT
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame EBDB 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 943D 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
720e6734738fea7b4b79adcbc3695c65900bb641beaddb782e3b6b34968a7af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000b729ea53e5098159-00639a5edc-32941e2b-default
etag
"480742c07b9d2f3741c763f28dea94b4"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11637
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx000003c1b8ae07807c758-00639a5edc-3293868f-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000c3cc150687c3c0b4-00639a5edc-32940f80-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000a2a86922327d7ddc-00639a5edc-3293868f-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000a221ac6818f7c18e-006385b29c-329373d4-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
baafeacd76400ebae26216f5074d4550323b3a87ef0b2b6082940f6d3f384337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx000009e11f1fce006d7d0-00639a5edd-3293868f-default
etag
"bd664b450e25cdb7d9a541b65e3e4a33"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1338
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e48a999f03dce64c087166073f303222e6646335b043dcc34c1ce9d165f215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx0000021bca1af4743ef7c-00639a5edd-32941e2b-default
etag
"b2f57526cf520988e31bef736a1d157c"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7416
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2dd54c72240602e1dfc5a6f9bbb66be993ad90e372aa9db60fd5c7cd9bd913f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000319a410845dedc22-00639a5edd-3293868f-default
etag
"828a0d70c3c22bb6cabf8c640efcd764"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6704
/
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/ Frame 943D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06ce7317a9b4e61983328622df39b324d8297fb70fb08159b1cc13cc850b29ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000811a0d95a67dbdae-00639a5edd-32941e2b-default
etag
"2ae2c66e864e24992cfb089e6892f23f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1739
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame 943D 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=axnqhnyjm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000ca5dfed3989543b3-00639a5edd-32940f80-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame EBDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame EBDB 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=otokuawo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
view
securepubads.g.doubleclick.net/pcs/ Frame B2AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstftBP-YA8XgBH1J8XpONBqePyM-4MZ2ttsplUl73oSC_PpdRlkAHVO7K3GdeC4BaAhM6UWpbkC68OHSGbUCgoVIpHp32etKVLKG6x6yBmcXsFujHjGewYd4ovn9m0m5xbiygc6Qo8ywfAXnDhSFj57mdYQYSrQwU-Tzs9AKWgHoxlRTJesOmoXszwnOiEWrWn2OqQl5qwGw51ovv3xaJGecFj7N-AW3tvnZmpSqYQfoTiyUNCPRGssOe8Ti0R8isB-sFLwP7PKhubPO0rtU95MiDyUSeyY6PXHkt1tlvozZ84qhmkXjZJ_yZXZrVW0NY2BWA0L9Mo6NtmlrGrhaQzKEK_zB6I&sai=AMfl-YSZF5fChx6INDzY0RuwL8V3lKKdmZU9XPucw4IOtFbazD9MxyorILsDQDys-X9FppDkd3Nmu6Mv5tWQJ0MZQRJJAyeORcC2aVrHOP1nPav8hyWsCK5KksGfBAcb_B9WiA&sig=Cg0ArKJSzChXqq6oGPlCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
720e6734738fea7b4b79adcbc3695c65900bb641beaddb782e3b6b34968a7af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000b729ea53e5098159-00639a5edc-32941e2b-default
etag
"480742c07b9d2f3741c763f28dea94b4"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11637
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx000003c1b8ae07807c758-00639a5edc-3293868f-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000c3cc150687c3c0b4-00639a5edc-32940f80-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000a2a86922327d7ddc-00639a5edc-3293868f-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000a221ac6818f7c18e-006385b29c-329373d4-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame F536 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 360D 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 8AB4 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame 8AB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 8AB4 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdduqb&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
baafeacd76400ebae26216f5074d4550323b3a87ef0b2b6082940f6d3f384337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx000009e11f1fce006d7d0-00639a5edd-3293868f-default
etag
"bd664b450e25cdb7d9a541b65e3e4a33"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1338
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e48a999f03dce64c087166073f303222e6646335b043dcc34c1ce9d165f215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx0000021bca1af4743ef7c-00639a5edd-32941e2b-default
etag
"b2f57526cf520988e31bef736a1d157c"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7416
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2dd54c72240602e1dfc5a6f9bbb66be993ad90e372aa9db60fd5c7cd9bd913f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000319a410845dedc22-00639a5edd-3293868f-default
etag
"828a0d70c3c22bb6cabf8c640efcd764"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6704
/
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/ Frame F536 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06ce7317a9b4e61983328622df39b324d8297fb70fb08159b1cc13cc850b29ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000811a0d95a67dbdae-00639a5edd-32941e2b-default
etag
"2ae2c66e864e24992cfb089e6892f23f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1739
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame F536 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xllnntcbo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000ca5dfed3989543b3-00639a5edd-32940f80-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame 360D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 360D 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xsdmilk&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
truncated
/ Frame B2AB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afa10a7a9628c24645776e5d7273bc2dcbc73716ec7484a72dbe66e0f2b1c926

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B2AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxpK9Lbxg4nHDyId2OC_TJxiqsLwYgY745jyoIAgxEKBfPnCpWpdvHJweLxn3kiVXagYe37N-S5VxQZl1F-HtPEEXN7kAFlPZ1eCCTccbGziGhBcfqA1Hovl9ngAcyBrQynOn-h9Z2X4luONeOZe6eTNBAxgBnh-rG9XQG4KCHivbCa8ISMSB0VJ0HUZavJIZ0l8AHXTRISlLDuT4DH-J-2L6WU54tNU6VTVIlsTp69PhEpnkKdt2a5v2btLajjee63-s5RP_7CBgJX0_CObG7ojfBpygNSzVOk3VFnw9CVQ_TwpOK8isFt6bKC2ayBIYiCXmtoMIAn4AORaIAHaVARtSGHHFjnw&sai=AMfl-YRP3Q0OzmDHeVAVHjlCzBD_89vP8eGLLWrdMi0aX7UxFlI74IKbksNzMPuKbLhcXwN2HtZ9wLP3vCp79ENmqzmjk3C0B7nSX07nQ3GPLgFabqsMM_Mx9le5j-gwMFD3OQ&sig=Cg0ArKJSzJQTgQidceUDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 29 Jan 2023 10:09:38 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 0BBD 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000006d759e86d420a08b-006385b2a0-32941e2b-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000007779077ef7d3ea80-006385b2a0-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000009058486fe6989ffa-006385b2a0-3293aae9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		242 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000007eee00c0fb30c53a-006385b2a0-3293aae9-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000acbf46acd077b364-006385b2a0-3293868f-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
720e6734738fea7b4b79adcbc3695c65900bb641beaddb782e3b6b34968a7af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000b729ea53e5098159-00639a5edc-32941e2b-default
etag
"480742c07b9d2f3741c763f28dea94b4"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11637
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx000003c1b8ae07807c758-00639a5edc-3293868f-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000c3cc150687c3c0b4-00639a5edc-32940f80-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000a2a86922327d7ddc-00639a5edc-3293868f-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000a221ac6818f7c18e-006385b29c-329373d4-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame BB0A 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 6D3E 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame AB6A 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
/
track.adform.net/csimpr/ Frame C2CE 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630083&csi=eWdcFkUaGaHTayM6jS3uz46AHQceAGOSz530es7IXBwJDwKV3Zer3AgnHMcYnP38cHnakrk6B9bFGWWcRGB7hmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame E70A 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630082&csi=6OmNIih76mzopXfRHPRuyVFJsdpR1CCwdj92VK9RUz0JDwKV3Zer3AgnHMcYnP38A9Pq4SiEGYwZ_2vpFt_IHmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/csimpr/ Frame DCD5 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630085&csi=db3AWovZtKpfPoWS4UT6KkYprR2ywu69z530es7IXBwJDwKV3Zer3AgnHMcYnP38IjZwVzXWWoCgVRigBpq7wWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
baafeacd76400ebae26216f5074d4550323b3a87ef0b2b6082940f6d3f384337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx000009e11f1fce006d7d0-00639a5edd-3293868f-default
etag
"bd664b450e25cdb7d9a541b65e3e4a33"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1338
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e48a999f03dce64c087166073f303222e6646335b043dcc34c1ce9d165f215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx0000021bca1af4743ef7c-00639a5edd-32941e2b-default
etag
"b2f57526cf520988e31bef736a1d157c"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7416
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2dd54c72240602e1dfc5a6f9bbb66be993ad90e372aa9db60fd5c7cd9bd913f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000319a410845dedc22-00639a5edd-3293868f-default
etag
"828a0d70c3c22bb6cabf8c640efcd764"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6704
/
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/ Frame BB0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06ce7317a9b4e61983328622df39b324d8297fb70fb08159b1cc13cc850b29ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000811a0d95a67dbdae-00639a5edd-32941e2b-default
etag
"2ae2c66e864e24992cfb089e6892f23f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1739
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ Frame BB0A 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/img/Himmlische_Wolke/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rptdupuyt&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:43 GMT
server
nginx
x-amz-request-id
tx00000ca5dfed3989543b3-00639a5edd-32940f80-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame AB6A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame AB6A 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gizukhi&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000003cc9b1d1484c5cb5-006385b2a0-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000c8bb402ad7f9aa2b-006385b2a0-329354d9-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000d71022b8ec722190-006385b2a0-329373d4-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/ Frame 0BBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000b08778a1d9e68717-006385b2a0-32940f80-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 0BBD 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=fjjqmjuo&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000182403b0e84cfe93-006385b2a0-329373d4-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame 6D3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 6D3E 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=mscan&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
/
track.adform.net/adfscript/ Frame D287 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Y7sXdZWOOc-y-yYISIhT-NepH-BX7xFVKUQyX4mcy-f8O_sepBdvW4PGMD3VRZ1RNJywlYy5N0yAuZqLnPuhAfIg5q7ksRWJCe01aC2JKRz3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtoPNaBVlAH6WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nw8TqPNK39h42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoJypMNfmJ11AnScHVW1UpFBhshin1xY2oe-vCcGUlBWernErcjg8aOnOxeW9oy3SpTPmWtY17c9IAXrmyBbGfvaUkAojYxy78IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmoUYtfk_03iQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
df6fe8fc1cef6ed4f06c418890c7615a1afd328e69cb32e286380290bc59d14f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1238
expires
-1
adx.js
s1.adform.net/banners/scripts/ Frame D287 		59 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/adx.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 11:50:07 GMT
server
nginx
x-amz-request-id
tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
etag
W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028501.js
s1.adform.net/Banners/Elements/Files/2139281/12028501/ Frame 6A55 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/12028501.js?ADFassetID=12028501&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
594004dc5d6291c70e8914ce964da794000434722f2e0fee15a4883d427908f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx000000cb28b0108bdfff6-0063c276f7-3294536e-default
etag
W/"59e913bcfb71a5c7a1a1f001596dec51"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028361.js
s1.adform.net/Banners/Elements/Files/2139281/12028361/ Frame 54A7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/12028361.js?ADFassetID=12028361&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c45529e65512285b-0063c27447-3294536e-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
12028468.js
s1.adform.net/Banners/Elements/Files/2139281/12028468/ Frame 8874 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/12028468.js?ADFassetID=12028468&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx0000039a53a4a3697b776-0063c276d0-3294539b-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sodar
pagead2.googlesyndication.com/pagead/ Frame 8C11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=1624592090527482&bg=!YWKlYibNAAZSrDxfcqw7ACkAdvg8WvdF559Ju2aKoDE1xOKM8mvVp20nL5AGXl4nLXvXjgj9lTMf6wIAAABfUgAAAANoAQeZAsintRY0ZhCCTpA43tE7AEoaHaqnD76rQwjABxxeoVHBRrObCU3p_cZ9NUtAoK7th5hYrmO95xh2dBf74UmUPpTWwwHE6IMgXDGOijkY1DgLvwh4GuRLheO13guH8FbGWyRNPDtZT1bVNJakqag0iRYPM1NuSbIakfSKuql8aSza1RMgwcVXsCyyhUw2hjczvP-YCXh0MqWtdeqeLGeamFoF8DhWPeE1phexQsa4D60nXYQJPkZc503NGXDk7oPpk6OsevamZdkDCpmaDuEvAU9OhpiQWLdPn6Dr_xAYbm9ehiYAoRkpMTi-awX89FyXasXJ9kOugHNZk6q9bbGkXVAQyqMKH6NUOsSmQkucEDYbgKHiV-0Qf8gZeqJK5NJWl7uXNl2tbCqhhArr1WrUzQMh7HQxP9cEw-peuIeSUcXjIhId7kY7yjW5BQ6mB5k52TvE701IuvtVYd5sKiTDtHRbbMCDOAH5u4AMNU7v49BHDQBMtWE9kEip-nIiEhTpqdOuduSSibtM5uR8AKhTAVJm1ua7juGsBuRXEoDaD9ra0R5KTKi-4Q5Zbh7vAuCclQ6vewSYQno9VKjx7jqsmSvl--9NiTpZqivQd8vmdmLWreMt9OXXJ1fizcLlcOCRNZ6ckfswTtpEyv2OLUpqZJzCMPpXNVLre12y_YJ_EL_eO1XTH7duXEycTCJml7-S56_Otn9E3vBKSMccvkUOfC9HByYfFJRWTcJ1HVIyZNog32xScW0CeJ3hZ4uNMXt2kZUdbHB0TfoOFXiLbK6umdgArAb-mCFiDpA6WpSaOd6aA_sv_Cpl8sFBkaNAyCBIyKObOuh09BV7mneVrWbQXfEDHI-I4V_A--D3BIilqoE0SfqWkfZeknJdAcEFgrqT0sDxfOTG7u2YKj2utT4nDyZoAVemv8Mxgwc8DwmtecCFwwohZwGwc0Kp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame D287 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Y7sXdZWOOc-y-yYISIhT-NepH-BX7xFVKUQyX4mcy-f8O_sepBdvW4PGMD3VRZ1RNJywlYy5N0yAuZqLnPuhAfIg5q7ksRWJCe01aC2JKRz3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtoPNaBVlAH6WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nw8TqPNK39h42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoJypMNfmJ11AnScHVW1UpFBhshin1xY2oe-vCcGUlBWernErcjg8aOnOxeW9oy3SpTPmWtY17c9IAXrmyBbGfvaUkAojYxy78IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmoUYtfk_03iQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:51 GMT
sid
mug.criteo.com/ Frame 1AF8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=haaretz.com&sn=ChromeSyncframe&so=0&topUrl=www.haaretz.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_D7CzXxWQXJHZFA4b0JHeFRXa2dyM2JPL3kzbUlEdzNqd0NzM2YxNzZFdDJMQlM4SC83NGZBdTZLb2xPQ2VFOW5MOTFLeTRqV2ZLcVlhQVBMbWxVbnJaalpDSW9zd0hKUCtYYWFGb2FYT1ljZGxmT2IvU1hxR1Z5OWFrYn...
428 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_D7CzXxWQXJHZFA4b0JHeFRXa2dyM2JPL3kzbUlEdzNqd0NzM2YxNzZFdDJMQlM4SC83NGZBdTZLb2xPQ2VFOW5MOTFLeTRqV2ZLcVlhQVBMbWxVbnJaalpDSW9zd0hKUCtYYWFGb2FYT1ljZGxmT2IvU1hxR1Z5OWFrYnI4YmxHN3pldzVRTUEzUnlIZlZsS3VqR3ZIeHJVNmN5SC9RMWE1VWFvRllKNVZLQ1AvOUl5bGFOMGgwNVdHVUxZNUxra1BUWS90MWkyL1B3VnhmcHNhVGFrampRY011eUdOQ0U2YmFSQnV4MkZsNENOVE1aM01EelNXNEhWK244bzh1WFJUYjZOYjBWQ2w3V1FpbVQxZVI5TDcvR3BMZz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f8a9216dce52da33787336e04428b88ca38072d82a71855eceebf964faa8ce48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2103563
expires
0

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_D7CzXxWQXJHZFA4b0JHeFRXa2dyM2JPL3kzbUlEdzNqd0NzM2YxNzZFdDJMQlM4SC83NGZBdTZLb2xPQ2VFOW5MOTFLeTRqV2ZLcVlhQVBMbWxVbnJaalpDSW9zd0hKUCtYYWFGb2FYT1ljZGxmT2IvU1hxR1Z5OWFrYnI4YmxHN3pldzVRTUEzUnlIZlZsS3VqR3ZIeHJVNmN5SC9RMWE1VWFvRllKNVZLQ1AvOUl5bGFOMGgwNVdHVUxZNUxra1BUWS90MWkyL1B3VnhmcHNhVGFrampRY011eUdOQ0U2YmFSQnV4MkZsNENOVE1aM01EelNXNEhWK244bzh1WFJUYjZOYjBWQ2w3V1FpbVQxZVI5TDcvR3BMZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
659025
content-length
0
expires
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.haaretz.com%2F&domain=www.haaretz.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=StyMtXxXU293UU1NNFBVOGJlamVzTHdMbEF1WHB0TVR0b0pJVGMxcVJPdm4yV0RIMy96YjJRa3dNQ2dsK0IwRFBZZUZhcnFXeXJLRFlQVWdCMVJpZlJyTW1NNk5aakNsbkFMOVhDRE5EQjlaVDNMNnI2TGVUMXUzVy9xdC...
423 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=StyMtXxXU293UU1NNFBVOGJlamVzTHdMbEF1WHB0TVR0b0pJVGMxcVJPdm4yV0RIMy96YjJRa3dNQ2dsK0IwRFBZZUZhcnFXeXJLRFlQVWdCMVJpZlJyTW1NNk5aakNsbkFMOVhDRE5EQjlaVDNMNnI2TGVUMXUzVy9xdC9EWFJNYTNnMTl1dDA4dEl2YkRLL2NsZHc1UVlOTXk5aFdCL0VNeHRhL2hybTQ5VmFqRHF5NXBNQ25SRVJrOTREUXA3MVZiTFNhSkJidzFGb29sUjBncmFoN1VkNXdERW0yZUE3alBhU0hQTnRIaW1MQ0pqMzVnNUR0SlpRWk1BczJ3dnFuK2pzeU5IVGJpdVlJRU84Q2UyYnV3UVJ5bzZDRmZNODdLQWMxS3hzK0M0NnQvST18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec00a35bf6c16bffa32bbccc9f9d8f2dbe6b625fa9360a519887484d7b17b9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2716406
expires
0

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=StyMtXxXU293UU1NNFBVOGJlamVzTHdMbEF1WHB0TVR0b0pJVGMxcVJPdm4yV0RIMy96YjJRa3dNQ2dsK0IwRFBZZUZhcnFXeXJLRFlQVWdCMVJpZlJyTW1NNk5aakNsbkFMOVhDRE5EQjlaVDNMNnI2TGVUMXUzVy9xdC9EWFJNYTNnMTl1dDA4dEl2YkRLL2NsZHc1UVlOTXk5aFdCL0VNeHRhL2hybTQ5VmFqRHF5NXBNQ25SRVJrOTREUXA3MVZiTFNhSkJidzFGb29sUjBncmFoN1VkNXdERW0yZUE3alBhU0hQTnRIaW1MQ0pqMzVnNUR0SlpRWk1BczJ3dnFuK2pzeU5IVGJpdVlJRU84Q2UyYnV3UVJ5bzZDRmZNODdLQWMxS3hzK0M0NnQvST18&cppv=2
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
581386
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.haaretz.com%2F&domain=www.haaretz.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.haaretz.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.haaretz.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 29 Jan 2023 10:09:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
396914
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame FD97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1674986975197
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 413D 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 29 Jan 2023 10:09:38 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
csync.smilewanted.com/ Frame F126 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9241d11c643bd4b3a39008e3e7b28635f89e79bb48cccce0dbfb20d8bedd9eb9

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c67292a9944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:38 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9615 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:38 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:40 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6AFE 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:38 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0131 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25216
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:38 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 4551 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/haaretzcom-prod.js?timestamp=1674950400000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 29 Jan 2023 10:09:38 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 6A55 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
720e6734738fea7b4b79adcbc3695c65900bb641beaddb782e3b6b34968a7af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx00000bfbe4980cca11428-006385b2a6-3293aae9-default
etag
"480742c07b9d2f3741c763f28dea94b4"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11637
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx000001da29e3447f6f8b9-006385b2a6-3293868f-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx00000eeb284f7d9a91eaa-006385b2a6-329373d4-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx00000c518c57126354052-006385b2a6-329373d4-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx0000040e64e781cbb5fda-006385b2a6-329373d4-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000e747dc88a0a35853-00639a5f6e-32940f80-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000404cb6cb57b8003a-00639a5f6e-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000004aa4a847d5d282-00639a5f6e-329354d9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		242 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec453b0d393e7d3e-00639a5f6e-32940f80-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000ec1a1f4a1d93adb4-00639a5f6e-3293aae9-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 54A7 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000006d759e86d420a08b-006385b2a0-32941e2b-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000007779077ef7d3ea80-006385b2a0-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000009058486fe6989ffa-006385b2a0-3293aae9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		242 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000007eee00c0fb30c53a-006385b2a0-3293aae9-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000acbf46acd077b364-006385b2a0-3293868f-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 8874 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000003cc9b1d1484c5cb5-006385b2a0-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000c8bb402ad7f9aa2b-006385b2a0-329354d9-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000d71022b8ec722190-006385b2a0-329373d4-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/ Frame 8874 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000b08778a1d9e68717-006385b2a0-32940f80-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame 8874 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nzhpl&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000182403b0e84cfe93-006385b2a0-329373d4-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000c08fe9414df905cb-00639a5f6e-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx000004716170f5a30a6d8-00639a5f6e-3293868f-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000690c4a24a77fd00b-00639a5f6e-3293868f-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/ Frame 54A7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000098af95ddfc77a9c-00639a5f6e-3293aae9-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ Frame 54A7 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/img/Linera/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wlqctpvzm&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:08:05 GMT
server
nginx
x-amz-request-id
tx00000bd42050d7dae2db8-00639a5f6e-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Headline1.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
baafeacd76400ebae26216f5074d4550323b3a87ef0b2b6082940f6d3f384337

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx0000057a1f949b7644de0-006385b2a6-3293868f-default
etag
"bd664b450e25cdb7d9a541b65e3e4a33"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1338
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Picture_2.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e48a999f03dce64c087166073f303222e6646335b043dcc34c1ce9d165f215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx00000737715925077f287-006385b2a6-3293aae9-default
etag
"b2f57526cf520988e31bef736a1d157c"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7416
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Picture_3.jpg
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2dd54c72240602e1dfc5a6f9bbb66be993ad90e372aa9db60fd5c7cd9bd913f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx0000006701f20bc56e925-006385b2a6-3293868f-default
etag
"828a0d70c3c22bb6cabf8c640efcd764"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6704
/
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/ Frame 6A55 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/Headline2.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06ce7317a9b4e61983328622df39b324d8297fb70fb08159b1cc13cc850b29ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx0000045fe99f48461ec91-006385b2a6-32940f80-default
etag
"2ae2c66e864e24992cfb089e6892f23f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1739
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ Frame 6A55 		679 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/img/Himmlische_Wolke/ctaText.png
Requested by
Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ksxynodg&e=1542649891130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flashnetic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:17:37 GMT
server
nginx
x-amz-request-id
tx000000c052e25201c93ac-006385b29b-32941e2b-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
/
track.adform.net/adfserve/ Frame D287 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=59630085;rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0;rtbdata=Y7sXdZWOOc-y-yYISIhT-NepH-BX7xFVKUQyX4mcy-f8O_sepBdvW4PGMD3VRZ1RNJywlYy5N0yAuZqLnPuhAfIg5q7ksRWJCe01aC2JKRz3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtoPNaBVlAH6WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=nw8TqPNK39h42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoJypMNfmJ11AnScHVW1UpFBhshin1xY2oe-vCcGUlBWernErcjg8aOnOxeW9oy3SpTPmWtY17c9IAXrmyBbGfvaUkAojYxy78IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmoUYtfk_03iQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;6551;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fwww.haaretz.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
edb58520bede4ba2b6b266b107a876e86028251122cf4c8b5dfc24663221fbf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3154
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 0131 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=13587723&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1db2c70b1ad93bf50fa01cfc22564dd1b705758b5ac283d4b6cbb900011ded5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame F126 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
818782
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
79112c67ca4d9944-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame 6AFE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42865
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame D287 		90 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 17:23:33 GMT
bounce
ib.adnxs.com/ Frame 9615
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:38 GMT
AN-X-Request-Uuid
f7f4e5d0-8941-4481-ab9a-e38172801f9a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:38 GMT
AN-X-Request-Uuid
2d45658f-def0-49df-9050-3996bce295c4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=StyMtXxXU293UU1NNFBVOGJlamVzTHdMbEF1WHB0TVR0b0pJVGMxcVJPdm4yV0RIMy96YjJRa3dNQ2dsK0IwRFBZZUZhcnFXeXJLRFlQVWdCMVJpZlJyTW1NNk5aakNsbkFMOVhDRE5EQjlaVDNMNnI2TGVUMXUzVy9xdC9EWFJNYTNnMTl1dDA4dEl2YkRLL2NsZHc1UVlOTXk5aFdCL0VNeHRhL2hybTQ5VmFqRHF5NXBNQ25SRVJrOTREUXA3MVZiTFNhSkJidzFGb29sUjBncmFoN1VkNXdERW0yZUE3alBhU0hQTnRIaW1MQ0pqMzVnNUR0SlpRWk1BczJ3dnFuK2pzeU5IVGJpdVlJRU84Q2UyYnV3UVJ5bzZDRmZNODdLQWMxS3hzK0M0NnQvST18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 29 Jan 2023 10:09:38 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
248666
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 935D 		0
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c688b8d9944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:38 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame ADC3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 29 Jan 2023 10:09:38 GMT
X-Sovrn-Pod
ad_ap4ams1
match
c1.adform.net/serving/cookie/ Frame 6923 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 29 Jan 2023 10:09:38 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E22B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fba963d6-45e2-4700-82bd-12220325eb1c&gdpr=0&gdpr_consent=
42 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fba963d6-45e2-4700-82bd-12220325eb1c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 29 Jan 2023 10:09:38 GMT
Expires
Sun, 29 Jan 2023 10:09:37 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 404 ce67235 master cdg-pixel-x32 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fba963d6-45e2-4700-82bd-12220325eb1c&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E034
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123563109499086153
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123563109499086153
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5123563109499086153
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3144
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:38 GMT
expires
Sun, 29 Jan 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1997442
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 3816
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj
42 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 29 Jan 2023 10:09:38 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2E0E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 29 Jan 2023 10:09:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
R7GHXC1JZFGN8YGXKJKM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 29 Jan 2023 10:09:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EZ9ZVH2KE0FFEWGFW5F3
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GJc3NKa1RJqvnb30dSECIg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=25216
accept-ranges
bytes
content-length
5554
expires
Sun, 29 Jan 2023 17:09:54 GMT

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dcab955c1059465/gdpr=0/ Frame 0131
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dcab955c1059465/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dcab955c1059465/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
54.73.182.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-182-221.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.238
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dcab955c1059465/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 0131
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=18973734-A6B5-449A-AF9D-BDF475210222&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=18973734-A6B5-449A-AF9D-BDF475210222&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

date
Sun, 29 Jan 2023 10:09:38 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=18973734-A6B5-449A-AF9D-BDF475210222&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 0131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTg5NzM3MzQtQTZCNS00NDlBLUFGOUQtQkRGNDc1MjEwMjIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0131
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELtlpiN3ifvkEPxg1QBT2ZQ&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELtlpiN3ifvkEPxg1QBT2ZQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELtlpiN3ifvkEPxg1QBT2ZQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0131 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 28 Jan 2023 10:09:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0131
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6897747870475212065
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6897747870475212065
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6897747870475212065
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 0131 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
e1a3e0ab8b6a236ec57fb2812fd4ce7
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame E24D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
0
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c693c8b9944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:38 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 29 Jan 2023 10:09:38 GMT
Expires
Sun, 29 Jan 2023 10:09:38 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/e1a3e0ab8b6a236ec57fb2812fd4ce7?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1674986978705022-378
pixel
cm.g.doubleclick.net/ Frame 6AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERIN1pYS0ItMVktNEw4QQ==
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERIN1pYS0ItMVktNEw4QQ==
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERIN1pYS0ItMVktNEw4QQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 6AFE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9WjKW7ApSNO-2L9v6fQtyg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9WjKW7ApSNO-2L9v6fQtyg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9WjKW7ApSNO-2L9v6fQtyg
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
338CH7XH4HEN6VNRTKRQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9WjKW7ApSNO-2L9v6fQtyg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6AFE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=fs1mIhn5Rd2loCAam4gprg&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fs1mIhn5Rd2loCAam4gprg
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fs1mIhn5Rd2loCAam4gprg
Protocol
HTTP/1.1
Server
67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:39 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KCVR1M7VPH6Z0WY2VSGY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=fs1mIhn5Rd2loCAam4gprg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 6AFE 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
setuid
px.ads.linkedin.com/ Frame 6AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDH7ZXKB-1Y-4L8A
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDH7ZXKB-1Y-4L8A
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 43C8943364C644A084CBCC9EF7BD65E4 Ref B: FRAEDGE1916 Ref C: 2023-01-29T10:09:38Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzZEvjVAg2ZG5DoLJrhA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDH7ZXKB-1Y-4L8A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6AFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECP7Ap-41EAT67v0vWYzs2U&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECP7Ap-41EAT67v0vWYzs2U&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECP7Ap-41EAT67v0vWYzs2U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/R6Rwoxerc64PEql-nUliu8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-neu3ZfxE2oJ8i08s0Zkx39Nus.cE3wc.u2x7vQ--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-neu3ZfxE2oJ8i08s0Zkx39Nus.cE3wc.u2x7vQ--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-neu3ZfxE2oJ8i08s0Zkx39Nus.cE3wc.u2x7vQ--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6AFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc3NDdiM2E1ODdhYmJlYjViMmMzZTNiYWI1NzE1ZWVlMDRmYTcxMg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc3NDdiM2E1ODdhYmJlYjViMmMzZTNiYWI1NzE1ZWVlMDRmYTcxMg
Protocol
H2
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDc3NDdiM2E1ODdhYmJlYjViMmMzZTNiYWI1NzE1ZWVlMDRmYTcxMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
08fc1f390a6968c5983b6715b2a92536
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/universal/ Frame C8B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.44.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-44-9.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
/
track.adform.net/csimpr/ Frame D287 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=59630085&csi=f88CZuKpYGMdAAwNF4PPlz6cl_O5IIV9z530es7IXBwJDwKV3Zer3AgnHMcYnP38V_N0PVrBOT-NwC-wfDnIw2QBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
12028468.js
s1.adform.net/Banners/Elements/Files/2139281/12028468/ Frame B696 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/12028468.js?ADFassetID=12028468&bv=258
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx0000039a53a4a3697b776-0063c276d0-3294539b-default
etag
W/"84245a0b844ab26c992e422a7fd9a7dc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
smw888.gif
us.ck-ie.com/ Frame 6FE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 29 Jan 2023 10:09:38 GMT
Server
nginx
Picture_1.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_1.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000006d759e86d420a08b-006385b2a0-32941e2b-default
etag
"32f4f9d7eabebc1f18f4fe4f061cb271"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11353
Logo_Big.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Logo_Big.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000007779077ef7d3ea80-006385b2a0-329373d4-default
etag
"ab277fa281f505c538bc241c9c6aa7a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2249
ctaBG.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		114 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaBG.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000009058486fe6989ffa-006385b2a0-3293aae9-default
etag
"373fa2c933d89b72ea882a0604dfca79"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
114
ctaArrow.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		242 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaArrow.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000007eee00c0fb30c53a-006385b2a0-3293aae9-default
etag
"844a20e1dc87cbb5b3f2c0dc8fa5f6b9"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
242
Subline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Subline1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000acbf46acd077b364-006385b2a0-3293868f-default
etag
"c018ea77dc5816d711efd9b7d59768a0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
820
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame B696 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000dcb04a2980ec1f5a-0063765ffa-329373d4-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Headline1.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Headline1.png
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx000003cc9b1d1484c5cb5-006385b2a0-32941e2b-default
etag
"962ec2e0b2eba7811ab0eed1a9b9b7fa"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1561
Picture_2.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_2.jpg
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000c8bb402ad7f9aa2b-006385b2a0-329354d9-default
etag
"924c2c3f793edee8ac4ad70836aad2b3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11742
Picture_3.jpg
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Picture_3.jpg
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000d71022b8ec722190-006385b2a0-329373d4-default
etag
"c7965b542fe22811df282eaba7fcdef3"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12643
/
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/ Frame B696 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Headline2.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/Headline2.png
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000b08778a1d9e68717-006385b2a0-32940f80-default
etag
"b165cf210620d455f41c9f96c86f7ee2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4865
ctaText.png
s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ Frame B696 		679 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/img/Linera/ctaText.png
Requested by
Host: fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
URL: https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Thu, 17 Nov 2022 10:15:24 GMT
server
nginx
x-amz-request-id
tx00000182403b0e84cfe93-006385b2a0-329373d4-default
etag
"ca8d438934d7301ece1770ff4fa415e3"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
679
setuid
ib.adnxs.com/prebid/ Frame DE63
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
30ab51be-c672-4897-9580-d08685d6ae17
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 29 Jan 2023 10:09:38 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c69cd549944-FRA
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:38 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=33541bb365041fe2877487723f4ab0d0
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame EBB2 		1 KB
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2981
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
79112c6a1a57bbd1-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:38 GMT
last-modified
Sun, 29 Jan 2023 09:19:57 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame 4AEE
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 29 Jan 2023 10:09:38 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 29 Jan 2023 10:09:38 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
1
sync-eu.connectad.io/syncer/ Frame 05DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
79112c6abe522bc2-FRA
date
Sun, 29 Jan 2023 10:09:39 GMT
server
cloudflare
sync.php
pixel.rubiconproject.com/exchange/ Frame C74E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
402fba8a82f093def2459220061c8d31
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 25F1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25215
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:39 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Y9ZF4zVgq9tEGG92yE.TpwAA%261170
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame BB73
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y9ZF4zVgq9tEGG92yE.TpwAA%261170
0
594 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y9ZF4zVgq9tEGG92yE.TpwAA%261170
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c6c59979944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
79112c6c1b32924a-FRA
content-length
0
date
Sun, 29 Jan 2023 10:09:39 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y9ZF4zVgq9tEGG92yE.TpwAA%261170
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3TDXU9PuHG%2BkgPfVFYO8Q1n9fx0GO%2B8zSjyosZHjfVjjdnw6i%2BkxHHEngSSJHB%2BIgkgSyxIXwJbytuxAOBZH1UddBDt1iaN4fa1K8FhAT1hBNk4WXzn3XDn5i6HqtFxj6Mqj3QGFsdm%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
adx.adform.net/adx/unload/ Frame DCD5 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979221
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 7D9E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbEaUaeK0cjE1iUKZmP6qpVQzg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=5536888755626735708@@59630082,2063607901263653990,100|1048|0|0|0|0|0|0|0||41|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUbIHHRUJv_z6ZkujjBiZ1tiPXogJ6XnRMxhpnBRkvb3lA7z_uuw_WOM1|Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 7D9E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630082&event=178&time=2&baid=56369846&name=Viewable%20impressions&imprid=2063607901263653990&icid=5536888755626735708&eData=bVPYPVPQbHVdK8Q4brWfEJ7ajRnpNj1H4fn4X_ACi5gaaZfCg5Mt-KvQ_0ngxexBz2wZSzPbLUYau94oJsHc8Q2&adxvars=Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0&rtbdata=R0qCEcXgZSGr0rVivm2D1BUYhRx7PckzkDVDzr1H5PATL4sv7MaPJ32yRoDgrbSgAJz3NH10X-l7sA-Sn0DaSYPQoRaQ4OC2oLfmy-1Bh0D3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmto6vRPSvl1Q2vN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4UtzmZ0-tdyIVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=347243459
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 7D9E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5536888755626735708@@59630082,2063607901263653990,100|1049|0|0|0|0|0|0|0||41|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUbIHHRUJv_z6ZkujjBiZ1tiPXogJ6XnRMxhpnBRkvb3lA7z_uuw_WOM1|Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
unregisterDevice
haaretz.pushwoosh.com/json/1.3/ 		108 B
452 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://haaretz.pushwoosh.com/json/1.3/unregisterDevice
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.239.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
r1-front-03.pushwoosh.com
Software
nginx /
Resource Hash
0b83f8d8f6a6acb5a63c82ae6cae0d4978a38b235d3ed03f9fb80d559d47947e

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 29 Jan 2023 10:09:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
/
track.adform.net/serving/unload/ Frame BB62 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbFjJPvq1XESYVtt-Fv1Jk2mzg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=7384955156765777353@@59630076,2096440946005027455,100|1077|0|0|0|0|0|0|0||42|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUTxQnD9z01e-tIkCKK0XVcfM0CtwAfpuURhpnBRkvb3lA7z_uuw_WOM1|cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame BB62 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630076&event=178&time=2&baid=56369859&name=Viewable%20impressions&imprid=2096440946005027455&icid=7384955156765777353&eData=eWdcFkUaGaFG_TpE4ctafJ7ajRnpNj1H4fn4X_ACi5jFJLiHspq4HGOrShSjY_grz2wZSzPbLUYau94oJsHc8Q2&adxvars=cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0&rtbdata=el6TqoVMDqaQ81uJqFUEJ9EDg8ZJj267s533c8jE2TJxAVMu2CimyDN9KlWqfrAlRFWnFQgCTWzLT9ZFjGAKORnyadsskJWGPazTzKGDhfb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmv23DoS8BcfZWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=18535127
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame BB62 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7384955156765777353@@59630076,2096440946005027455,100|1078|0|0|0|0|0|0|0||42|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUTxQnD9z01e-tIkCKK0XVcfM0CtwAfpuURhpnBRkvb3lA7z_uuw_WOM1|cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E22B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbE14kwPpiVLV73Y_2flFZspzg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=7412313315003359346@@59630082,5705717564069443686,100|1093|0|0|0|0|0|0|0||43|1|||||1|0|0|a6o350GhwG248M5tcwHHbeCC2VNepWEGdvjTZFSTR_soUivqJXSb7xhpnBRkvb3lA7z_uuw_WOM1|K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame E22B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630082&event=178&time=2&baid=56369846&name=Viewable%20impressions&imprid=5705717564069443686&icid=7412313315003359346&eData=HfJ0VIYvJ4FdK8Q4brWfEJ7ajRnpNj1HYaJU2uM20NmLLLuOMuyRlQzzMm93zd57z2wZSzPbLUYau94oJsHc8Q2&adxvars=K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0&rtbdata=6hySndOYzXV4coIWq0Ij30UUlpnFeQ9GIl1g4qYaN_x-hVaaZsOAajZ9JNJrNRQTLusvVLiBAxEtkzkdWrwnlImcwVX0Z1GrK134J90EXUf3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmtxiYBulCJV_WvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=52214426
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E22B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7412313315003359346@@59630082,5705717564069443686,100|1094|0|0|0|0|0|0|0||43|1|||||1|0|0|a6o350GhwG248M5tcwHHbeCC2VNepWEGdvjTZFSTR_soUivqJXSb7xhpnBRkvb3lA7z_uuw_WOM1|K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 385E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbE14kwPpiVLV73Y_2flFZspzg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=7412313315003359346@@59630082,8182764271519969361,100|1067|0|0|0|0|0|0|0||42|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUeCC2VNepWEG-0JIOYQvqKfdBVgI0WmbxxhpnBRkvb3lA7z_uuw_WOM1|RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 385E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630082&event=178&time=2&baid=56369846&name=Viewable%20impressions&imprid=8182764271519969361&icid=7412313315003359346&eData=CIeyj1cHik1dK8Q4brWfEJ7ajRnpNj1H4fn4X_ACi5iLLLuOMuyRlYOwik3yaIQbz2wZSzPbLUYau94oJsHc8Q2&adxvars=RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0&rtbdata=ttNmYRvTsQsJ1-OR4g9ERk06L9Y-cBxBZzkRKjGHcnUMRxHO5mMb2H2yRoDgrbSgpjc10G7Kmas4Mkj2meSfaegXxum4OOJ9HBRufA185H73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmt_3tcI1TXPcmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=942771451
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 385E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7412313315003359346@@59630082,8182764271519969361,100|1067|0|0|0|0|0|0|0||42|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUeCC2VNepWEG-0JIOYQvqKfdBVgI0WmbxxhpnBRkvb3lA7z_uuw_WOM1|RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 4C98 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbGq5YfkRDba5eYsHrJA1y5Czg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=6897747870475212065@@59630076,610567354351912807,100|1067|0|0|0|0|0|0|0||42|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUZ7enEfqzeVrc0dxOJvPIzFcw5g0v_cFNBhpnBRkvb3lA7z_uuw_WOM1|kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 4C98 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630076&event=178&time=2&baid=56369859&name=Viewable%20impressions&imprid=610567354351912807&icid=6897747870475212065&eData=rgWwNAt7nJ9G_TpE4ctafJ7ajRnpNj1H4fn4X_ACi5hh68NFSayl0ZVsXwQM-BIcz2wZSzPbLUYau94oJsHc8Q2&adxvars=kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0&rtbdata=Bn6VM2oCxsg51t06qyI9E8fUWH9dCBhmVSQxYLjdcXR86rZqip8jpFAnoZODnFtPnwtfd7i5RE17g25inQv47f5ynACOQ6fzxZUzcacswCb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvsZ9FQCEu0KWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=857505824
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 4C98 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630076,610567354351912807,100|1067|0|0|0|0|0|0|0||42|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUZ7enEfqzeVrc0dxOJvPIzFcw5g0v_cFNBhpnBRkvb3lA7z_uuw_WOM1|kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 132D 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbFdIaeyJJvF4LnX9q4fd_oczg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=5393900352586838235@@59630076,3651578746197074930,100|1069|0|0|0|0|0|0|0||42|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUWLo97J6hQDXn9vXtDjyjQgwoHrvGa6i-hhpnBRkvb3lA7z_uuw_WOM1|AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 132D 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630076&event=178&time=2&baid=56369859&name=Viewable%20impressions&imprid=3651578746197074930&icid=5393900352586838235&eData=z15sM8L9szpG_TpE4ctafJ7ajRnpNj1H4fn4X_ACi5h0ULP4ujBFQpkzfwHG1w81z2wZSzPbLUYau94oJsHc8Q2&adxvars=AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0&rtbdata=KEfFc34P3_2p2kxE36hBqEHMKAbl6Sq0382mdc6WCXSggZrdYGOX27kjpE4NLSXbFy7KW7q3n2m_vHA9ZKAQP3STM930GoHSzwLi7sy_kMH3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmu3IIOoep6yMmvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=90591213
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 132D 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5393900352586838235@@59630076,3651578746197074930,100|1070|0|0|0|0|0|0|0||42|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUWLo97J6hQDXn9vXtDjyjQgwoHrvGa6i-hhpnBRkvb3lA7z_uuw_WOM1|AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame B2BB 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbGYx0KLJDZ7qbIlEaS-8o-Nzg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=8402717233572927540@@59630082,9175379714437138707,100|1069|0|0|0|0|0|0|0||42|1|||||1|0|0|a6o350GhwG1X7EYoWZQhURvIxClLu3A8eHnxFJmwIJaeNHvMeIenQxhpnBRkvb3lA7z_uuw_WOM1|-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame B2BB 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630082&event=178&time=2&baid=56369846&name=Viewable%20impressions&imprid=9175379714437138707&icid=8402717233572927540&eData=A60C6JlqtRxdK8Q4brWfEJ7ajRnpNj1H4fn4X_ACi5hg0YVybI5zf1AoEsdMAhVdz2wZSzPbLUYau94oJsHc8Q2&adxvars=-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0&rtbdata=TJ4qHFkmLj1AkEIJJJUTI_X4x1sMRkj1zJowLFLQMGaQ-b_OCCY5nxmhi8XDu_Q2YEgbFSUm7FjQ58YhiU6ORmM1t3vbpN5Wmy7awOBsN-r3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOmvNfLWJzBFV1mvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4AhJDyVj8PEoVtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=604684061
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame B2BB 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8402717233572927540@@59630082,9175379714437138707,100|1070|0|0|0|0|0|0|0||42|1|||||1|0|0|a6o350GhwG1X7EYoWZQhURvIxClLu3A8eHnxFJmwIJaeNHvMeIenQxhpnBRkvb3lA7z_uuw_WOM1|-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
async_usersync
ib.adnxs.com/ Frame 9615 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:39 GMT
AN-X-Request-Uuid
8cbdf486-7faa-474e-ac83-bc007e04b1ac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
checkDevice
haaretz.pushwoosh.com/json/1.3/ 		145 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://haaretz.pushwoosh.com/json/1.3/checkDevice
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.239.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
r1-front-03.pushwoosh.com
Software
nginx /
Resource Hash
6f3cf845911c0c548ba03b1261808a08a72fff50a6a2a90e4d8d3521b8ad0de9

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 29 Jan 2023 10:09:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
/
track.adform.net/serving/unload/ Frame 542B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbGqpu5g--2IHmRZMqFwzRuHzg0CYESmKGvasHWbG4uJr2YZWKZzgglBpKbvStwx-EKKQJ1ZUN21B6h54-RsTpoaf_L7w8K0ESzh8N_SlbLQxpVwRYqM52HgGKYosRFdfLNCArNE1uugFn654Y5YxeBqR4WvfOpOJek9yOAuRmFF2Dc1itHfz4ICk-bGIrngg6tyaJsZx16pi4XS5Vareo4D0&unload=541314188199267241@@59630085,1772140525414845287,100|1087|0|0|0|0|0|0|0||42|1|||||1|0|0|-7LGbucci61X7EYoWZQhUb2-7iVc2Q7qvhuQ3PSJqTh2qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 542B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630085&event=178&time=2&baid=56370123&name=Viewable%20impressions&imprid=1772140525414845287&icid=541314188199267241&eData=EzdtvXAgMFaXelSVCe0lP57ajRnpNj1H4fn4X_ACi5gtL8Bzk1dsO8cg0oG0EWhez2wZSzPbLUYau94oJsHc8Q2&adxvars=I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2&rtbdata=E6tQbzBjLA868ZFdtcbZ3WRYKaLiWRppH1BUV9AfbcJtBko87Yj3qDZ9JNJrNRQT_Ci8c6NeuE29cb9qmGDUPhpTtXNQPkL4f-N2vfY4-K_3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG-lMBI-nx2Q3SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1&rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0&rnd=257396149
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 542B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=541314188199267241@@59630085,1772140525414845287,100|1088|0|0|0|0|0|0|0||43|1|||||1|0|0|-7LGbucci61X7EYoWZQhUb2-7iVc2Q7qvhuQ3PSJqTh2qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E4BB 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbFV6sdhY-ofX60NM0K3tJIuzg0CYESmKGvasHWbG4uJr2YZWKZzgglBpKbvStwx-EKKQJ1ZUN21B6h54-RsTpoaf_L7w8K0ESzh8N_SlbLQxpVwRYqM52HgGKYosRFdfLNCArNE1uugFn654Y5YxeBqR4WvfOpOJek9yOAuRmFF2Dc1itHfz4ICk-bGIrngg6tyaJsZx16pi4XS5Vareo4D0&unload=4266847214917985128@@59630082,1773254192420054638,100|1184|0|0|0|0|0|0|0||46|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUcU_qt9Z3ic4kF9NTjmf_dN2qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame E4BB 		35 B
459 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630082&event=178&time=2&baid=56369846&name=Viewable%20impressions&imprid=1773254192420054638&icid=4266847214917985128&eData=EzdtvXAgMFZdK8Q4brWfEJ7ajRnpNj1H4fn4X_ACi5i9evLSLFIh9mUgXprr4Bq5z2wZSzPbLUYau94oJsHc8Q2&adxvars=UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2&rtbdata=KEfFc34P3_22ad1Uggk9hbtVrnE_jI8EXDi0L1vFM7Bwq0N46A9q-n2yRoDgrbSgakqWrG6VDuVFiR_mffXpMj7MEewznp5CpuX5tiBFIIr3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBGyaAJUm3st30SWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODqTcQN3IAIYrMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1&rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0&rnd=112590629
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E4BB 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4266847214917985128@@59630082,1773254192420054638,100|1184|0|0|0|0|0|0|0||46|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUcU_qt9Z3ic4kF9NTjmf_dN2qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
unip
trc-events.taboola.com/1383653/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1383653/log/3/unip?en=pre_d_eng_tb&tos=4632&scd=0&ssd=1&est=1674986975029&ver=36&isls=true&src=i&invt=3000&msa=10253&rv=1&tim=1674986979661&vi=1674986975027&ri=7746d0f4088bc10f394f92bead0b9336&ref=null&cv=20230125-5-RELEASE&item-url=https%3A%2F%2Fwww.haaretz.com%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1383653/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
https://www.haaretz.com
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
track.adform.net/serving/unload/ Frame 6099 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbF-MGKERfg2Rvvb_dxIQzo7zg0CYESmKGvasHWbG4uJr2YZWKZzgglBpKbvStwx-EKKQJ1ZUN21B6h54-RsTpoaf_L7w8K0ESzh8N_SlbLQxpVwRYqM52HgGKYosRFdfLNCArNE1uugFn654Y5YxeBqR4WvfOpOJek9yOAuRmFF2Dc1itHfz4ICk-bGIrngg6tyaJsZx16pi4XS5Vareo4D0&unload=2311734853211587763@@59630082,8855934546433033031,100|1171|0|0|0|0|0|0|0||46|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUaVnA5Vbz-agcOe5Wtx-i-12qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame 6099 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630082&event=178&time=2&baid=56369846&name=Viewable%20impressions&imprid=8855934546433033031&icid=2311734853211587763&eData=EzdtvXAgMFZdK8Q4brWfEJ7ajRnpNj1H4fn4X_ACi5jR80nwhIODroYlSyl52Z0gz2wZSzPbLUYau94oJsHc8Q2&adxvars=SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2&rtbdata=E6tQbzBjLA-OZlGRxe_ZVVaZ8ePR4XNtLheqay1llpm98N3Gn0aQV4PGMD3VRZ1RSaEBrjl9QDcp7XzPCLi2Ou0vb079Q9W6VS0zlfUkMsb3C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDco6v4xKzLpzjoaTJK7cpJanfuHBE75vZ0SoOo1td3rHMKKhxFf6QBG6wpNs2Bbz8eSWMQSq6u-0vy3A-hfLf6toUijrq1zwd3YTQocEx_nqODf9cYQjtyrorMvcme62ljET_TA-rRmyAQ7wbXz6NM5PHdwNIOwOzsxv_YO6vpSmE1&rtbwp=NESdoCSVUkaqMtO59IoUJ6zboUFQG3yp0&rnd=212239472
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 6099 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=2311734853211587763@@59630082,8855934546433033031,100|1171|0|0|0|0|0|0|0||46|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUaVnA5Vbz-agcOe5Wtx-i-12qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame 385E 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979714
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame 7D9E 		35 B
497 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979715
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame 4C98 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979716
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame B2BB 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979716
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame 132D 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979723
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame 6099 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979729
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame 542B 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979729
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame E4BB 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979730
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame BB62 		35 B
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979734
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/unload/ Frame E22B 		35 B
497 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/unload/?1674986979738
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame DCD5 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&pud=j7HohsBqDbGq5YfkRDba5eYsHrJA1y5Czg0CYESmKGtGnmqHF3ZX_ognWNWuGb5RYviFexe_GUOl6w18tTNtB27EnCHPacqeGz1_yumkylkuN6D5YuGUlPwLFpAdlUlxcAFSVQFoHO3Dd1TL6GzdcVbGJaOtGnOhNv4Gk7Nsf3arWlD_pgAbwqcBgkiQbAzUbRcNuu7mZRyiIx7Vqr6bJWxZPb_WLXG20&unload=6897747870475212065@@59630085,4370844038978422697,65|1097|0|0|0|0|0|0|0||28|1|||||1|0|0|-7LGbucci6248M5tcwHHbZ7enEfqzeVrjVmmiIenmk0u_YpqWUe0ixhpnBRkvb3lA7z_uuw_WOM1|e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame DCD5 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=59630085&event=178&time=2&baid=56370123&name=Viewable%20impressions&imprid=4370844038978422697&icid=6897747870475212065&eData=db3AWovZtKqXelSVCe0lP57ajRnpNj1HYaJU2uM20Nlh68NFSayl0YlrSJmxG-_Jz2wZSzPbLUYau94oJsHc8Q2&adxvars=e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0&rtbdata=dvkQKAjbaCUvCJAB-Mxhn1SiNMMoYUaobwxlEYm_pC-xLviPj4guqZ7RJsIFLDe-ZVs0kxZjnYgXtvsmCCFVwB5RYftc5Gnsvc6hXD3OFw73C1qGkf74hBuHsEnaXDOThsvYRNh-IwnvxJocEfNnvaJWXZn8rHDc3DVPptzbga26SriGyY9sBJ8P839W8ye4wnHps2aFOms5hDAwaeLUxWvN0bjDoBiH_6nPgbCXoDgtLSB9HsCrbPlpf__GZTu4olT2yJ1xz38VtuT_3uzlZTNnLtED_KOuK75bfTGQSc-tZkZyELE9GQ2&rtbwp=q0ryMM3Zzto9P-DgFLpSdazboUFQG3yp0&rnd=28609379
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame DCD5 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630085,4370844038978422697,65|1097|0|0|0|0|0|0|0||28|1|||||1|0|0|-7LGbucci6248M5tcwHHbZ7enEfqzeVrjVmmiIenmk0u_YpqWUe0ixhpnBRkvb3lA7z_uuw_WOM1|e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
getInboxMessages
haaretz.pushwoosh.com/json/1.3/ 		92 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://haaretz.pushwoosh.com/json/1.3/getInboxMessages
Requested by
Host: www.haaretz.com
URL: https://www.haaretz.com/_next/static/chunks/0e61faf0.b6c8672d2a08588b56ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.239.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
r1-front-03.pushwoosh.com
Software
nginx / phpDaemon/1.0-beta3
Resource Hash
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423

Request headers

Referer
https://www.haaretz.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 29 Jan 2023 10:09:39 GMT
x-pw-front-node
inbox-api-6f5949f7d8-whzd4
content-encoding
gzip
server
nginx
x-powered-by
phpDaemon/1.0-beta3
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS, DELETE, HEAD
content-type
application/json
access-control-allow-origin
*
x-pw-cluster-node
inbox-api-6f5949f7d8-whzd4
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Headers, is_auto_request, Content-Length, Accept-Encoding, X-Registry-Auth
pushwoosh-bell.png
www.haaretz.com/static/hdc/images/ 		654 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haaretz.com/static/hdc/images/pushwoosh-bell.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c3d682a2ff274232e98f1e973f7697298a843b0e11e81f61aa9e7f7e9403e067
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sun, 29 Jan 2023 10:09:39 GMT
age
99796
x-dns-prefetch-control
off
x-cache
MISS, HIT, HIT
x-envoy-upstream-service-time
4
x-origin-status
200, 200
content-length
654
x-xss-protection
1; mode=block
last-modified
Mon, 23 Jan 2023 08:00:12 GMT
server
istio-envoy
x-timer
S1674986980.899728,VS0,VE1
etag
W/"28e-185dda452e0"
x-download-options
noopen
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
x-cache-hits
0, 668, 1
publishertag.prebid.130.js
static.criteo.net/js/ld/ Frame 8C11 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 30 Jan 2023 10:09:39 GMT
syncframe
gum.criteo.com/ Frame 8AE3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.haaretz.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.haaretz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 10:09:39 GMT
server
Kestrel
server-processing-duration-in-ticks
1397835
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8AE3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=haaretz.com&sn=ChromeSyncframe&so=3&topUrl=www.haaretz.com&bundle=asHJWl8xRG8lMkZTQnZYaGY1bHFFdUxrM0xWdEhnMVBtSWx0QmFwbEJxamxiOENMUlRLcG1n...
  • https://mug.criteo.com/sid?cpp=v1FTFXwxRVF4NTYrQWt0Q3NxdmRFWG93UG9xSUkrOHRVbElWRFZlb0x5OElpWWtlMWt6QWh4Z3Q2cVQzQlk0ay9aM3d2QVFEdENwZVZ1eVJTdXJtMVhyUC9KVHVBSWQxSndYcERNWVA0ZHhIVzFjMWFMOHNqdzl0cXZlWU...
430 B
655 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=v1FTFXwxRVF4NTYrQWt0Q3NxdmRFWG93UG9xSUkrOHRVbElWRFZlb0x5OElpWWtlMWt6QWh4Z3Q2cVQzQlk0ay9aM3d2QVFEdENwZVZ1eVJTdXJtMVhyUC9KVHVBSWQxSndYcERNWVA0ZHhIVzFjMWFMOHNqdzl0cXZlWU42b0J5dmdwNDNucExGY3RIdms3L1RyN2pCeC9NZXRFVmJib3J2ak5nZ2k1b2FMSGMzQVVRN3BTcWFyYUlhejFndXh5ZEZxK3JWbWJYTTN3U2dyajR1b0Rkc2xNdHc5ak9ZVzZkNHdqWDNCM0I3cit4MWd3TXdUeUVaaC9RMnRUMS9ac0Nwdm1tOVRaVFJxTVJxdGNYa1NFR24ya0w4RFlFYkVPdlUvaGxjSHBxaXJCUFJZQT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
00151d1bf31e7872bfe8c856ac2730ac1c5a46bb672b4f1cffcc3924ebc216e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2119607
expires
0

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=v1FTFXwxRVF4NTYrQWt0Q3NxdmRFWG93UG9xSUkrOHRVbElWRFZlb0x5OElpWWtlMWt6QWh4Z3Q2cVQzQlk0ay9aM3d2QVFEdENwZVZ1eVJTdXJtMVhyUC9KVHVBSWQxSndYcERNWVA0ZHhIVzFjMWFMOHNqdzl0cXZlWU42b0J5dmdwNDNucExGY3RIdms3L1RyN2pCeC9NZXRFVmJib3J2ak5nZ2k1b2FMSGMzQVVRN3BTcWFyYUlhejFndXh5ZEZxK3JWbWJYTTN3U2dyajR1b0Rkc2xNdHc5ak9ZVzZkNHdqWDNCM0I3cit4MWd3TXdUeUVaaC9RMnRUMS9ac0Nwdm1tOVRaVFJxTVJxdGNYa1NFR24ya0w4RFlFYkVPdlUvaGxjSHBxaXJCUFJZQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
673978
content-length
0
expires
0
sync
x.bidswitch.net/ Frame 8C11
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156383
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
Protocol
H2
Server
18.196.150.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-150-104.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
date
Sun, 29 Jan 2023 10:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
94
content-type
text/html; charset=utf-8
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 8C11 		95 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fwww.haaretz.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.haaretz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/png
date
Sun, 29 Jan 2023 10:09:40 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usync.html
eus.rubiconproject.com/ Frame 438E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C66C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame FD41 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3718 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8EFE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 9E6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
usync.html
eus.rubiconproject.com/ Frame 1F52 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D47 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C90A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 8263 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5EEE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0E22 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EA8E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4B42 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 0283 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
beacon
ap.lijit.com/ Frame 6508 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
usync.html
eus.rubiconproject.com/ Frame 020B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 734E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F453 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 438E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
usync.js
eus.rubiconproject.com/ Frame 1F52 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
async_usersync
ib.adnxs.com/ Frame FD41 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
03b563b8-ae34-4d04-865c-f8d82205f56c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 131B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A73D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D222 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1D0E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 5B4D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6F18 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8208 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1290 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame E028 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E237 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 20A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DD54 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CE1A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 6011 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4221 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame C90A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6A71 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B340 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BCE8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 1587 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
usync.js
eus.rubiconproject.com/ Frame 020B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
usync.js
eus.rubiconproject.com/ Frame 4B42 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
async_usersync
ib.adnxs.com/ Frame 3718 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
8e153224-6e3c-4cf5-a75a-614517a9e90d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 131B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
async_usersync
ib.adnxs.com/ Frame 5EEE 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
32c43627-f28c-4d81-a3f7-62a6acd03c06
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0E22 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
bc6fa607-fc80-49e6-aad3-3dc8aacbeb97
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame E028 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
usync.js
eus.rubiconproject.com/ Frame 1D0E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 02A4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B769 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
async_usersync.html
acdn.adnxs.com/dmp/ Frame 72A0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B596 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame CE1A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
async_usersync
ib.adnxs.com/ Frame 734E 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
875f641f-cd4f-4a0a-a2c1-e28186b4f913
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B340 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
async_usersync
ib.adnxs.com/ Frame A73D 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
b4ae3683-ad63-47ac-9dcb-b68667eca9cf
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 86ED 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7252 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8687 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B381 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
async_usersync
ib.adnxs.com/ Frame 6F18 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
d4021bf7-e88e-4c73-baba-dcb7b91f0225
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1290 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
3cab6bfc-e9a2-4c2c-8837-ac87ce06b9a7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2959 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"623de86a-cf34"
Expires
Mon, 30 Jan 2023 10:09:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 31CD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 29 Jan 2023 10:09:40 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 0F96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406526
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 29 Jan 2023 10:09:40 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5685 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Requested by
Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://flashnetic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=25214
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Sun, 29 Jan 2023 17:09:54 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 4221 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
7da38934-6fec-4feb-9485-b69ec4bb8e2c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B596 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
async_usersync
ib.adnxs.com/ Frame BCE8 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
e3a3c73a-652e-49b8-8dd6-a53f4c26bc3e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8687 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0131 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 72A0 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
2c7f4591-16d0-4f12-b592-c62c6c0169dd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 31CD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:40 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Jan 2023 22:03:24 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42863
Connection
keep-alive
Content-Length
10037
Expires
Sun, 29 Jan 2023 22:04:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 86ED 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1492348&p=156383&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
eee6f02d8e6f6ff417e343cdc5705843bcfc33d3ad6b4224d8fd0af3f4965e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame 7252 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
a7017e5d-692f-4794-b1da-b4828fd50568
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2959 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:40 GMT
AN-X-Request-Uuid
aa0f18af-3037-4e0c-b440-9925720c3369
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame CCCF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2077087146620128535&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 29 Jan 2023 10:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 29 Jan 2023 10:09:39 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame BF0B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7194014300368730263&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 29 Jan 2023 10:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 29 Jan 2023 10:09:40 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 4670
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Pu_FuvzoTTde91sZ5ezysNly2hg
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 29 Jan 2023 10:09:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 29 Jan 2023 10:09:41 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame E970
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9ZF5AABT3qOVwBh&gdpr=1&gdpr_consent=&_test=Y9ZF5AABT3qOVwBh
0
174 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9ZF5AABT3qOVwBh&gdpr=1&gdpr_consent=&_test=Y9ZF5AABT3qOVwBh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 29 Jan 2023 10:09:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 29 Jan 2023 10:09:41 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y9ZF5AABT3qOVwBh&gdpr=1&gdpr_consent=&_test=Y9ZF5AABT3qOVwBh
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220029-HHN
x-timer
S1674986981.030119,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame C32A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCT1NFN0hySXdBQUNBa1Jnb1NmUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABOSE7HrIwAACAkRgoSfQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABOSE7HrIwAACAkRgoSfQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABOSE7HrIwAACAkRgoSfQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4896838604249424223&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOSE7HrIwAACAkRgoSfQ&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOSE7HrIwAACAkRgoSfQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 29 Jan 2023 10:09:41 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOSE7HrIwAACAkRgoSfQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
i.match
s.tribalfusion.com/z/ Frame E77B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
79112c77fedd2c5a-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 29 Jan 2023 10:09:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
79112c76ac1c2c5a-FRA
content-type
text/html
date
Sun, 29 Jan 2023 10:09:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
351
generic
match.adsrvr.org/track/cmf/ Frame B3D6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1674986980952
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8033261240
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8033261240
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 29 Jan 2023 10:09:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 29 Jan 2023 10:09:40 GMT
etag
RX5d3b9834945e4dc5a3898e4ae85f7d59003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8033261240
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
cookiesync
core.iprom.net/ Frame 7080 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 29 Jan 2023 10:09:40 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-e83da97a38d6@version_1.534
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame A870
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 29 Jan 2023 10:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 29 Jan 2023 10:09:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
pub
matching.truffle.bid/sync/ Frame 6975 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 29 Jan 2023 10:09:40 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cm
ipac.ctnsnet.com/int/ Frame 5016 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
gdpr_consent=
sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/ Frame 376C
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
49 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQjghRVVjbaVRWUV%2526gdpr%253D0%2526gdpr_consent%253D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.182.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-182-221.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
49
content-type
image/gif
date
Sun, 29 Jan 2023 10:09:41 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.17.54

Redirect headers

content-length
0
location
https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQjghRVVjbaVRWUV%2526gdpr%253D0%2526gdpr_consent%253D
bridge
cm.adgrx.com/ Frame DE84 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 29 Jan 2023 10:09:40 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
ImgSync
image8.pubmatic.com/AdServer/ Frame CCC8
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1j1y44wrk36h
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 29 Jan 2023 10:09:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 29 Jan 2023 10:09:41 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame CAA2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BEA0962FA2204CA9BFC747170432F498&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Sun, 29 Jan 2023 10:09:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 29 Jan 2023 10:09:39 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
info2
uipglob.semasio.net/pubmatic/1/ Frame 86ED
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=18973734-A6B5-449A-AF9D-BDF475210222&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=18973734-A6B5-449A-AF9D-BDF475210222&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=18973734-A6B5-449A-AF9D-BDF475210222&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
frontend-id
3
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=18973734-A6B5-449A-AF9D-BDF475210222&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 86ED 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=18973734-A6B5-449A-AF9D-BDF475210222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
79112c76bd082bbc-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 86ED
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=18973734-A6B5-449A-AF9D-BDF475210222
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
HTTP/1.1
Server
52.45.81.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-81-218.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Sun, 29 Jan 2023 10:09:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 29 Jan 2023 10:09:41 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
ids
idsync.frontend.weborama.fr/ Frame 86ED
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1852873593
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=18973734-A6B5-449A-AF9D-BDF475210222
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=18973734-A6B5-449A-AF9D-BDF475210222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:40 GMT
via
1.1 google
last-modified
Sun, 29 Jan 2023 10:09:41 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=18973734-A6B5-449A-AF9D-BDF475210222
date
Sun, 29 Jan 2023 10:09:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
18973734-A6B5-449A-AF9D-BDF475210222
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 86ED 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/18973734-A6B5-449A-AF9D-BDF475210222?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:2bd9:9049:1377:8ebc Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 86ED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=18973734-A6B5-449A-AF9D-BDF475210222&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xR9zYRtE2uUjTufUrrlyQwXELvFrOGQ-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xR9zYRtE2uUjTufUrrlyQwXELvFrOGQ-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xR9zYRtE2uUjTufUrrlyQwXELvFrOGQ-~A&gdpr=0
date
Sun, 29 Jan 2023 10:09:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 86ED 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 86ED 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 86ED
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:896c12a2-c564-4c98-9ee5-4c04f5adc52d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 86ED
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6958717578072999008&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:41 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 86ED
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2077087146620128535
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:38 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 29 Jan 2023 10:09:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame FD41 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
6bfc2cd0-9686-45f5-8bc4-a15208f5c183
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3718 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
31d97c51-d673-4fd3-8fe0-c9dd2295a582
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5EEE 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
d12b3ce3-ec23-4213-aa37-3b8f20059f78
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0E22 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
29209562-c60d-486b-8813-bed6a79e68f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 734E 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
591a4398-4ac8-42fc-a507-d06d689da25d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A73D 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
60e5b0dc-b045-4c13-b69c-c2dab0749b10
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6F18 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
536bf337-ca6d-4166-af34-dce38b9a2c8e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1290 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
291c4c18-9a6d-4349-a433-5c2eac71bd6a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4221 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
f736aa97-14a0-4cce-a7ec-c87589e4b462
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BCE8 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
3f9cb151-444d-4b2a-9d65-0c7cc6f0bece
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 72A0 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
f5e07d0f-8376-4640-a50f-c4508ee1bad8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7252 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
e3ea789b-65df-43fd-bca5-e7dd4e4b4b29
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2959 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 29 Jan 2023 10:09:41 GMT
AN-X-Request-Uuid
9b92d56c-20fe-4143-a08a-c239b61f7e7a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 25F1 		188 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81722524&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
55343b11afe63b57179e3c424e6abc22fa3c39d40f24c909b7063c5bc60005a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 29 Jan 2023 10:09:39 GMT
content-length
188
content-type
text/html; charset=UTF-8
18973734-A6B5-449A-AF9D-BDF475210222
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 9F13 		0
622 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/18973734-A6B5-449A-AF9D-BDF475210222
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
79112c7e4e8e9944-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 29 Jan 2023 10:09:42 GMT
server
cloudflare
vary
Accept-Encoding
qmap
sync.crwdcntrl.net/ Frame 25F1 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.182.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-182-221.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.238
content-length
49
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 86ED 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156383&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:09:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame 7D9E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5536888755626735708@@59630082,2063607901263653990,100|4647|0|0|0|0|0|0|0||182|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUbIHHRUJv_z6ZkujjBiZ1tiPXogJ6XnRMxhpnBRkvb3lA7z_uuw_WOM1|Xc5Zyx9NerJ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpAcB1AfctWI8KYtDRGwkwxFRkTHcNA0SCwCqCJdd4zaqlJ_Dou0svCZIL3kHIdhTDq3Yoh7V6L9r8cnft-05ZTXuZaJeQVV-MIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsn7JtgsMV5ZQwO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 385E 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7412313315003359346@@59630082,8182764271519969361,100|4459|0|0|0|0|0|0|0||174|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUeCC2VNepWEG-0JIOYQvqKfdBVgI0WmbxxhpnBRkvb3lA7z_uuw_WOM1|RsJjwrekK2l42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHr8TtlooLhUeJ1jp_3V_g0M9NtGUFSSsEDaVF54-ejfPPs99COw_dAYSaFnpc5FUjiQx-3wLdQH8U9cNgBmgZILXqg5fm8DLm4IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVslQKMhV_6PmuwO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 4C98 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630076,610567354351912807,100|4465|0|0|0|0|0|0|0||174|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUZ7enEfqzeVrc0dxOJvPIzFcw5g0v_cFNBhpnBRkvb3lA7z_uuw_WOM1|kYb9Vc6vySt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHouz4R0WhKSfrCrU-59qIo4aguGakGTfHMcqZBpG0117I7zYXyQHq-G9YL9NUbXoS6TR0hjW3e3IQZ7iE3iqLGdknmZ4Iae48kIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnp04sJkYQoUAO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 132D 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=5393900352586838235@@59630076,3651578746197074930,100|4466|0|0|0|0|0|0|0||174|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUWLo97J6hQDXn9vXtDjyjQgwoHrvGa6i-hhpnBRkvb3lA7z_uuw_WOM1|AIZwRNwUQvt42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoenEx6X63uOeHY72yUs5wCx12GVsz9-5Y9VR4TF3XPpH0gPZTxKoKyYHTxx1qNgkTeKS4q2X-vVuYP-84pWPyA1ntMziYbB1YIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmkbtC3iQqnMgO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame B2BB 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8402717233572927540@@59630082,9175379714437138707,100|4467|0|0|0|0|0|0|0||174|1|||||1|0|0|a6o350GhwG1X7EYoWZQhURvIxClLu3A8eHnxFJmwIJaeNHvMeIenQxhpnBRkvb3lA7z_uuw_WOM1|-kecm4URwB942u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoL0q8MfzzfJilK_q7CtAObDE-JIHBwvLRZ-Y1MMdgWsoYT3chezfPq7v0vLvnzQW6Nf7qpqwiUO2nx-bYY-zD9HkS2pdvbdokIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnVxsX-VB-XJQO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 6099 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=2311734853211587763@@59630082,8855934546433033031,100|4471|0|0|0|0|0|0|0||175|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUaVnA5Vbz-agcOe5Wtx-i-12qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|SmZM_7Vrau8WcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt22tbvluyQTNc8pTUQTvpBaVaWQw4QvI74i80IktK7_GdLLCrVDWWIX-LMMJHr0T6nQKhl6mrrfGzXgD0uTh8w00OuNuqC_PfjehQm65vSycg7kbTHoU3oC_elFaKaPMKyT92XTgVlfA2||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 542B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=541314188199267241@@59630085,1772140525414845287,100|4486|0|0|0|0|0|0|0||175|1|||||1|0|0|-7LGbucci61X7EYoWZQhUb2-7iVc2Q7qvhuQ3PSJqTh2qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|I9eSsN4aLJMWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quGTIUUnX1XGltFHsN1JeWFQ_mJTBn6Jap2x7F8XlVW-crzQXtRaePOmzyJcYTfAo1F7RY_CuzIC_jEmTWQ-yAzMzbU7tISrgPjehQm65vSycg7kbTHoU3oZjXZllJ6LaTdTwnSr-FYyA2||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame BB62 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7384955156765777353@@59630076,2096440946005027455,100|4583|0|0|0|0|0|0|0||179|1|||||1|0|0|FtFFyiHgchJX7EYoWZQhUTxQnD9z01e-tIkCKK0XVcfM0CtwAfpuURhpnBRkvb3lA7z_uuw_WOM1|cJ0mgZghZg142u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHomPM5U4v_Y3Ny-XHg7cDG_Nrn_4vfHGmF10VoVq7RaG06CUwyPvm7lRivK0DAsc6PCJpkNo9BCf9OrkpnRU8N24JoBdTOETHsIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskhi3aMQEUX7gO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E4BB 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=4266847214917985128@@59630082,1773254192420054638,100|4584|0|0|0|0|0|0|0||179|1|||||1|0|0|a6o350GhwG1X7EYoWZQhUcU_qt9Z3ic4kF9NTjmf_dN2qiF4vlFkchhpnBRkvb3lA7z_uuw_WOM1|UQDB6eBZQ6IWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4quje7ZaydSehtGrxP8e8gZOATCFwEvyRPqGNJlqeI2QL6DBmMz6zT_1VokZ_2MBByKB6A1TAMT_VmNTMsjF9DrFNKkjbEe_IG7jehQm65vSycg7kbTHoU3owxwJJgfM2p_dTwnSr-FYyA2||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E22B 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7412313315003359346@@59630082,5705717564069443686,100|4582|0|0|0|0|0|0|0||179|1|||||1|0|0|a6o350GhwG248M5tcwHHbeCC2VNepWEGdvjTZFSTR_soUivqJXSb7xhpnBRkvb3lA7z_uuw_WOM1|K42kyUxNssZ42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoB2lcHWVxukeP1mfGdOjFuYWNwswL0QJa2lxYR4Q1thb1D_5NS-XGGp8uWTzn5O03agrpxMpIUzeaf7pzD9wYUtERyDh2xgWgIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsnychS1Nx9xKQO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame C2CE 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630083,8099970577059991027,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|6_hMfnjWkau48M5tcwHHbZ7enEfqzeVrjVmmiIenmk3M0CtwAfpuURhpnBRkvb3lA7z_uuw_WOM1|RhXPb82H5B542u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpqgstM42TqYZevLjYNsmvQiTIBqHxIrXwAOAslM1ZGkKaPcCaci0xCuGqkjFeLmwA5JmoTa7zRbMWUxQEukv_zKvI4KNxgd24IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmvhGj9fvVQOgO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame E70A 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630082,1885283158470088103,28|0|0|0|0|0|0|0|0||0|1|||||1|0|0|a6o350GhwG248M5tcwHHbZ7enEfqzeVrjVmmiIenmk0t4y1FiPAbfBhpnBRkvb3lA7z_uuw_WOM1|e2-4gSoikLwWcRYtgUbgFKR1EDXJQJW4Y5Ao_VSAdp8eQA3Lv2Y_8GBONxkqmg1lAQRxNEmW4qt5PIT01uMPBKG1UJUGnkBP-mlM4KJ_TKgmZgatjjt92lwXCquw9okvDHjc_Dzju35snqtF7hupaXAu0ljbDkJevx9y3QenQiPjehQm65vSycg7kbTHoU3oLicB4jOuztTdTwnSr-FYyA2||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame DCD5 		35 B
468 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630085,4370844038978422697,65|4594|0|0|0|0|0|0|0||117|1|||||1|0|0|-7LGbucci6248M5tcwHHbZ7enEfqzeVrjVmmiIenmk0u_YpqWUe0ixhpnBRkvb3lA7z_uuw_WOM1|e2-4gSoikLx42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHpGYE-AIKl7pcCTY8TfJX5PhKe58iFo64LYHPRiFO3B7gaBS-fP2goLYaS00h64wogitE_ZXOC8glxgghslI7XvbgYYr9EZ3YwIAyeJEXrV79lOdmQ-Av6JagrxRZ_gVskJnVEZARcnyAO8_7rsP1jj0||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://flashnetic.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://flashnetic.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame D287 		35 B
503 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6897747870475212065@@59630085,3455462896735170601,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|-7LGbucci6248M5tcwHHbZ7enEfqzeVrjVmmiIenmk3JPy5kn9LZ_RhpnBRkvb3lA7z_uuw_WOM1|nw8TqPNK39h42u1ywTJ-2l8JGbSZwnX-nwUawPucChCifWFNCyxfVJG4dWAZeGGwCjDTP_yZfHoJypMNfmJ11AnScHVW1UpFBhshin1xY2oe-vCcGUlBWernErcjg8aOnOxeW9oy3SpTPmWtY17c9IAXrmyBbGfvaUkAojYxy78IAyeJEXrV79lOdmQ-Av6JagrxRZ_gVsmoUYtfk_03iQO8_7rsP1jj0||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 29 Jan 2023 10:09:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| oncontentvisibilityautostatechange object| _sf_async_config object| __HTZ_DATA__ object| googletag function| fbq function| _fbq function| gtag object| dataLayer boolean| canRunAds number| refreshTimer object| __HTZ object| _cb_shared object| webpackJsonp object| __NEXT_P object| regeneratorRuntime object| __NEXT_DATA__ function| __BUILD_MANIFEST_CB function| __SSG_MANIFEST_CB object| next function| __NEXT_PRELOADREADY object| __BUILD_MANIFEST object| __SSG_MANIFEST object| ggeac object| google_tag_data object| google_js_reporting_queue object| _0x4dbb function| _0x2840 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| apd_options string| GoogleAnalyticsObject function| ga boolean| GA_INITIALIZED object| google_tag_manager object| _cbm function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| _tfa function| obApi boolean| fifabAlready function| fi_fab undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery undefined| google_measure_js_timing object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| Criteo function| setImmediate function| clearImmediate function| apiObj function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| fiUtils object| $waitOn object| $websitePrependInContent object| $FIslowSelectors object| $backfillRefreshObserver object| $parallelInlines object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| a object| sw_consent function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| ONFOCUS object| adpnExecutions object| aliveChecks boolean| adpnLoaded object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123

102 Cookies

Domain/Path Name / Value
.haaretz.com/ Name: anonymousId
Value: 16749869739797149
.haaretz.com/ Name: _t_tests
Value: eyJLWExyUjN0R1VzTllZIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJlUDlFSSJdfSwiUm5yQlZnTUVUZVl4UyI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQ3JHbzJSIl19LCJub0d0S3NGaDBSM3p1Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCMUJubm4iXX0sImxpZnRfZXhwIjoibSJ9
.haaretz.com/ Name: _ga_MDEFPY237V
Value: GS1.1.1674986974.1.0.1674986974.60.0.0
.haaretz.com/ Name: _fbp
Value: fb.1.1674986974597.383803245
.haaretz.com/ Name: _ga
Value: GA1.2.308643667.1674986975
.haaretz.com/ Name: _gid
Value: GA1.2.898517137.1674986975
.haaretz.com/ Name: vad-loc-code
Value: de
www.haaretz.com/ Name: acl
Value: acl
.haaretz.com/ Name: _cb
Value: Ghp18BvDUQJEG4UT
.haaretz.com/ Name: _chartbeat2
Value: .1674986974816.1674986974816.1.DddDGODmJhqFBLQiMhDQTr3QhmfK.1
.haaretz.com/ Name: _cb_svref
Value: null
www.haaretz.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.rubiconproject.com/ Name: khaos
Value: LDH7ZXKB-1Y-4L8A
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpwSfv+LtN1GLU1ZxogGjlwOA+xFj1I9scPlNhSTbzUQ+3TyqpvhavWRmjTinhBgtUmTrPT7/KiRiYbB5SW5XQ37GGGOiqNCvuma+WVcS1g3g==
www.haaretz.com/ Name: outbrain_cid_fetch
Value: true
.creativecdn.com/ Name: u
Value: rjTWKC7ADYsR5D97ssSU
.creativecdn.com/ Name: ts
Value: 1674986976
.doubleclick.net/ Name: IDE
Value: AHWqTUkBd7Dlh9EfbtOyWPwVaHUrYj_LfDinhZfsVnuJ3GAEZQql3EK7tKIVvRg-8c4
.ads.stickyadstv.com/ Name: UID
Value: e1a3e0ab8b6a236ec57fb2812fd4ce7
.360yield.com/ Name: tuuid
Value: 99a58a5b-6d27-4695-9cc2-4812ed21afa1
.360yield.com/ Name: tuuid_lu
Value: 1674986976
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.haaretz.com/ Name: __gads
Value: ID=b6cac8f2056b2ff3:T=1674986975:S=ALNI_MYc6mgqc9iR9rFAFXEExM4p1V3Azg
.haaretz.com/ Name: __gpi
Value: UID=00000bce9d858538:T=1674986975:RT=1674986975:S=ALNI_Majp_hmDJ7b1Qgl42oiJ5GIyyC5gg
.haaretz.com/ Name: _gat
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: TPC
Value: 1674986977792
.adform.net/ Name: uid
Value: 6897747870475212065
.criteo.com/ Name: uid
Value: 5e33e73b-62f9-41b6-90d9-73d1a8a1f2e9
.adnxs.com/ Name: uuid2
Value: 2077087146620128535
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 18973734-A6B5-449A-AF9D-BDF475210222
.fiftyt.com/ Name: fifid
Value: 83e25eb8-e2d8-4d33-7069-e3bead4e8353
.fiftyt.com/ Name: cs
Value: MTY3NDk4Njk3OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fFI33193T2gU7bQLleC2_FpHZZLlU7PcrlvaRKUxkkyM
.haaretz.com/ Name: cto_bidid
Value: 9oJuMV80YWklMkZMSk84MTBaT1VrY3pvJTJCbzJ4dENXa01VdXJNeEZZbUhJcndTekFISWIzZWwlMkJ0aWZ2RmFlYXY2RGpTbUtrNzVyaEx0b28yY3JIdkZ2SUx5YmhPaVZLeXU1STFsVW8lMkZPcHplQ2RkVWhZJTNE
.onaudience.com/ Name: cookie
Value: 4dcab955c1059465
.onaudience.com/ Name: done_redirects104
Value: 1
.quantserve.com/ Name: d
Value: EP0BCwGVKPijAA
.quantserve.com/ Name: mc
Value: 63d645e2-c6b0b-de61e-fa8fc
.mathtag.com/ Name: uuid
Value: fba963d6-45e2-4700-82bd-12220325eb1c
.simpli.fi/ Name: suid
Value: BEA0962FA2204CA9BFC747170432F498
.fiftyt.com/ Name: fppm
Value: 20230129100938
.de17a.com/ Name: guid
Value: 1.5123563109499086153
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:fba963d6-45e2-4700-82bd-12220325eb1c&KRTB&16736-uid:fba963d6-45e2-4700-82bd-12220325eb1c&KRTB&23019-uid:fba963d6-45e2-4700-82bd-12220325eb1c&KRTB&23114-uid:fba963d6-45e2-4700-82bd-12220325eb1c
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6897747870475212065&KRTB&23263-6897747870475212065
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj&KRTB&19420-xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj&KRTB&22979-xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj&KRTB&23403-xTQ0pscyNaLeZGbyw2V99JYxYfXeYTGolWSwjSrj
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELtlpiN3ifvkEPxg1QBT2ZQ&KRTB&16514-CAESELtlpiN3ifvkEPxg1QBT2ZQ&KRTB&23025-CAESELtlpiN3ifvkEPxg1QBT2ZQ&KRTB&23386-CAESELtlpiN3ifvkEPxg1QBT2ZQ
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2E>0vTPvl!]tb68bhzs#DNB=:lK9B*:3[]_+RVl?Rj?U[Mbs:B/rcAa`e#]+bBUE/YSH+*cR:mc/d9ONya!tNhTo=.w+1!
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIzMzU0MWJiMzY1MDQxZmUyODc3NDg3NzIzZjRhYjBkMCIsImV4cGlyZXMiOiIyMDIzLTA0LTI5VDEwOjA5OjM4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTAxLTI5VDEwOjA5OjM2WiJ9
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5123563109499086153
.yahoo.com/ Name: A3
Value: d=AQABBOJF1mMCEOtMuVcMVZhzB3IGCZ7LPZ8FEgEBAQGX12PgYwAAAAAA_eMAAA&S=AQAAAgPFZ1QvTiC23wClfYrFkGI
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&81b47d8e-102b-4d96-85d4-8ef256c59f95"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzQ5ODY5Nzk7MjswMjEI6z53RA48eABdS2nNfZp4Y0Q7045P5n5IPTONUdGOgQ==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2793:u=1:x=1:i=1674986979:t=1675073379:v=2:sig=AQESHEibo6c6iOxlMRZJ5qwHIB44jqMn"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMID
Value: Y9ZF4zVgq9tEGG92yE.TpwAA
.casalemedia.com/ Name: CMPS
Value: 1170
.casalemedia.com/ Name: CMPRO
Value: 1170
.amazon-adsystem.com/ Name: ad-id
Value: A2Cu-cB0G0PwlYUWsNgahRY
.haaretz.com/ Name: cto_bundle
Value: OilkaV8xRG8lMkZTQnZYaGY1bHFFdUxrM0xWdEtMYWNFandreDB3cXglMkJyc09KU3lGN1JDWWNOaEIxazg3end3bndGdU9DZ2JXYjE4VEZUJTJCSlpJS2JBS0FEU2U1UlRFUGlKMHRuRmIlMkZPMnM2bk50RG5ONTFUOEtYS0tyWDF2VFFSbW5yb3BXcSUyRjRQcENnektienlIVTNjNkR6TTZRJTNEJTNE
.pubmatic.com/ Name: SyncRTB3
Value: 1676160000%3A7_251_71_204_161_8_3_234_165_176_88_254_13_56_233_243_220_55_81_238_214_54_22_166_99_21%7C1676246400%3A35%7C1680134400%3A69%7C1675555200%3A15_2_223%7C1675814400%3A63%7C1677542400%3A203
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2077087146620128535&KRTB&23339-2077087146620128535
.adfarm1.adition.com/ Name: UserID1
Value: 7194014300368730263
.ctnsnet.com/ Name: cid_bbec5697f79f4abe951e99b0f1cc304f
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3Ax86T0YkBgKtegi-jg6ee65Cy6k495WN1.VFsK1BRx47Mr1%2FIXcsojjyY5NwyJZJ21S5gaILJA9QM
.zeotap.com/ Name: zc
Value: 7e7cee94-7643-44d8-4aa2-98d49ee12efe
.weborama.fr/ Name: AFFICHE_W
Value: GJ1ordc4GiEY43
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~29oy
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7194014300368730263&KRTB&23278-7194014300368730263&KRTB&23369-7194014300368730263
.csync.loopme.me/ Name: viewer_token
Value: 70347226-2f47-449d-a46c-f92213693699
.turn.com/ Name: uid
Value: 6958717578072999008
.pubmatic.com/ Name: SPugT
Value: 1674986980
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5d3b9834-945e-4dc5-a389-8e4ae85f7d59-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.semasio.net/ Name: SEUNCY
Value: F4D73B0ECF7F6278
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-6958717578072999008&KRTB&23150-6958717578072999008
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y9ZF5AABT3qOVwBh
.onaudience.com/ Name: done_redirects200
Value: 1
.bidr.io/ Name: bito
Value: AABOSE7HrIwAACAkRgoSfQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.tribalfusion.com/ Name: ANON_ID
Value: aensIHu4YUcmqcn63g8VxoJOFfIgf09Zdxy4HxtCVx7xDF1PH1Dor7gaeuZcoJJuGXkiFOlZcRTZaFRCfqZacvOskkHiK
.adsby.bidtheatre.com/ Name: __kuid
Value: 896c12a2-c564-4c98-9ee5-4c04f5adc52d.444200981
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3eefc5ba-fce8-4d37-5ef7-5b19e5ecf2b0.f9oFs94ib2fTMS8a4Qj6tbWxF3t%2FLQW9ycuurmSxwR4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APu_FuvzoTTde91sZ5ezysNly2hg.fnHHBp4qEftBEdQiJPr4gILS%2FmdY%2B%2FXY7bVYE8%2Felro
.audrte.com/ Name: arcki2
Value: 864Zxk-87UuSuqEKwl3rfCKiA!20220908!1674986981287!ip#217.114.218.24
.audrte.com/ Name: arcki2_pubmatic
Value: 18973734-A6B5-449A-AF9D-BDF475210222!20220908!1674986981291
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Pu_FuvzoTTde91sZ5ezysNly2hg&KRTB&23334-Pu_FuvzoTTde91sZ5ezysNly2hg&KRTB&23417-Pu_FuvzoTTde91sZ5ezysNly2hg&KRTB&23426-Pu_FuvzoTTde91sZ5ezysNly2hg
.pubmatic.com/ Name: PugT
Value: 1674986981
.gammaplatform.com/ Name: _aGeoIp
Value: BR|Sao_Paulo
.gammaplatform.com/ Name: _aUID
Value: 1j1y44wrk36h
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1j1y44wrk36h&KRTB&23446-1j1y44wrk36h
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d9c0b024c36b6932
.smartadserver.com/ Name: pid
Value: 4896838604249424223
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AABOSE7HrIwAACAkRgoSfQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABOSE7HrIwAACAkRgoSfQ
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 11
.pubmatic.com/ Name: pi
Value: 158810:4
.pubmatic.com/ Name: DPSync3
Value: 1676160000%3A221_226_245_235_241_201_197_219_227
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1675008582119
.smilewanted.com/ Name: sw_user_params_infos
Value: WLNuOI2n3im3YGR9aMcyeE7chraggekanLtcuL3FnSC%2FExBD%2BhvjfqQ8E18QZjEzDFBUlzPI4TjCvvwbRj2ElQXh4o3Ft2PV9Tk0Ng8deHYEsRvYYDmtmtQmcXwDbwvlXbomtfiTEW1Tc94yM%2F0v1zw%2B8KHsRjfUaewfTIQ%2BbmvccCh9f600AYUZ9y9IoPEUODehWJO1HFPl80FxPPj142mh6EWygbMsZUTBbAjuVdM7UC9Lwk%2Fujwg2WC8EeNk5rtSvlxQDvRrjSWap50qgA3ZhFM6dVJn9nxJgTigQ4ccF%2BsJY7gU6Yu9wAt42qLN0HMDGMfexESQYknmLmHGMTs6DKWNDmyxmSkD2ObbePLUjUaAIpHowIN9SLUsjAKXl%2F6p11HGK6S1AHPr8f3mX6sE0fVQhF6zMhTZVl8RKkFJujYm3t86GB1UdHU2RZCgjUp%2FlyHb6XvLQFUNxt6qJnO6NyyYhw43TEGG6E3V1fIU%3D

23 Console Messages

Source Level URL
Text
network error URL: https://www.haaretz.com/gql?operationName=GetUserDataForMarketing&variables=%7B%22userId%22%3Anull%2C%22token%22%3Anull%2C%22site%22%3A%22HDC%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22269c166e96ad40e1679cbef55a07b4c1e7121f7071447ab66d3b43d559d8b150%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.haaretz.com/gql?operationName=GetMarketingToolsStats&variables=%7B%22userId%22%3Anull%2C%22cacheKey%22%3A3359%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22e04e225a926ab4f4266e386c18a7926383d28200c4a739e82334bfb4c4850aee%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.haaretz.com/gql
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.haaretz.com/gql
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.haaretz.com/srv/ipAcl?isProxyServer=false&proxyDomain=www.haaretz.com
Message:
Failed to load resource: the server responded with a status of 402 ()
network error URL: https://ms-apps.haaretz.co.il/ms-ip2country/get
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028367/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028361/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028501/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://s1.adform.net/Banners/Elements/Files/2139281/12028468/bvpath_258/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4dcab955c1059465/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWQjghRVVjbaVRWUV%2526gdpr%253D0%2526gdpr_consent%253D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=18973734-A6B5-449A-AF9D-BDF475210222&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7660fbc4986bd6bf08eb03b757070289.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
adx.adform.net
amplify.outbrain.com
ap.lijit.com
aud.pubmatic.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.connectad.io
cdn.firstimpression.io
cdn.jsdelivr.net
cdn.taboola.com
cdn.valuad.cloud
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cp.pushwoosh.com
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fb337f9c6c4939a96fe029945d927fe3.safeframe.googlesyndication.com
flashnetic.com
fonts.googleapis.com
fonts.gstatic.com
gif.haarets.co.il
green.erne.co
gum.criteo.com
haaretz.pushwoosh.com
hb-dot-valuad.appspot.com
hb.adpone.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
img.haarets.co.il
ipac.ctnsnet.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
ms-apps.haaretz.co.il
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.tribalfusion.com
s1.adform.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
services.haaretz.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
tag.escalated.io
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
visitor.fiftyt.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.haaretz.com
x.bidswitch.net
104.109.78.125
104.18.33.19
104.22.69.131
13.224.189.113
13.224.189.57
13.225.78.76
141.226.228.48
141.94.170.77
141.94.171.216
141.95.172.216
142.250.185.226
15.197.193.217
151.101.194.132
151.101.194.217
151.101.2.217
151.101.65.44
151.101.66.217
151.101.66.49
159.65.197.210
162.55.101.208
162.55.120.196
162.55.236.225
172.217.18.6
178.250.2.146
178.250.2.151
178.32.210.226
18.196.150.104
184.86.251.81
185.184.8.90
185.29.134.244
185.64.189.110
185.64.189.112
185.64.189.229
185.64.190.78
185.64.190.79
185.86.137.133
185.86.139.115
185.89.211.132
188.40.221.212
195.5.165.20
198.148.27.140
198.47.127.20
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.42
209.54.182.161
213.155.156.164
213.19.147.44
216.52.2.19
23.35.236.188
23.35.236.201
23.35.237.86
2600:9000:20eb:fe00:18:1fcd:351:7bc1
2602:803:c003:200::41
2606:4700:10::ac43:8ae
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700:20::681a:a19
2606:4700::6812:19ad
2606:4700::6812:272
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2014
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400d:804::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::2001
2a00:1450:400d:80e::2008
2a00:1450:400d:80e::200a
2a00:1450:4025:401::9c
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::714
2a04:4e42::485
2a04:4e42:c00::282
2a05:d018:d29:3602:2bd9:9049:1377:8ebc
3.125.23.95
3.126.56.137
3.223.185.253
34.102.253.54
34.111.129.221
34.111.131.239
34.193.201.64
34.98.64.218
35.186.193.173
35.201.96.126
35.204.74.118
35.214.223.115
37.157.4.28
37.157.5.73
37.157.6.233
37.252.171.149
44.209.105.236
51.38.120.206
52.220.229.2
52.29.44.9
52.45.81.218
54.194.123.13
54.228.83.115
54.236.115.244
54.73.182.221
54.78.253.158
67.220.226.234
69.173.144.138
69.173.144.165
70.42.32.191
72.251.245.179
76.223.111.18
77.243.60.138
8.2.108.175
85.114.159.93
88.198.239.118
98.98.134.242
00151d1bf31e7872bfe8c856ac2730ac1c5a46bb672b4f1cffcc3924ebc216e2
008509b21c5884fb7ce3949d641477168d95c172a3111ed763fe70e0b3ad0f9a
0095214404df62ba26bd04461b0cc9f22f4c173da0624f3d95b46ea166fb654a
037b5bb1bc89b0709a6dd32dbbb1182fdd2fb721ad9d2fe03325e1cdb49b4eb9
038d181945edfb60d26ae33a484c40acf1dee745bdd333be4b3d11364ae6741f
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
046581e2aa5d22f7f8b909b6e4796e99297e8068d10f3c58e95a77b818eac8ca
0519953d01491a97bdca2c1f68267627b706cc85a0d98ece9393aa5714b674bf
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06ce7317a9b4e61983328622df39b324d8297fb70fb08159b1cc13cc850b29ca
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
0703eee29cdf55506fe42bdf901561ba6644d3f5e17498b8caca9bffa6e70cae
0740db05f86aca1ebf4327e87adda339c4a353e69663b9923eafaad3cf7a4730
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
081785acd235aa02a32ce5fc1eaafffea35327fa423aeefe2429bf2a7ab7ae7a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
088de7aafcacb781e7791ca6be69980db693ce9bd15da0dc42e20ec236fddc94
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095583da724d5336d2a1fb96959c013f1bd05dbf3dee3a4c693f0eab60abd4d6
0b0a9b8a6db2edd442ef5d273f1ca9362424cee6fa281f7342f9a40b9c87a65b
0b83f8d8f6a6acb5a63c82ae6cae0d4978a38b235d3ed03f9fb80d559d47947e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdf4384bfc235583257f1fd37d9595b3f2d982830c4d0a78398e1b953c68c6c
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e96fc6cde18785026e25ab81dd356b67ac6ac8076c4b63053e1c5098f4b7ae9
0ef2bb18081e7ee5dd5b5e08bd7c571eea64e1d4431bc8cb4354d826ae8dde80
0ffb7827940c11d0b9699778494d5b2ac8b2259164855f3009d643917b78f621
14a190890f613a93e40b282fab10c8ab27443c8c503f775d53012a6dc0e357b4
14e2f8424788792bc69bb4492f9a1e28ca0b75b2bf6756ae9b8c5c6276cd5bbb
16ab490a35fa7a7e0734dd8b32cb6da557032928cec6d0c18992178ae678ccc1
16ae22c6ae2ff1f86ecfc0f395c6c68c061ee65d42a99996bd51814bd2675119
1736cf9a5f22411f4452f640e50f39070d9349be5ea07693768b9789716cc9e3
17d25c017c8104b21c89d4f09521274ea8921f9d0c65c64f8b2433614ea8e343
17ff1af616ac0bbc0cae2c1163774a4070dec271c6da34776d0b3e86a3d53db6
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18a91fa692c86600e7a854770e29cb7aae71cb966aa8e6740c4dcfd3cf88a42a
1b75c28df6fd8c1153615aa6005c4901339377b0d90e57e865d9c994a6d20901
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1db2c70b1ad93bf50fa01cfc22564dd1b705758b5ac283d4b6cbb900011ded5d
1e3ecf7303c3cb1a86b38cb9a73ce7efdbd75f1806a9a47aec5220e453cdc364
1e71f13efe58770e60feb392a92a1dba394f5c079ff962a731e99b471fad0e20
1e774d7b181f3b3e64e3ec531eb89a2079dbaab197017903fca8779d170ae93e
1f9f839ee033714eb1cce371f64929781303bf4c7830f32a30a8d2ca7474a8c4
2058c1ec6b7af97da5812980f187d26ddb4553aa8f6f801b92b33270bbd1532a
21762a8f5ec49b563037e43632d3d71dcbbb9caa75a5f964f796babad13113ee
2219c76308af1336fa9f8f4e830f48aa338a748d4870733689388168066e8234
23b214a07580d29f7de43418d1b7305f417a2684a9f3c6a6441bb3dc5f30b013
264791bf26603105daf8fb27b1c422c40d7dd3e992054b85da4fa86e75390ac3
2836a92ed5effcbaf0543c232ba75c2f7f3de25e33d182461fc9192b709eadf9
296d593b3a16e48470ed01a3fe076104cdd81adcd7765f44480a4b95d7099175
29c6a64db3a3bb9138bfc613283f2bef86da2d01f8101264db1e05474bfdc090
2a9777e955a2a1bccf75f63008071703762a179abbb238f12cfaa33211fc8dc7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b6606f8d237bc49ca6a2627fe9cecd5c755eaf55c6bca6de4bfc81a73430dd1
2c948750b1052e44e973b0b638a3297999f350b7695d989e84726341e752ed09
2dd54c72240602e1dfc5a6f9bbb66be993ad90e372aa9db60fd5c7cd9bd913f4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2331c054c418f8fd8444fd3c1d71a5b5b9f5715d2b6c8c3dc012fca1de8946
2e6c27b05ea7ae9ec0ade801bbf1d239f1baa9eee748293a7f9ddbbbdf39a6ba
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30cd069c6fcbc1b40ccf3d4cadd7902381251bc45241e9b88ac367f0d4f9a980
314e4c92a985cce875bdda69f818ab7406c015f98cf574ed79eb47e7e0e7c635
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
323aa089a2fb24191e17a1773addd37951d9fd30e42fcf1d52d634b62c4fc570
32e996e076670c9d6006e8e3de2fc5fbe84f308c8480d708a999baa8aaa8062a
3413595f269255459244e8a5ffed42015b376f041f7d8f023fd86b5b1d671eb6
353b4c6b1e2bb1a9a13dca7e5ebc1d9e801d9753f7f0ecb785c4ef646aa2b48c
36466bc6b444d23e14c0eae8f7299aa957391163419d94a35e62fe064bdfca37
36bb2112ddf8381088156cb3d15e317b5ad4e15f7055bea81b21307793c7fe3e
382ebed0fc76b75759c3f5a0139d557bef591ed6603808ed389c69955c5fa452
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
39f2d511476c2f99bfb1a7c9d9975bf49cb1e2127d735627abe34017bd14404f
3a3aae8b2322ba5132df7387b44f8d7ef3188d425df78216d03ff79b8bd3f68f
3b55671127e0f7d1bbff952d7169b0d3a910d0fddfa432a4d2b2188494c87369
3c3089892b561a3d7ec81a649a3b7de97d0193cd2fa30cb5a6bb0d52f36bff03
3ccf0190d0bf0de6293c858256520e9975642203a7a9f3c98fb12070bb88777c
3cf79b9aa07bca3a96720a477c5ec0d5e579f61ce4ee7dd6b6e853145de4b964
3d037e0646f33794cd1912e5f062a0f9d32eeaf28adda87a04ced3dc62c82ce6
3d3cfe539879b3cb1c02a8c36f130e03788533dfe192fe1dcc9601aa42c1e5f2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dcacdbaf381d57286c2cca4bcebcd4a28d7abab1c9aa9f73d7f0aa3c3c3f8e4
3e58ba10a2ab7439a6a8cea221d431ff7ab91cbd74d8e6efc95874e2ca7662e4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebcddf19983fdeceabc565c9354ebc3fb2897b17f17dcc77ce493c95b8b5bb5
3fb4726c80feca01622e51345e7df69b35cb6d7c11e641b4d389c477fa1ff5ed
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401814d771be610e537d3b10238d77a155cdbd415d6a45a9d1b7eea88e9d4b7e
402bf071369c5073816773184311e7a1e1f60f1d9d3b88f56ace6343051d31f3
40bcbfe7da4ee32f29799d9e42f241998bdbbd348be6efa22ca94bc1671a2a05
42eccd8a881bf664945e5f181674e93664b2b721e8a290aaec3d9d5d90fec293
433793553572ce02d64969be889c1bffbba2061aee095867857f204867513942
44db46718503e099f0492650b3549d5a22c7bd442a1e0e694abc2d777e1b74f0
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
467b72001e753ae4346c3ac1613fcada702e7b610e8fb4dacf03bc42d01724fe
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
47d9389b2083e710b360a87521e8c78bc4b04e6a9832961d1b4a13233b2f0d48
48277350fc657c0b7b836aa8e351eebe37c786a48ac7f55c218056e29437831e
4827ede535113f77925e68fb11672f713e98bd4c74fc99499aafe6f5b0da2000
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4958e78cfee88461d58417c872607303100708465368c8788c70bd1425eb2ffb
4969993bc22173c8d1068358dfc49a9df060945c6fb3e12e88574cd62cb3c127
498de38d394ae86bda3a4ceeef50d30ded0be75496dab57900f3e9777b672044
4a444f407687d0724c790d450fe116bd75717dae3c14d2f8d50a522af0e3e27f
4b04715a0857c2ee6ec77c26c0b8fb7e1a7819dfa1a4782b08ce0ad22836ac87
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b68ab3847feda7d6c62c1fbcbeebfa35eab7351ed5e78f4ddadea5df64b8015
4d788047eff085a710d2fb7ad2e1a0f20701159b9731cb65d3f3d0f76514766d
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb03420e2ea8581228aa369542994c5caf65569ad09caff7d8f0b3275c349b2
4fd33a95b593471c14ee77e46f66e76fdd70ecc7d80b55469801f5e06eba55e3
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
503b2b746796a8f9b3e5fba8f596f60395b4995e565c25fc35f02d2671007226
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
51557a625fd6ce2c5038230fb4ad03000ab338caf2fcdd4eaed768182a80adbe
520144f6592efeb0f262a9431d74709c87225cf8a63c35fabb005038f9e1db8c
52fe57520f8757a648fbe137454179ec94a6c731a811dad7354db7f5ea79daba
53015c0b2ba3b114c1ff1ef4c67e65bec34d2aacb9e0fc1b1dbef09e25d23b41
539b252edbc61e48a231ab4d79fb2e8a4e096d42aae1f81edbd0cff0d1877a96
54418cc58b1030864f88b11db00de1feb6a9a1698bec6b12d7cbae45d64b12f8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ccddde8057fc88cf47155ec91b8f59cd28569386c6df944dcb72fe6755af9e
54e6719e924a0ceac3582e94ddbe1e4efd576064e5f8b37197a74f32aa2cdd79
55343b11afe63b57179e3c424e6abc22fa3c39d40f24c909b7063c5bc60005a6
5584f66cc879608f3001274a34502f6664b9e45743e862eadfaccf9149095264
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56049aded0493967de6621a0bb756e4e3af61f1c26785baec028b6c215fb01f8
5605688c45f66162b8214898b46b49c92d193feff3c73fdb813e9b68b9ecb8a1
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
567bebbad5bdbb364c9d40c3b49be65c69f617923b61519988b70db389dd590e
5822856bfc377007be189ca56e241e943c01de94c6b0a5e879f3897ce5f91d0a
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
58e8f040b5696c3ed0586cc5772f2c7276aadd79c143977220c72a69b6c0661b
592a91d6dc754fed8e3c6a924d15635a5b5231d08e13366f2b0e4210a787d533
594004dc5d6291c70e8914ce964da794000434722f2e0fee15a4883d427908f7
59419c973ee1031873ab8c7c9ee0e161cf5855b5c9ee52832046b9b08e4a395f
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59764efce632d23b130fc53bf982a8518727a34061c080acc238e4866a74e09c
597ddec386b4e2925fc5b06dd76f07cbb2cf4e983bb4edeb07412325849b9dfe
5b8df9ca9d91dbde345c3da756f87adf40404e4cdbf74d436f09b37231a08274
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f9fc03eee3d731cd12ddaffd694c2853bb19e5e4d31a57849908799410a2fac
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63647029f38149510989825af7eb63d3d70755f3b7bab7ee95375b5642fdd6a1
63ddfe9857bc0ec530bacfa978ae4de5921d7a416b1da508a8bed10634bb65d1
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
659ed1fb5734c46a41f27ede459a330ccff5563eaca788d203dc47a5dc0a230a
65d5f5f01d3b21937c8a55e943d710ff72b31c5067746f8f38472ed497a1b8a7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
665164b9794d2aad4341a1c231360f7929ed7ba815a2f121e418013eb1a66c1a
6671359bbee379a6edbb81f32c94848c5118b026c60f17c55dd098e4067089df
6671fdfc8aef6721b3f54c1f33c43407702c44bb86a956fe90a7d6f721f49717
66953ec36df0521f570c15ba683310ed68e95ddb31f41b9db9e4108e2db29423
67152f0ad992734cf950c784ad38cc5a194b5ac1c00535bdc2455eb88c97257f
67eaf092de726f1e46bbb4d84ba50213e5311ca594794e54a46b2332dcd853a6
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6a8040dcbd111e4405488f4b9e0ebbf0ed81f2b08ba396dde3d87d752b048faa
6aca2515cbcb865986cf0680580e7a5f518c60e465ca6646539373f560cf712b
6b778b76b758b15fe9526af45a8e4e9ba5ceb9f5e1ea014fd3e81bff2bcfd310
6ca2dde1fcb8c3401403369e7446b87dfd49973cf9cc51c95a59b8782ffc0ebf
6cb929b074d47c1d6de8c8ee5127e9cb4cfbe7105fed60d45a5da5493c1f86ac
6da2c6ea32dbc977b7830da2667c725081f75c6b5cbd0609bc1b8c6e53676f9d
6f33a9620d151c515ad37a65234fdb9a873ae64cd5ce5af3da7e76fcd7fb4f7a
6f3cf845911c0c548ba03b1261808a08a72fff50a6a2a90e4d8d3521b8ad0de9
6fa67796966c55bd4de359a0a89b90c3e3c86f298e49fa3cf15aee888c6e2c9b
71a9a18095bc4d0e0c8ef02f2faf4649acde4f334956419552d5bc4654e7fc85
7200ceeef48e41961e87281a19a3aa4667e2bf74b6928b52a55fd788381e8415
720e6734738fea7b4b79adcbc3695c65900bb641beaddb782e3b6b34968a7af7
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7376c9b56d8150a76bee96b622ac6c4ede01f90bdf2c60a9fac3a5bec4bb085d
74a1f35a931af03708ac10eedf2c74513867abb28dc27defccdd4e0fea06f13a
74ce96eea103fa5f7f38b331108b622fe3c0c7dc3ca2fd8f72d2f75e33bff139
75772ac766fd99ebb9e7dec5f00f32a87dbfd7fbd1111e2db15a0fc4a1c5a535
77ae7e1e425fa36f3561502285ba40116aec221ab2a4af14c476571164770ecd
7806ea178c4d060f7138b1a15893195a66366a07d5f5e99c63f0348a603a6796
79c5d3d389bb7efd29e12929d46c64ab9aaf62beb2a34c8d41127b927f105806
79e66558ee620ce57bc0a6be17a96c32074065e763b49f0be5551799623943a4
7b1d77153cd55fc5b3085fabd7b5b468ea6294bfdde84821afcabbc274ffd549
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d2f98ec838cdcbb6533da0d76ad9cc895cfb1dd6aa60b21fed047c0dd59f73f
7d77f0e883358f5a38d42447f1db3b237aa6391792816e063778a88c3f1442d1
7e0da3fff3f26b75963fd2fe80f37d72133d818e200da55c54c8f9b9ba026b53
7e48a999f03dce64c087166073f303222e6646335b043dcc34c1ce9d165f215f
7f3281b843c2c8663dd7ccd37c3f9dd65ccaa4df32e5f3e2c7966c9c5d664dc2
800b975a2144a356184893b1d9a7892c2822b516c7c6846bf0bf1f836c27bf68
83251299e657876f1b4b03ad1c58fec5342ab06c161c56cb0942dfad21d4185b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836d1cae5524a9fafe5e4126ddde116c865befe777f0ceed256da8ea35a96092
83b4884036ca04ffe2c2b252cc827d2d390fe7d2c5790f91901ebd20208f358b
844b93a0c92a05e0521b21770c1debc376958fef2b95d43a1eb687158ecb9855
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f184c1361efafaee0fa748e06b44818472b20f1e0d25178d828447e0d8e5c0
855d8a40709f57c93feb15e9e8f7932c445b7706609f6c4a7ad1c40acef0d02e
85a71d3c5d986562e96c26dff6859b3396daa46a0489c9979074bc9a0b430953
85baca5ed0e2a067dfe4e7301ef0de01e95298c24d60a2aae47e16eddf372aee
88fb1b7a4b5c9d91716a08ccdafe3089dec34289bb1d2b164737713189cea9cb
891d829143ced903b04b238c2ade216efa7ecfe42bdc33d5f3d5691b8aa8d68d
8cd8c979688a61701eda1ef4c62c597196b3e0a67ef5bb4bdf1e4484286c3634
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8d7002e111026c5ef6afd0c781242353364f3a8b89af35808d0613dd8fd4baf5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df354d5ef5aeaa49de11cdbcd5346d1f6aaee3d13aba915d76963f74d4c663e
8eb37484327ac3fc11e966a3358118042cafb3d3ed230be058997fb6de4c063b
8ee97e3b592a0b69d6c48ed31730dccdc00df4e68663497d70730b0a779cee17
8f52bb7e5e73cfdff4fd51e8c0f46730efd64a3b6e911acf17b5fc045648d744
8f71d9b04965b8276911ffa4edb5af5fe0bd3e16c4d69d61257f8e357d8a6a0b
90aa5bb4c0ac4bc4ded773fdda3c7af4ffd6222824ccd42c61858b517b84333e
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
91378051f81ed779457648ffd7ebb7eb7a3986bd2189f630d70073692262378a
91681d244985c90fd357e2773fde599ca5ca061435212d1868e80817db9fe867
9241d11c643bd4b3a39008e3e7b28635f89e79bb48cccce0dbfb20d8bedd9eb9
9291293555e471ac82e373cebc9e8575893004f15c77a7a3615f11f33a2aa033
929d52c7ede7bb3549499b2090de49f21ea2b610ff5dcecd7666ee105515758b
9316806b7c7062415652f1be58f7af977a200eef1146807f27b1c4171d7e7680
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
94a4976f6f6777b423316d4baa0a2d635d59e3241c1ca3ec8a97b500f3801d24
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96e1cf15d15f8dd0c510ef86c42529a948c01de9b7265530d3ca8d7f2a3726ad
98671692165a1d886bbcdbb30b6dc63449e2ac2a3733d2ae0e4e11c17d2ba77b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993dd634dfeba7daf9f746f414d6afbbd0ef45f1718b0d68174c3afb539372c2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99dbc3df10969f59b93f56189db173677528aa2916f51261c03324086c0c46c6
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9e0467522f4569e44c81cd06aaf43de464d8e8c82519c5c4a86f596fdec6f1c1
9e75413a117334abe05e20c2252839eda3bcca78731578df160248d2e5724add
9e96bb43ae87ad1899961559986e416eaa68d54a7e2f856f075f15f5b84659d6
9ed91b58ff3a133681af553834e2e4b5625747c6b0fe6011fcff87ac45c52ac5
a0bf73206e0baa6596bfb20b31596ca7bbc7e45eec0d156ead6114c58c69fd74
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a0e88bdb00fa5040f103e67411b1e74d851dffb96863f63aab44cfe095da3d0f
a1aae8899c34165a347ac1534359bed60f6910e56374c1c1bf435a02da3a74da
a2311abf896ef61c620270ae75e78a9e653ac8ae5721fbd06f93aa989a7a1077
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2a393fd224ee98d5b4bce5f71e8768a70ad0fd66de718023024fcb4d1763977
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b8830cc5fdd2c3130d5f7bb83022c2fa37b2025eaaf3ad2f22ea5daa12b708
a5df1cf1ffad7076b1f677a5d703eb4aea370c7272de245aed1a7c27554186b4
a7ab1c724b890130c4b5cdbed316cc2d14960ac7c350e59edb2dd1e26f8d38d8
a973a6a91cc085714f1d4c778543c2d9fc6393b7c73ae953e3eaa5d5a61f32cb
ac42b68f2f836f21d76b3de7f8c2af5ebeb5b86b405ac4d1c2313f7bdbe587ab
ac7165704b2c284a66b5b933df6533b3637c15bd8813d9a476d172946be7d319
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acf74a1a720d11cf904cb6916a2b869955080ceb9e5e8ffc8adaf9b34b991379
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
add3e5b7677d241670e1a5b02427d2484d9047b84c1153a217fbd0209fa52e23
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa10a7a9628c24645776e5d7273bc2dcbc73716ec7484a72dbe66e0f2b1c926
b0b4fae0df205c1398f239a1be189375414ecabd3e7a8efd6cb31aee53adc563
b18a1b380949bcb3167ac8e9023fa146b000aaeef1a3e7d0e473c0eb26130f99
b1e16a224e5aeacd1181de4effeeec8cfd845c56229d54b4379d3655dbb0be13
b21ddd56394009bf4d874492e2408b0926f0e0f1f16f2a0ab05b143c6c315114
b2dc31f1e80b8928aa3f0b9d6b9eb8879d2db72a2f17ab0ed324a275e6e830a2
b38c1898a8b6732b765198d54847081f23b734a5f173cab26a78f556ff9d54d5
b6d496d50fc1faa25d2cf3bf6dd490ec927de01b55761233a10c5b2af8b4d6e5
b932c4db6bf2b4ab97e13688e92c00f59532249e26ba191bf03c652d01895209
ba2c514831ef4d774b5f5c52e743680637fcaf81c7b04de8f3f409b2b9573c29
baac2048d8dd38f892e75666b09b83707092fbdc547d541d9d11df75f68de0f3
baafeacd76400ebae26216f5074d4550323b3a87ef0b2b6082940f6d3f384337
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd39d870bd99043818bad9e53f9e200ead2f992f72572e0d484d4ca6241d0982
bd6ea37bd63450cce4c3edfa2fa52647dc1b70be06e13a2e3966cdc4c14ca3f6
bdb028bfc51f5570f4c347678d72e055c1d2196e86873b2b758f2707cf7f4039
bdb6a56f2f20a27721a05680c24b16c361358ab4274962c4bba5cfb4a9573c6a
be65266f8d8b8254d35602c6c1d43e808be9bd34367fd9c674114969aa8ab4b2
be714930fa0e377702a0be9afada4d507367133db4387edcd0f798f9df0e7812
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c0a1d4f175ecab8ed51ab16cb06cd3293585d91621aa9e209481cdda85872dcb
c1f763e19118639bebb91db54b083db53ef7d5a2f0e29c0ed9fe84fab97e1a91
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c249ca73a563f761bc0f33de072584a2612e8b9200bc9cdd9b185e211919e4a5
c269335f1602d5504755d74d7616be558341f8b9c39cbda45d2d61d46d035fd3
c2fad48c645f409b0d0580287a8267d26203507cd46ff3fa6acdaa982bf9cf52
c32585fd7f24d1440263dcc4016078f2d0caf51b499531d05e76d4c1fdb07cda
c36014cc07a8f23df7a496f1d84fbc8efc9e4a6115d61e8dfbc281873611afb5
c3d682a2ff274232e98f1e973f7697298a843b0e11e81f61aa9e7f7e9403e067
c4bfefd063e4e59430170035e922af641811fda733fc0d2778768406244e0b68
c4c72d52f956b04115d6b66500e9d26095a6f304a79d36e9790d3eff4df2c21c
c5ba71a14d3f2ac9ad80242a30ceda532b507c13dc42013438a3eb89c12f7448
c6688ef1b03b2edabdb0ab2859e1f4301a0ec1ae14412defab7a3de78cbe5e07
c6f6cd0f46fd8d24b7df03525750e9641746a3bbbab1705f3d17d391b445861a
c7ec5fbe054766e384ec44f8f124f1389f2ff031bb3558f244ddc4564f8f118d
c88f56245527d2cf5538b3d0bd0407d14d854e9ff615a6ee56f4ee10cf69a0c4
c915dfdcb63824d901872c899663a0f8c85b3805fd37ffd291b2df54d7416064
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca81297ba1f3d04013307677de9785ec25333c2b94605b0e0c718717f11ee3c7
caa3fa07bccaf288f0ad3d50afd8969023f3d02936422166ba3dbc9db62cc48a
caa8abeec17287c834f0081a7f9b85051a2bb7e886edc0b735099e6761d348e6
cbbfa4fcda4d76802e3e5e6a55d414937a8eb2ef6d3ac77699dd8fa9b27b3ed9
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
ce6052b7b719b64f6e3c538ab2d3161322b529ca9ef2bf1ef67995af08a64814
ce7c6e0e91231b98526eff3ed05b66e38f60c1a9730da2d903b2e0b312d2dc91
cf15e0c8bd8cf997ed306a739dcd3a5eb0414da439b28ec32aeb9f5884831461
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4c44aeeccd526d4c9fca6338b11b90d04245aa66509426934b5ebe5c881fc5
cf9986dc3d170cbc26f80130277d4e368fb52d4f64f987218b28133aee5e29e6
cff0a5c650eb0ad391da841a1dd3f01a483a6519412610cb616dcf11acd7ac34
d47d2a513e5f4f7cbf6787565043f17d7bdc4a19423208d1b5c3cde1018a20cb
d685c5ff4e272731073c5ba6cd26456f7e73fcf8c8f5c86ab22c4051561615b5
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d755d069841a5f5767edd909210c5bfe47b72e0c988caef65d528d02a8672b28
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8fe08f3bdfb32875597546506834d3c8602c30245fe8c0b1064bb1ee90dde1c
d95ad97a5486af1a83c7221ebef0ea8d2282b5054ca706b1aa8eded52a47249c
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da277f533270b7b16d1952dcf6a0d9ce6ebec2d52cf5ab2c0bfdc23f70d28586
daaa445966a86d28f91ac9f9df054170438084ec500d91b15d58d97e410804bf
daf842fc24f3934560a1f8338e8e4efcbc7ec7e4393a3360cad7c0bdd43e2aad
db80de8512792118b546a0d7283278522a340bb0250f20a9a66b28e158da48d5
dc261de27eb3b381cad660a1eda75490cac1bb9a6ebc6c9bfb30c0ca40a9d8aa
dd053f5201426e55578e93b7d5cd6cdd3cc8443409a231558a10d26b212adc2d
de8293d9cac26daca349744f1695e7b1a393452fa690e111df85113c2e515815
de878ac09635910d6fdc776b259330509502e11a42aee1881a73a59d491e0000
df3744801e0adb62117f4cae2cb2c93402b601038a6fe7b4e8e71902ec689c93
df4a5e202cf1510bb075ff30cd3cbc35177f287a9f65e398e0779bdd5466d3a1
df6fe8fc1cef6ed4f06c418890c7615a1afd328e69cb32e286380290bc59d14f
dfa3dfe9e908a77b0602f7df010209017933d94d6e06cd43de474193b710ce79
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e1f12c0cbd4cb0cc378bc489771667d76b86c64e57617b25aa367276fc1927a1
e2e8d82dfedb261a59472b2d87ab4c234f791e41e246027cfa61452e1d20aa2a
e3b0a8260a2ef2f7cfa8c810ca24d35113047e1da563a91ba526a768e325e441
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b760bd6ef3a2fadd5d47ad2e70e3f9cd055d7e7b4b3c59157fdba99c23d3ee
e4210bc403f6050aeb0467ee483b825d80d5e28059b8082937b2eb798a3a4964
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e5b9d769a144e100fdcd8d49566a6f7902516c22df8abd30ff02c1f10209ea38
e74b1a4cc4923f1c2c5a303b6f93b5c6be7b441e649813246a7627271c57663d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e94afaa2ecaf1172390abdcd87070841c5dcbf2f7e3b0679a60e4723693e354a
ea9f85118857e49b3b8bcfe9eae04adede89bc408690e7adb55f1a81d4033f41
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eba269880434e80a1164042d7a55ca40806712656922d91038a1f512572f49f7
ec00a35bf6c16bffa32bbccc9f9d8f2dbe6b625fa9360a519887484d7b17b9b6
ed0db47adf896fd074b37ccb5defc17451cc97580a26d4932a9458a6c848ba3b
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ed97401c3fa69de68eb7ab7b5d9730ff9850d7cafed633c6bf273ac444d2cc95
edb58520bede4ba2b6b266b107a876e86028251122cf4c8b5dfc24663221fbf0
edc408e5037384f6bb5b90eefa6906cc63728a4a4fdfbf7eef4e01a5ffe6334f
eedf770a802141ae42f3d73fa851f13206702de51c6f4ead5a58ff4f301adc9d
eee6f02d8e6f6ff417e343cdc5705843bcfc33d3ad6b4224d8fd0af3f4965e35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f07ad22f47758cc44eb217130f9db0aaebb6a48fa3805cf09854abd0f3e8115e
f19b0612dabdbe5083fc614c848604e0ea2e162bba06993eaa7637bfc2bd8c19
f1db95f0873d2b44078886c68c04cd2a1737b4249a5ad003eae6d1f0e166ae10
f1eac78cf74cfcddb5957f18a2d8f04c183831ad3b142fe76e1448cd95dd41b0
f268066d2d542febc25f1808ad0eb075b35c1be30f8584130fcc88d45f210725
f2b6fa55d1f88fcff32787d43b32bddc267559ef07c4b7d70bb0527932b72266
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7db04943eb06e9ddcb12b6379458e70e247a894645e433cb037ca2d6636ec99
f8a9216dce52da33787336e04428b88ca38072d82a71855eceebf964faa8ce48
f997a5991999ceaa06b3f5f69ea42b5e16341099fc2c1196e8613a7a9f607656
fa1e8b3eab983c79faec4ecf6cb1a4af4dc5a9230cb3b3d1ec9e7eb3c8438a49
fa4a20c3e38e5309d73c919d11d396fd6eb9343a04f4e6f674e6c469cf3aa13e
fd3dbb5a0b3c8289201a8728b5ed3cfb9b513354715d317361f66ef8d07d82a6
fd4be3e5587207c62ac45765bb974a95d3da3694685d10b5b49d04c489215cc4
fd71b2685b6b0557e6d16049fbfc15f53843466880bcfd50bc4099b9a9a0cd3f
fefded2f7cc1ce2fe88de97ea917c6e0bfd197c145a06ec9e0f9b94b2326969f
ff64ba2858a0417c38105c5b19e1fea15ac1a2783aba4950c1b8fa616295f348