www.news1.co.il Open in urlscan Pro
2606:4700:20::681a:1a5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.news1.co.il/Archive/001-D-412793-00.html
Submission: On February 14 via manual (February 14th 2020, 9:35:48 pm UTC) from IL

Summary HTTP 315 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 39 domains to perform 315 HTTP transactions. The main IP is 2606:4700:20::681a:1a5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.news1.co.il.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 8th 2019. Valid for: a year.

This is the only time www.news1.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
122	2606:4700:20:... 2606:4700:20::681a:1a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0a	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
6	185.220.204.204 185.220.204.204	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
2 32	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY)
39	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
7	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST)
1 3	104.124.133.20 104.124.133.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.33.73 2.19.33.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::681b:a790	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	151.139.236.239 151.139.236.239	33438 (HIGHWINDS2) (HIGHWINDS2)
9	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
4	34.246.76.49 34.246.76.49	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3 3	18.196.130.47 18.196.130.47	16509 (AMAZON-02) (AMAZON-02)
2 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
2	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	185.29.133.208 185.29.133.208	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	74.214.194.140 74.214.194.140	59940 (PULSEPOIN...) (PULSEPOINT-EU)
3 3	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5 5	185.33.223.200 185.33.223.200	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
4 4	52.212.184.249 52.212.184.249	16509 (AMAZON-02) (AMAZON-02)
2 2	100.20.21.65 100.20.21.65	16509 (AMAZON-02) (AMAZON-02)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
5 5	52.59.81.212 52.59.81.212	16509 (AMAZON-02) (AMAZON-02)
1 1	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
1 1	52.4.85.154 52.4.85.154	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2 3	35.187.125.245 35.187.125.245	15169 (GOOGLE) (GOOGLE)
1 1	147.75.102.200 147.75.102.200	54825 (PACKET) (PACKET)
1	195.181.175.48 195.181.175.48	60068 (CDN77) (CDN77)
1 2	34.252.210.122 34.252.210.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1 2	18.202.191.48 18.202.191.48	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
315	34

122 2606:4700:20::681a:1a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.news1.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banners.news1.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

jeeng-api-prod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

sdk.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, GB)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 151.101.14.2 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (London, United Kingdom)

ASN15133 (EDGECAST, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.124.133.20 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-124-133-20.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.33.73 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-33-73.deploy.static.akamaitechnologies.com

widget.walla.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681b:a790 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.enable.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.236.239 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

akamai.advsnx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.76.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-76-49.eu-west-1.compute.amazonaws.com

lb.advsnx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.artipbox.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.130.47 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-130-47.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.zorosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.113.136.100 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.208 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.140 (Amsterdam, Netherlands) 2 redirects

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.30 (Poland) 3 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.223.200 (Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 308.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.184.249 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-184-249.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.20.21.65 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-21-65.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.59.81.212 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-81-212.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Mountain View, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.85.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-85-154.compute-1.amazonaws.com

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.187.125.245 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 245.125.187.35.bc.googleusercontent.com

go.flx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.200 (Central, Hong Kong) 1 redirects

ASN54825 (PACKET, US)

loadr.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.48 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-48.datapacket.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.210.122 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-210-122.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.191.48 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-191-48.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	news1.co.il www.news1.co.il banners.news1.co.il	1 MB
39	twimg.com pbs.twimg.com cdn.syndication.twimg.com abs.twimg.com ton.twimg.com	347 KB
36	taboola.com 4 redirects cdn.taboola.com trc.taboola.com match.taboola.com cds.taboola.com images.taboola.com	191 KB
30	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	1 MB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	734 B
10	advsnx.net akamai.advsnx.net lb.advsnx.net log.advsnx.net Failed	290 KB
9	googletagservices.com www.googletagservices.com	246 KB
9	google.com adservice.google.com	2 KB
9	google.de adservice.google.de	2 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	108 KB
6	sekindo.com live.sekindo.com	45 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	adnxs.com 5 redirects ib.adnxs.com	4 KB
5	google-analytics.com www.google-analytics.com ssl.google-analytics.com	42 KB
5	crwdcntrl.net 2 redirects tags.crwdcntrl.net sync.crwdcntrl.net bcp.crwdcntrl.net	13 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
3	flx1.com 2 redirects go.flx1.com	1 KB
3	creativecdn.com 3 redirects creativecdn.com ams.creativecdn.com	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	mfadsrvr.com 3 redirects rtb.mfadsrvr.com	2 KB
3	facebook.com 2 redirects www.facebook.com	913 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	facebook.net connect.facebook.net	90 KB
2	gstatic.com fonts.gstatic.com	15 KB
2	exelator.com 1 redirects loadr.exelator.com load77.exelator.com	661 B
2	bttrack.com bttrack.com	760 B
2	storygize.net 2 redirects www.storygize.net	860 B
2	contextweb.com 2 redirects bh.contextweb.com	841 B
2	powerlinks.com 2 redirects px.powerlinks.com	804 B
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	zorosrv.com match.zorosrv.com	345 B
1	googleapis.com fonts.googleapis.com	558 B
1	artipbox.net lb.artipbox.net
1	smadex.com 1 redirects cm.smadex.com	568 B
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk	265 B
1	enable.co.il cdn.enable.co.il	95 KB
1	walla.co.il widget.walla.co.il
1	jeeng.com sdk.jeeng.com	128 KB
1	azureedge.net jeeng-api-prod.azureedge.net	2 KB
315	39

	Domain	Requested by
89	www.news1.co.il	www.news1.co.il banners.news1.co.il connect.facebook.net www.googletagservices.com
33	banners.news1.co.il	www.news1.co.il banners.news1.co.il
31	pbs.twimg.com	www.news1.co.il
24	trc.taboola.com	2 redirects cdn.taboola.com www.news1.co.il
24	pagead2.googlesyndication.com	banners.news1.co.il pagead2.googlesyndication.com akamai.advsnx.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com
9	www.googletagservices.com	pagead2.googlesyndication.com
9	adservice.google.com	pagead2.googlesyndication.com
9	adservice.google.de	pagead2.googlesyndication.com
7	akamai.advsnx.net	www.news1.co.il akamai.advsnx.net
7	platform.twitter.com	www.news1.co.il platform.twitter.com
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
6	live.sekindo.com	www.news1.co.il live.sekindo.com
5	abs.twimg.com	www.news1.co.il
5	x.bidswitch.net	5 redirects
5	ib.adnxs.com	5 redirects
4	images.taboola.com	www.news1.co.il
4	match.adsrvr.org	4 redirects
4	cdn.taboola.com	www.news1.co.il cdn.taboola.com pagead2.googlesyndication.com
3	go.flx1.com	2 redirects www.news1.co.il
3	cm.g.doubleclick.net	3 redirects
3	sync.mathtag.com	3 redirects
3	rtb.mfadsrvr.com	3 redirects
3	lb.advsnx.net	akamai.advsnx.net www.news1.co.il
3	www.facebook.com	2 redirects connect.facebook.net
3	ssl.google-analytics.com	www.news1.co.il
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com www.news1.co.il
3	connect.facebook.net	www.news1.co.il connect.facebook.net akamai.advsnx.net
2	fonts.gstatic.com	www.news1.co.il
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	ton.twimg.com	platform.twitter.com
2	sync.crwdcntrl.net	1 redirects
2	cds.taboola.com	www.news1.co.il
2	bttrack.com	www.news1.co.il
2	www.storygize.net	2 redirects
2	creativecdn.com	2 redirects
2	bh.contextweb.com	2 redirects
2	px.powerlinks.com	2 redirects
2	pixel.rubiconproject.com	www.news1.co.il
2	match.zorosrv.com	www.news1.co.il
2	match.taboola.com	2 redirects
2	syndication.twitter.com	1 redirects www.news1.co.il
2	www.google-analytics.com	www.news1.co.il akamai.advsnx.net
1	fonts.googleapis.com	live.sekindo.com
1	load77.exelator.com	www.news1.co.il
1	loadr.exelator.com	1 redirects
1	lb.artipbox.net	akamai.advsnx.net
1	cm.smadex.com	1 redirects
1	u.ipw.metadsp.co.uk	1 redirects
1	ams.creativecdn.com	1 redirects
1	cdn.syndication.twimg.com	platform.twitter.com
1	cdn.enable.co.il	www.news1.co.il
1	widget.walla.co.il	www.news1.co.il
1	tags.crwdcntrl.net	live.sekindo.com
1	sdk.jeeng.com	www.news1.co.il
1	jeeng-api-prod.azureedge.net	www.news1.co.il
0	log.advsnx.net Failed	akamai.advsnx.net
315	57

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.fly.tooty.co.il
m.news1.co.il
popup.taboola.com
www.facebook.com
www.bpatent.co.il
dudisharon.co.il
www.nowtv.co.il
vegansontop.co.il
aviblit.co.il
bpatent.co.il
news.walla.co.il
vod.walla.co.il
sports.walla.co.il
www.enable.co.il

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-08` - `2020-10-09`	a year	crt.sh
*.azureedge.net Microsoft IT TLS CA 5	`2019-01-24` - `2021-01-24`	2 years	crt.sh
laplayahostel.com Let's Encrypt Authority X3	`2019-12-24` - `2020-03-23`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2019-05-23` - `2020-06-18`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-14` - `2020-07-25`	5 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2019-03-15` - `2021-04-07`	2 years	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.walla.co.il GeoTrust RSA CA 2018	`2019-06-25` - `2020-08-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.advsnx.net GeoTrust RSA CA 2018	`2020-02-03` - `2022-02-02`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-21` - `2020-11-12`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.taboola.com DigiCert ECC Secure Server CA	`2019-09-03` - `2020-09-10`	a year	crt.sh
*.artipbox.net GeoTrust RSA CA 2018	`2019-05-06` - `2021-05-05`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.flx1.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-19` - `2020-07-05`	a year	crt.sh
1605158521.rsc.cdn77.org Let's Encrypt Authority X3	`2020-01-21` - `2020-04-20`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh

This page contains 46 frames:

Primary Page: https://www.news1.co.il/Archive/001-D-412793-00.html
Frame ID: 14A0235416571E39F0C659DA54EA75B8
Requests: 115 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
Frame ID: 63A1BFD7DC7A82295B2AD5120AD7D185
Requests: 9 HTTP requests in this frame

Frame: https://www.news1.co.il/CalenderNew.aspx
Frame ID: 1AEACFA691B2280C4DF049E3948E43A5
Requests: 1 HTTP requests in this frame

Frame: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Frame ID: 9658224057A8EFE1452599C6FEAF985A
Requests: 22 HTTP requests in this frame

Frame: https://www.news1.co.il/doStats.aspx?popUp=true&PageName=showarticles.aspx
Frame ID: 62FAB4DC6F4000B9328D3F6ECE8D618C
Requests: 1 HTTP requests in this frame

Frame: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
Frame ID: 7E25AD0A11599ADEED4020111159AE5D
Requests: 4 HTTP requests in this frame

Frame: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
Frame ID: 2FEE35DE9B24C987AD8F52093422F2AC
Requests: 4 HTTP requests in this frame

Frame: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Frame ID: 8961F6544A8523C4E75A93C5241F2AB3
Requests: 7 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
Frame ID: 69EB634B5769E68A8D6BFB6D878E79E1
Requests: 12 HTTP requests in this frame

Frame: https://widget.walla.co.il/news12
Frame ID: 1D7448C6E6E9A75758688C313CC71EBA
Requests: 1 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
Frame ID: 4AF34077CAB9BF59ED7B7555CA7301C4
Requests: 4 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
Frame ID: 09A85F3F93217713483243F50FD8F6F0
Requests: 9 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
Frame ID: C748B97CFEB7745B77B60647A05E9E12
Requests: 9 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
Frame ID: 9CE758A724706B4640E7029413A98E1D
Requests: 5 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
Frame ID: 3BE1D0D5CE03EF8114931E481A9B8C0F
Requests: 12 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
Frame ID: 3181C65FEADAE558BD6224B33BC6EB3B
Requests: 9 HTTP requests in this frame

Frame: https://www.news1.co.il/CountSpecialBoxes.aspx?CountType=1
Frame ID: AA978F39F9DA71A84B0DFE7D41D363F8
Requests: 1 HTTP requests in this frame

Frame: https://www.news1.co.il/CountSpecialBoxes.aspx?CountType=29
Frame ID: 28F4E1EFABBB45155CA7857F7FA74A31
Requests: 1 HTTP requests in this frame

Frame: https://www.news1.co.il/CountSpecialBoxes.aspx?CountType=18
Frame ID: FB78AD195AFF4A1673C61C217D3CDA7B
Requests: 1 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
Frame ID: 791ABDDEA4DAC4479666DDBEABC8094E
Requests: 4 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
Frame ID: 5E951B277D98F4E6DED1B17C81CD5A97
Requests: 9 HTTP requests in this frame

Frame: https://www.news1.co.il/countPage.aspx?docid=412793&subjectid=1&TransID=0&ShowAll=
Frame ID: 84BB878A5F6FA751B2619E9ED9202955
Requests: 1 HTTP requests in this frame

Frame: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
Frame ID: 5274DB303272C3C0222A4EE40C7CB549
Requests: 12 HTTP requests in this frame

Frame: https://www.news1.co.il/ShowPopUnderBanner.aspx
Frame ID: DA0EBC6B96DF0DF8EEC77133A9A83D43
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492
Frame ID: D4286E84BF9ADFCE652AFD348D0C79E2
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.news1.co.il
Frame ID: 9DBB49F97DE837B7A44CA497F7C99AE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Frame ID: F2B55F6887A04F3BC6DA5C17926AE65E
Requests: 1 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d
Frame ID: EB644C0980D8139F9CA79D0F937DA4B0
Requests: 14 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d
Frame ID: A4B443D219AA513BDFD15D0E5B934384
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=600&slotname=1117496756&adk=265532217&adf=4145692389&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130482&bpp=96&bdt=395&fdt=523&idt=523&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=2229905711635&frm=24&ife=1&pv=2&ga_vid=1297653395.1581716131&ga_sid=1581716131&ga_hid=1116911875&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1641253526&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=208312370632048&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.5wbfz82vxgfl&fsb=1&dtd=542
Frame ID: 0D8808E1760B1EEBAEA69497D38ABA55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=140&slotname=1200162356&adk=2449704&adf=370430575&w=234&psa=0&guci=1.2.0.0.2.2.0.0&format=234x140&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130924&bpp=8&bdt=709&fdt=256&idt=256&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=4167347345831&frm=24&ife=1&pv=2&ga_vid=1989145169.1581716131&ga_sid=1581716131&ga_hid=1168023371&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=234&ish=140&ifk=3148986560&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C21065539&oid=3&pvsid=1857196533257167&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C234%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.q89ly733ppod&fsb=1&dtd=264
Frame ID: 0CB89A7807CD8C4B5218CAE4B364A07E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=400&slotname=5630361953&adk=894626007&adf=370430568&w=240&psa=0&guci=1.2.0.0.2.2.0.0&format=240x400&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130952&bpp=5&bdt=729&fdt=284&idt=285&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=3366301063385&frm=24&ife=1&pv=2&ga_vid=1970471462.1581716131&ga_sid=1581716131&ga_hid=1910759472&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=240&ish=400&ifk=2350280920&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1636408994714153&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.s3rhx0wqj9ek&fsb=1&dtd=291
Frame ID: 3F637671808FA8D305AAC0FE439E3017
Requests: 1 HTTP requests in this frame

Frame: https://lb.artipbox.net/adServer/Service.svc/sync?uuids=b1gxUzhkTHRsRUdpYW00cVhkanNFZHk0RDRWTGl3MHFXZS9nWUcwU0FaRVMzRTZjZjcwNzlEOWIySGMwZ2FrTyxvWDFTOGRMdGxFR2lhbTRxWGRqc0VkeTRENFZMaXcwcVdlL2dZRzBTQVpFUzNFNmNmNzA3OUQ5YjJIYzBnYWtP&t=1581716131307
Frame ID: 72962FD7FB23D3911373C56EF269E821
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1228426043863818242/J7wjk2VE?format=jpg&name=600x314
Frame ID: A8A6609D618E9CDFA34B9994005ABFB1
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=140&slotname=7107095156&adk=2880003653&adf=370430581&w=470&psa=0&guci=1.2.0.0.2.2.0.0&format=470x140&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131137&bpp=11&bdt=908&fdt=225&idt=225&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=1127318193398&frm=24&ife=1&pv=2&ga_vid=302893077.1581716131&ga_sid=1581716131&ga_hid=1026755964&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=470&ish=140&ifk=1138120897&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C36998751%2C44714170&oid=3&pvsid=1988390612397500&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C470%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.3by8lvessn1i&fsb=1&dtd=237
Frame ID: B3CDD671DEF6A26876FCB115352EFA4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=400&slotname=4153628755&adk=1643137576&adf=370430583&w=175&psa=0&guci=1.2.0.0.2.2.0.0&format=175x400&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131208&bpp=15&bdt=616&fdt=206&idt=206&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=7337685044183&frm=24&ife=1&pv=2&ga_vid=996845412.1581716131&ga_sid=1581716131&ga_hid=1696746610&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=175&ish=400&ifk=2879556505&scr_x=-12245933&scr_y=-12245933&eid=21065304%2C44714237&oid=3&pvsid=1691622703644596&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C175%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.x42jpg4fm7up&fsb=1&dtd=211
Frame ID: 4DF69FC2A55782455B9BB0A194950779
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=250&slotname=5394859554&adk=4256552153&adf=370430603&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131271&bpp=8&bdt=607&fdt=198&idt=198&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=4842736899732&frm=24&ife=1&pv=2&ga_vid=1257165950.1581716131&ga_sid=1581716131&ga_hid=1087889688&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-10&ady=0&biw=-12245933&bih=-12245933&isw=960&ish=250&ifk=2940449076&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C21065533%2C21065538&oid=2&pvsid=2614797326942323&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.au2n2z4xpz6&fsb=1&dtd=204
Frame ID: 8BFF9A4EBAF05F5CD60B6CE47B8ABA19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=60&slotname=6967494351&adk=2107312494&adf=370430571&w=468&psa=0&guci=1.2.0.0.2.2.0.0&format=468x60&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131286&bpp=5&bdt=617&fdt=195&idt=195&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=8535173468726&frm=24&ife=1&pv=2&ga_vid=428251075.1581716131&ga_sid=1581716131&ga_hid=664516934&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=468&ish=60&ifk=3095083937&scr_x=-12245933&scr_y=-12245933&eid=21065382&oid=3&pvsid=4283367934078794&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.bb612lo7zj8a&fsb=1&dtd=200
Frame ID: 09730538F0A738C83265D74D7773EB1F
Requests: 1 HTTP requests in this frame

Frame: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysgauserdata_pixel.html?t=1581716131584
Frame ID: 2A7BB392D11DA136B2985EB557E3B590
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 2A267273FE71A1EE2A610A130BC4767A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=300&slotname=5490761157&adk=3474866384&adf=370430601&w=175&psa=0&guci=1.2.0.0.2.2.0.0&format=175x300&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131459&bpp=7&bdt=364&fdt=331&idt=331&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=3500181574874&frm=24&ife=1&pv=2&ga_vid=713196890.1581716132&ga_sid=1581716132&ga_hid=1951460430&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=175&ish=300&ifk=1118259071&scr_x=-12245933&scr_y=-12245933&eid=44714170%2C44714237&oid=3&pvsid=2053352368128797&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C175%2C300&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.d5b7iaxddbif&fsb=1&dtd=340
Frame ID: 15A10600E5BB09C0E4A6ADE33A676F90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: E1844E4D8DBF01EDA03ED30456B4B928
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 85E573757B99520167CD9A4F0CAFF747
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive/med=%23OpR%2384315%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive%20%3A%20001-D-412793-00/rt=ifr
Frame ID: 00C377F18E71732B375E67349F5439D6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 40C7C3819285BA3C008B714A28C01A47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=250&slotname=5394859554&adk=4269071496&adf=3279755403&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716132463&bpp=5&bdt=2285&fdt=45&idt=45&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=1272557218590&frm=23&ife=1&pv=2&ga_vid=1510724639.1581716132&ga_sid=1581716133&ga_hid=2146617453&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=133&biw=1585&bih=1200&isw=960&ish=250&ifk=2369449032&scr_x=0&scr_y=0&eid=21065304%2C26835106&oid=3&pvsid=1131216697420666&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.3meuj9e0e1av&fsb=1&dtd=51
Frame ID: 81101CBDB856BEACD2FF571860CCCE31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /swfobject.*\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

315
Requests

100 %
HTTPS

33 %
IPv6

39
Domains

57
Subdomains

34
IPs

8
Countries

3766 kB
Transfer

9429 kB
Size

31
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/YoavNews1
Title: טוויטר / יואב יצחק

Search URL Search Domain Scan URL

URL: http://www.fly.tooty.co.il/%D7%98%D7%99%D7%A1%D7%95%D7%AA-%D7%9C%D7%9C%D7%90-%D7%9E%D7%96%D7%95%D7%95%D7%93%D7%94/?utm_source=taboola&utm_medium=referral
Title: Fly.Tooty.co.il

Search URL Search Domain Scan URL

URL: http://www.fly.tooty.co.il/%D7%97%D7%95%D7%A4%D7%94-%D7%94%D7%9B%D7%9C-%D7%9B%D7%9C%D7%95%D7%9C-%D7%91%D7%A7%D7%95%D7%A8%D7%A4%D7%95/?utm_source=taboola&utm_medium=referral
Title: Fly.Tooty.co.il

Search URL Search Domain Scan URL

URL: http://m.news1.co.il/ArticlePage.aspx?docid=390895&subjectid=1&TransID=0&AfterAdd=1

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/he/?template=colorbox&utm_source=news1&utm_medium=referral&utm_content=thumbnails-rr:Right%20Rail%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3a%2f%2fwww.news1.co.il%2fArchive%2f001-D-412793-00.html%3fv%3d20042019182351

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3a%2f%2fwww.news1.co.il%2fArchive%2f001-D-412793-00.html&text=%D7%AA%D7%95%D7%91%D7%A2%D7%AA%2016%20%D7%9E%D7%99%D7%9C%D7%99%D7%95%D7%9F%20%D7%A9%D7%A7%D7%9C:%0A%D7%A0%D7%A1:%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94%0A%D7%98%D7%95%D7%A2%D7%A0%D7%AA%20%D7%A9%D7%94%D7%94%D7%A1%D7%AA%D7%93%D7%A8%D7%95%D7%AA%20%D7%91%D7%9E%D7%A8%D7%97%D7%91%20%D7%99%D7%A8%D7%95%D7%A9%D7%9C%D7%99%D7%9D%20%D7%94%D7%9B%D7%A8%D7%99%D7%96%D7%94%20%D7%A2%D7%9C%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A2%D7%91%D7%95%D7%93%D7%94%20%D7%A4%D7%99%D7%A7%D7%98%D7%99%D7%91%D7%99%20%D7%91%D7%91%D7%99%D7%AA%20%D7%94%D7%97%D7%95%D7%9C%D7%99%D7%9D,%20%D7%95%D7%91%D7%9B%D7%9A%20%D7%92%D7%A8%D7%9E%D7%94%20%D7%9C%D7%94%D7%A4%D7%A1%D7%A7%D7%AA%20%D7%94%D7%97%D7%95%D7%96%D7%94%20%D7%A2%D7%99%D7%9E%D7%94%20%D7%9C%D7%9E%D7%99%D7%A7%D7%95%D7%A8%20%D7%97%D7%95%D7%A5%20%D7%A9%D7%9C%20%D7%9E%D7%A2%D7%A8%D7%9A%20%D7%94%D7%9E%D7%99%D7%97%D7%A9%D7%95%D7%91%20%D7%91%D7%95%20%2F%20%D7%90%D7%99%D7%AA%D7%9E%D7%A8%20%D7%9C%D7%95%D7%99%D7%9F,%20%D7%99%D7%A6%D7%97%D7%A7%20%D7%93%D7%A0%D7%95%D7%9F%0A

Search URL Search Domain Scan URL

URL: http://www.bpatent.co.il/
Title: בי פטנט פתרונות מיוחדים

Search URL Search Domain Scan URL

URL: http://www.bpatent.co.il/Product/%d7%9e%d7%90%d7%a1%d7%98%d7%a8-%d7%a1%d7%9c%d7%99%d7%99%d7%a1%d7%a8
Title: קוצץ ירקות מאסטר סלייסר

Search URL Search Domain Scan URL

URL: http://www.bpatent.co.il/Product/%d7%a2%d7%a8%d7%99%d7%a1%d7%aa-%d7%aa%d7%99%d7%a0%d7%95%d7%a7-%d7%a0%d7%99%d7%99%d7%93%d7%aa-1
Title: עריסת תינוק ניידת

Search URL Search Domain Scan URL

URL: http://www.bpatent.co.il/category/%D7%A1%D7%99%D7%A8%D7%99%D7%9D-%D7%95%D7%9E%D7%97%D7%91%D7%AA%D7%95%D7%AA-%D7%9C%D7%91%D7%99%D7%A9%D7%95%D7%9C-%D7%91%D7%A8%D7%99%D7%90-1
Title: סירים ומחבתות לבישול בריא

Search URL Search Domain Scan URL

URL: http://dudisharon.co.il/
Title: אסטרטגיה שיווקית

Search URL Search Domain Scan URL

URL: http://www.nowtv.co.il/
Title: צפייה ישירה

Search URL Search Domain Scan URL

URL: http://vegansontop.co.il/
Title: מתכונים טבעוניים

Search URL Search Domain Scan URL

URL: http://aviblit.co.il/
Title: ציורי קיר

Search URL Search Domain Scan URL

URL: http://bpatent.co.il/144121/%d7%a2%d7%a8%d7%99%d7%a1%d7%aa-%d7%aa%d7%99%d7%a0%d7%95%d7%a7-%d7%a0%d7%99%d7%99%d7%93%d7%aa-1
Title: עריסת תינוק ניידת

Search URL Search Domain Scan URL

URL: http://www.bpatent.co.il/144121/%d7%9e%d7%90%d7%a1%d7%98%d7%a8-%d7%a1%d7%9c%d7%99%d7%99%d7%a1%d7%a8
Title: קוצץ ירקות מאסטר סלייסר

Search URL Search Domain Scan URL

URL: http://news.walla.co.il/
Title: חדשות

Search URL Search Domain Scan URL

URL: http://vod.walla.co.il/tvshows
Title: סדרות

Search URL Search Domain Scan URL

URL: http://sports.walla.co.il/
Title: ספורט

Search URL Search Domain Scan URL

URL: https://www.enable.co.il/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581716130183&ns_c=UTF-8&cv=3.5&c8=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94&c7=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581716130183&ns_c=UTF-8&cv=3.5&c8=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94&c7=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&c9=

Request Chain 100

https://www.facebook.com/v2.7/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492

Request Chain 152

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d&tbid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d

Request Chain 154

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D

Request Chain 155

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30 HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30

Request Chain 156

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Fk4rKwIYHYuh&ev=1&pid=562107

Request Chain 157

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola&tc=1

Request Chain 158

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJcmCSiClhKYTTtS_Ej4jKI&google_cver=1

Request Chain 160

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

Request Chain 161

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a

Request Chain 162

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 165

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=dea17608-5c3d-493c-a837-07251b262074&bsw_param=dea17608-5c3d-493c-a837-07251b262074&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=dea17608-5c3d-493c-a837-07251b262074 HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074

Request Chain 166

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d&tbid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d

Request Chain 168

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D

Request Chain 169

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30

Request Chain 170

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SfSBEJNFFZGR&ev=1&pid=562107

Request Chain 171

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola

Request Chain 172

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED_YGvOyWAZjAkAnqgFZ3nI&google_cver=1

Request Chain 174

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

Request Chain 175

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a

Request Chain 176

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 179

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=dea17608-5c3d-493c-a837-07251b262074 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=852df03f-7ced-4af0-8aaf-7ea2064a6f5a&expires=10&ssp=taboola&bsw_param=dea17608-5c3d-493c-a837-07251b262074 HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074

Request Chain 297

https://go.flx1.com/uid?m=141&pl=149&userid=19091a0d-48f6-4324-9447-8f3d92315b4b&random=1581716131556 HTTP 302
https://go.flx1.com/uid?_check=1&m=141&pl=149&random=1581716131556&userid=19091a0d-48f6-4324-9447-8f3d92315b4b HTTP 302
https://ib.adnxs.com/getuid?https://go.flx1.com/uid?anuid=$UID&t=&m=141&_rdnr=1&fs=0 HTTP 302
https://go.flx1.com/uid?anuid=1657302821866649298&t=&m=141&_rdnr=1&fs=0

Request Chain 298

https://loadr.exelator.com/load/?p=1257&g=204&uuid=19091a0d-48f6-4324-9447-8f3d92315b4b&j=0 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 301

https://sync.crwdcntrl.net/map/c=13979/tp=ARTI/tpid=19091a0d-48f6-4324-9447-8f3d92315b4b?redir=https%3A%2F%2Flb.advsnx.net%2Fstorepair%2Fmap.js%3Fu%3D19091a0d-48f6-4324-9447-8f3d92315b4b%26p%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13979/tp=ARTI/tpid=19091a0d-48f6-4324-9447-8f3d92315b4b?redir=https%3A%2F%2Flb.advsnx.net%2Fstorepair%2Fmap.js%3Fu%3D19091a0d-48f6-4324-9447-8f3d92315b4b%26p%3D%24%7Bprofile_id%7D

Request Chain 328

https://bcp.crwdcntrl.net/5/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive/med=%23OpR%2384315%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive%20%3A%20001-D-412793-00/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive/med=%23OpR%2384315%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive%20%3A%20001-D-412793-00/rt=ifr

Request Chain 340

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

315 HTTP transactions
29 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 001-D-412793-00.html Show response
www.news1.co.il/Archive/ 183 KB
25 KB 606ms
575ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 64a3c479e4d887e3eb1dc75f4e74349627e597cdfcd697c63a1dfc85c0a56d73

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /Archive/001-D-412793-00.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:29 GMT
content-type: text/html
set-cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; expires=Sun, 15-Mar-20 21:35:29 GMT; path=/; domain=.news1.co.il; HttpOnly; SameSite=Lax
last-modified: Sat, 20 Apr 2019 15:23:54 GMT
x-powered-by: ASP.NET
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 56522c103ca1dfbb-FRA
content-encoding: br

GET
H2 200 nfc.css
www.news1.co.il/css/ 42 KB
6 KB 29ms
27ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css?t=06032016
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"e43b27c6d7ed51:0"
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c13dcb8dfbb-FRA
cf-bgj: minify

GET
H2 200 jquery-1.11.0.min.js Show response
www.news1.co.il/js/ 94 KB
32 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/jquery-1.11.0.min.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:08 GMT
server: cloudflare
age: 6436
x-powered-by: ASP.NET
etag: W/"4cefa2b6d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 56522c13dcbddfbb-FRA

GET
H2 200 json3.min.js Show response
www.news1.co.il/js/ 8 KB
3 KB 19ms
17ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/json3.min.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:10 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
etag: W/"735eb0b7d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 56522c13ecbfdfbb-FRA

GET
H2 200 accessMenu.css
www.news1.co.il/css/ 1 KB
709 B 21ms
19ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/accessMenu.css
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8f9438019c79ef997148272c2341ac0787da321fe8bf928e6544e83a2a1487bc

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"3c3244b7b84dd51:0"
cf-cache-status: HIT
last-modified: Thu, 08 Aug 2019 07:13:02 GMT
server: cloudflare
age: 223
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=2184
cf-ray: 56522c13dcbbdfbb-FRA
cf-bgj: minify

GET
H2 200 jquery.fontSizer.js Show response
www.news1.co.il/js/textResize/ 5 KB
1 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/textResize/jquery.fontSizer.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 163bbfa17399928e4f895f0a17d771baf9d33f9eeb11ef087120964ea7d14c61

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"70ed5330a6dd21:0"
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2016 10:04:17 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=10408
cf-ray: 56522c13ecc2dfbb-FRA
cf-bgj: minify

GET
H2 200 Menu.js Show response
www.news1.co.il/js/ 2 KB
675 B 17ms
15ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/Menu.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 03498f237498f7379a6032863b8951f5342aa8bc50c3bee8328f2cc40289da06

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"d884d6b7d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:10 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=3080
cf-ray: 56522c13ecc6dfbb-FRA
cf-bgj: minify

GET
H2 200 swfobject.js Show response
www.news1.co.il/js/ 5 KB
2 KB 24ms
22ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/swfobject.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"3a5b2cb8d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:11 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c13ecd0dfbb-FRA
cf-bgj: minify

GET
H2 200 motionpack.js Show response
www.news1.co.il/js/ 3 KB
714 B 23ms
21ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/motionpack.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f673ec3e3728ec2c7a3dbe888e8ea6a2c295c4df4d81da650dffad7e5f76f6a3

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"bacddb7d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:10 GMT
server: cloudflare
age: 6360
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=5117
cf-ray: 56522c13ecd3dfbb-FRA
cf-bgj: minify

GET
H2 200 PreviewImages.js Show response
www.news1.co.il/js/ 565 B
338 B 19ms
17ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/PreviewImages.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 61f1b5656920f261f85844811901f209df66d41e6051ca341687b896b3fc16b4

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"75e6f7b7d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:10 GMT
server: cloudflare
age: 6266
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=993
cf-ray: 56522c13ecd5dfbb-FRA
cf-bgj: minify

GET
H2 200 jquery.maskedinput.js Show response
www.news1.co.il/js/ 4 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/jquery.maskedinput.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c3a76197d64f5ce208b794535baa72e56008a02777a081c733656aac38f3de0f

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"4d4f2b7d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:09 GMT
server: cloudflare
age: 6266
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=7218
cf-ray: 56522c13ecd8dfbb-FRA
cf-bgj: minify

GET
H2 200 jClock.js Show response
www.news1.co.il/js/ 4 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/jClock.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f62a07f9c55482e210929cfb75d443fb78f50c5b392d44f186ccabe2dbdfba56

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"1b478b6d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:08 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=7864
cf-ray: 56522c13ecd9dfbb-FRA
cf-bgj: minify

GET
H2 200 FloatDivs.js Show response
www.news1.co.il/js/ 3 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/FloatDivs.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7d93250ff7ef39434ec850b0ec936e33560e30cdbe6d2b08ddb2981536e0544

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"0e61f973074d51:0"
cf-cache-status: HIT
last-modified: Thu, 26 Sep 2019 06:06:52 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=6763
cf-ray: 56522c13ecdbdfbb-FRA
cf-bgj: minify

GET
H2 200 functions.js Show response
www.news1.co.il/js/ 9 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/functions.js?t=28032016
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: df3a23807c4dab2fde4045546d5d6ca327f9c206c386ec8dcc107b73e8c49cd8

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"69f33d634d95d51:0"
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 09:26:08 GMT
server: cloudflare
age: 6266
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=14141
cf-ray: 56522c13ecdcdfbb-FRA
cf-bgj: minify

GET
H2 200 configs Show response
jeeng-api-prod.azureedge.net/api/users/domains/V1D574bk0A/sdk/ 1 KB
2 KB 124ms
51ms Script
text/javascript 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://jeeng-api-prod.azureedge.net/api/users/domains/V1D574bk0A/sdk/configs
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: / Express
Resource Hash: b9ee1644b381639e7434f23e9a4d83a96140c97a52a52e6d5301b11e146d36ed

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
x-backside-transport: OK OK
x-powered-by: Express
etag: W/"5d9-V8vP9qV2JC7VigKSE7GMwL0vI6w"
status: 200
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=425
x-global-transaction-id: 500d1e155e47067e8c9a919d
content-length: 1497

GET
H2 200 v3.js Show response
sdk.jeeng.com/ 473 KB
128 KB 66ms
19ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.jeeng.com/v3.js

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d6de33ad88b6b07fc60efcbf563e80022235cecf2805b9bf9daffadc0349f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Sun, 02 Feb 2020 13:20:16 GMT
x-timer: S1581716130.953900,VS0,VE0
etag: 791b0f788cd6167d99034ffbcde3ac0d65d3179a94a21989e55159f109f4e010
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Fri, 14 Feb 2020 21:35:29 GMT
x-cache-hits: 8
accept-ranges: bytes
content-length: 130440
x-served-by: cache-ams21043-AMS

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 11 KB
4 KB 83ms
23ms Script
text/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=78870&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.14
Resource Hash: 5c734036877f4eb3fd6df2bf2f0646c0e677726832cefcc8f804b3eae0414956

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:29 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.14
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 13 KB
4 KB 81ms
21ms Script
text/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=78871&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.14
Resource Hash: 59f96e5b37967e736778accbc1db6fb0316b85a685c5faa93ee8521b14c32b42

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:29 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.14
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H2 200 PrintLogo.jpg
www.news1.co.il/Archive/img/ 12 KB
12 KB 20ms
18ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/Archive/img/PrintLogo.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 47c2cc3d8a2729c3216f85fdf618bf216aea6db9a9e2ed93280055d32252ca4f

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
cf-cache-status: HIT
age: 2038687
x-powered-by: ASP.NET
status: 200
content-length: 12028
last-modified: Sat, 27 Jul 2019 23:13:10 GMT
server: cloudflare
etag: "3cd36adbd044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=12233
accept-ranges: bytes
cf-ray: 56522c142d64dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 slide_in_ads_close.gif
www.news1.co.il/img/ 429 B
555 B 21ms
20ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/slide_in_ads_close.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c129464463c242c20fdfad4d928bbb302348d45af7a1550313f434e23f8df70b

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
cf-cache-status: HIT
age: 6355
x-powered-by: ASP.NET
status: 200
content-length: 429
last-modified: Sat, 27 Jul 2019 23:13:19 GMT
server: cloudflare
etag: "8ed422e1d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: origSize=437
accept-ranges: bytes
cf-ray: 56522c142d65dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 web_bunner_svg_3.png
www.news1.co.il/img/ 4 KB
4 KB 15ms
14ms Image
image/png 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/web_bunner_svg_3.png
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b74904cca5631f777274c6b07fb5e8eb9884ee9d3c484eea9234664eadb649c8

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
cf-cache-status: HIT
age: 3724
x-powered-by: ASP.NET
status: 200
content-length: 4016
last-modified: Thu, 23 Jun 2016 16:11:53 GMT
server: cloudflare
etag: "239d16f569cdd11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: origSize=5252
accept-ranges: bytes
cf-ray: 56522c142d67dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 TopSearchS.png
www.news1.co.il/img/ 260 B
392 B 20ms
18ms Image
image/png 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/TopSearchS.png
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 88c406a5fa36cc1406f3d1b51cb684c893fc387d3782b0024f5ed9bd972d6594

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
cf-cache-status: HIT
age: 5004
x-powered-by: ASP.NET
status: 200
content-length: 260
last-modified: Mon, 11 Jun 2012 16:47:26 GMT
server: cloudflare
etag: "bb9b1ce2f147cd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: origSize=332
accept-ranges: bytes
cf-ray: 56522c142d68dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/news1/ 129 KB
21 KB 74ms
25ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/news1/loader.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00d1b1bcd080de5cc76f37596867259e9c618e978bf891edf7ec5e42785bcc51

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: P3.BTBQ_82lNVrgV443uqOEdJSSWJV_B
content-encoding: gzip
age: 14
x-cache: HIT
status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-length: 21568
x-amz-id-2: E3MS9OJb1PvTr6T65+o/snh6w2HwBwE9GPDgp/BJvVou3ezfRbrith16CUD4LUHsqqthB0qWc+A=
x-served-by: cache-fra19169-FRA
last-modified: Tue, 11 Feb 2020 20:22:00 GMT
server: AmazonS3
x-timer: S1581716130.004414,VS0,VE1
etag: "f1848b220a633f9054dde8f12b583551"
vary: Accept-Encoding
x-amz-request-id: 7A7DBAD9173C09FE
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 1

GET
H2 200 close.gif
www.news1.co.il/img/ 82 B
198 B 13ms
12ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/close.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: af98496953708d60ca06bbf704705a2d54482eb8f936ba08c7aee05ee8769cf0

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
cf-cache-status: HIT
age: 5460
x-powered-by: ASP.NET
status: 200
content-length: 82
last-modified: Sat, 27 Jul 2019 23:12:26 GMT
server: cloudflare
etag: "6a1c9ec1d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: origSize=90
accept-ranges: bytes
cf-ray: 56522c145deddfbb-FRA
cf-bgj: imgq:100

GET
H2 200 detectmobilebrowser.js Show response
www.news1.co.il/js/ 2 KB
1 KB 13ms
13ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/detectmobilebrowser.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d13865e6a18f398bc5e57515e75940cf25160a99987876a26511dcc764fc9f6b

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: br
etag: W/"5c93a8b5d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:06 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=2064
cf-ray: 56522c145debdfbb-FRA
cf-bgj: minify

GET
H2 200 RedArrow.gif
www.news1.co.il/img/ 51 B
168 B 26ms
25ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/RedArrow.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8ccbc7ac43be265d9bede95fb075577f6bc81ba84987d4bdaf3176f3bc647cf1

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
cf-cache-status: HIT
age: 5481
x-powered-by: ASP.NET
status: 200
content-length: 51
last-modified: Sat, 27 Jul 2019 23:13:11 GMT
server: cloudflare
etag: "2e9329dcd044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: origSize=824
accept-ranges: bytes
cf-ray: 56522c145deedfbb-FRA
cf-bgj: imgq:100

GET
H2 200 SHKMIPf3_bigger.jpg
pbs.twimg.com/profile_images/979755094160887808/ 4 KB
4 KB 6ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/979755094160887808/SHKMIPf3_bigger.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

05b3d4aca8d12c1499202421a02ec92ce1bb60acb351c223cad33a0528fe4293

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
x-content-type-options: nosniff
age: 71211
x-cache: HIT
status: 200
content-length: 3685
x-response-time: 255
surrogate-key: profile_images profile_images/bucket/3 profile_images/979755094160887808
last-modified: Fri, 30 Mar 2018 16:17:52 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 33362340cb2c5a0e9743a574abfe1690
accept-ranges: bytes

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
28 KB 21ms
21ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:29 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 29101
x-served-by: cache-bwi5139-BWI, cache-hhn4041-HHN
last-modified: Wed, 05 Feb 2020 23:55:53 GMT
etag: "d6438f3ded1a231e0c47db28e12b2834+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 200
OK lvrdya2alz.js Show response
live.sekindo.com/content/F2YaBn/ 75 KB
27 KB 22ms
21ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/F2YaBn/lvrdya2alz.js?cb=1581716129982&pubUrlAuto=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=78871&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 55b538cf1c909455a2d8fb088fd6f83b03439a12adc0767e50244958b1d12b4f

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 21:35:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:11 GMT
Server: nginx
ETag: W/"5d10b4f7-12cd5"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK livePixel.php Show response
live.sekindo.com/live/ 770 B
882 B 25ms
25ms Script
text/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/livePixel.php?id=2021&apg=1
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=78871&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.14
Resource Hash: f74b0443c65d65e11b3c6777d078089b1aebf89ef1b5ab5d534ee5f28b8f3a67

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:29 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.14
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-store
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 sdk.js Show response
connect.facebook.net/he_IL/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/he_IL/sdk.js

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b67204c82e753942136395187484ee584a4ba55843dc46dcbca04a0abb778e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: JPeySxcRV51PHS01JjNhRA==
status: 200
date: Fri, 14 Feb 2020 21:35:29 GMT, Fri, 14 Feb 2020 21:35:29 GMT
expires: Fri, 14 Feb 2020 21:48:07 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1779
x-fb-debug: JzfMliCpt7FciOV5MnlrT4g1PIF11SOPkDcfcJc1N0Wq921kX83quM636vgnOuOrt5xRMH7s1aG6B5SUcSrBAg==
x-fb-trip-id: 1850256238
x-fb-content-md5: 567e3291db0ceb7089c4a54ccc638ccb
etag: "2c805f9e6fb26ca430fadadb0b08b02a"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 63A1 3 KB
1 KB 92ms
83ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8070fa2d4bd8e69b591db00d307d91f5df864c2d5a95a0876e4ff0c6b6d178d

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=87&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; path=/; HttpOnly OrderBanner87=5; path=/
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c147e52dfbb-FRA
content-encoding: br

GET
H2 200 showDate.js Show response
www.news1.co.il/js/ 932 B
522 B 15ms
14ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/showDate.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b6b4c7068174c1428ec69f25162b7933135013b941d5e4312a26a9f598c204ca

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"73aa1bb8d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:11 GMT
server: cloudflare
age: 6360
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=1098
cf-ray: 56522c147e50dfbb-FRA
cf-bgj: minify

GET
H2 200 sdk.js Show response
connect.facebook.net/he_IL/ 194 KB
58 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/he_IL/sdk.js?hash=0bc5ceb15ef0631908953e06651fcb5c&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56cba88f9d7cea799326bb597ba8712ae737b9f72395b8fdc9bde5dd221b4900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
Origin: https://www.news1.co.il
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: xM8FqQxH/ngqrB+eWGjLbg==
status: 200
date: Fri, 14 Feb 2020 21:35:29 GMT, Fri, 14 Feb 2020 21:35:29 GMT
expires: Sat, 13 Feb 2021 20:28:04 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59602
x-fb-debug: ipQszgWyo8fvOkbkTHg3Ka8t0h/bigGuDGx/WSP4R/LZVJflCobL/LfN5q+LmzEwzW39pUx/+w/k3cdiBsxJww==
x-fb-trip-id: 1850256238
x-fb-content-md5: 27d9245ccff7814e62b509528e4a0de9
etag: "0fe634480a82277e37e0e77e10f36794"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 hebdate.js Show response
www.news1.co.il/js/ 8 KB
2 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/hebdate.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68bb318e7b3ec93dd781ec6f79dc54b8360ba00ae10332e89057c85f1df0a45a

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"20b8cb6d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:07 GMT
server: cloudflare
age: 5623
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=15627
cf-ray: 56522c149e8fdfbb-FRA
cf-bgj: minify

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13015/ 38 KB
11 KB 85ms
19ms Script
application/javascript 93.184.220.113
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13015/cc.js?ns=_cc13015
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/livePixel.php?id=2021&apg=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.113 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC2) /
Resource Hash: c0c2ff5536ca0137e8966892471aa1fe1b8aa0b39b7cbab9d948603ed051695a

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 17:32:46 GMT
server: ECS (amb/6BC2)
age: 18574
etag: "5e209e3e-99f3+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 11295
expires: Sat, 15 Feb 2020 21:35:30 GMT

GET
H2 200 CalenderNew.aspx Show response
www.news1.co.il/ Frame 1AEA 10 KB
2 KB 93ms
93ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/CalenderNew.aspx
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f3676e60e073548e6aba2261eb3bd4f663955d177483760bb4c5a73fcbe99ba

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /CalenderNew.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=nmlzwy4gr30e05cjlxbzgsb5; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c14df4adfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
www.news1.co.il/ Frame 9658 2 KB
1 KB 80ms
80ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cee6c6c20b0eb43557db76a73add9321b8beea53e086c441ab824f3d59de3431

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=73&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=rhpo1jh0lqq45xsqhlpjg4dc; path=/; HttpOnly; SameSite=Lax OrderBanner73=5; path=/ isUserShowPlazma9055=Yes; expires=Fri, 14-Feb-2020 21:45:19 GMT; path=/ OrderBannerHomePageTopLarge=1; path=/ OrderBannerHomePageTop=1; path=/
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c14df4ddfbb-FRA
content-encoding: br

GET
H2 200 doStats.aspx Show response
www.news1.co.il/ Frame 62FA 61 B
252 B 93ms
93ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/doStats.aspx?popUp=true&PageName=showarticles.aspx
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dfcf0bfd14ec47c1e03ccf0c11ec034f065a634195438728caacfb988b802f01

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /doStats.aspx?popUp=true&PageName=showarticles.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=l54beerrwcmklkymzpqqpnmj; path=/; HttpOnly; SameSite=Lax isUserUnik=No; expires=Sat, 14-Mar-2020 21:35:19 GMT; path=/ isVisitToday24=Yes; expires=Sat, 15-Feb-2020 21:35:19 GMT; path=/
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c14df57dfbb-FRA
content-encoding: br

GET
H2 200 impl.20200211-14-RELEASE.js Show response
cdn.taboola.com/libtrc/ 441 KB
125 KB 28ms
28ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200211-14-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/news1/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b62f5fb0ed6285327e46477450897257d92a58504546a61f602fd0831f6a5f9c

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: kJrozUqX9ENe_l1ngJoMFTGVZRLi_bYe
content-encoding: gzip
age: 35
x-cache: HIT
status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
x-amz-replication-status: COMPLETED
content-length: 127194
x-amz-id-2: SPRZwCRsC7ewB28Nndh8CChBuh1zJb+iqJXTtpTBLmTohpsEWKADp972wsIcQS/CUGZUcCCS2bY=
x-served-by: cache-fra19169-FRA
last-modified: Tue, 11 Feb 2020 19:44:37 GMT
server: AmazonS3
x-timer: S1581716130.076990,VS0,VE0
etag: "8c6047577f8d5011b8d22fb5810bcd7c"
vary: Accept-Encoding
x-amz-request-id: 5FD5739E50B6E668
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 87
x-cache-hits: 194

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 31ms
31ms Script
application/x-javascript 104.124.133.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/news1/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-133-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 21:35:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Sat, 15 Feb 2020 21:35:30 GMT

GET
H2 200 PrevArticlesList.aspx Show response
www.news1.co.il/ Frame 7E25 4 KB
1 KB 1507ms
1507ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 60d7b7715bc9a4b0421f2a2e2f2ace544f0c0b9ae579e58f65fc41efacd7bfd3

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:31 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=c4sngru0ore23y1ric3kzrzi; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c14ef8bdfbb-FRA
content-encoding: br

GET
H2 200 PrevArticlesList.aspx Show response
www.news1.co.il/ Frame 2FEE 4 KB
1 KB 813ms
813ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0bddfcdbe9d131078bba08a2b76bd2fd555af0a01662a127aba5e0149f4f6592

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=onddhdl5pu5nauwizzzhyhmh; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c14ef8edfbb-FRA
content-encoding: br

GET
H2 200 NEWSY19-686443507671357.jpg
www.news1.co.il/thumbs/87/ 2 KB
3 KB 268ms
267ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/87/NEWSY19-686443507671357.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 378ff573a65c610ac2e8c8e97436dd0491d8100c24dee5d6d0b7ab0f37b538b1

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "687cc12c5aaed41:0"
cf-cache-status: REVALIDATED
last-modified: Thu, 17 Jan 2019 11:45:42 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=2924
accept-ranges: bytes
cf-ray: 56522c14ff97dfbb-FRA
content-length: 2485
cf-bgj: imgq:100

GET
H2 200 NEWS1NEW-859295070171357.jpg
www.news1.co.il/thumbs/87/ 7 KB
7 KB 294ms
293ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/87/NEWS1NEW-859295070171357.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 36fe4a765639d8f27ee2aecec84c8b06acb1537f19bb4dec09a563727c9ffbce

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "9c8dabad55a8d01:0"
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2015 16:58:33 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=7168
accept-ranges: bytes
cf-ray: 56522c14ff99dfbb-FRA
content-length: 6743
cf-bgj: imgq:100

GET
H2 200 XX-49480617046357.jpg
www.news1.co.il/thumbs/87/ 8 KB
8 KB 295ms
294ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/87/XX-49480617046357.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a8aee8c5c53993b3906fbe4ae4db40f874aa222ec61009c81369416945ba5f2d

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "ac60f57d85a8d01:0"
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2015 22:40:49 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=8962
accept-ranges: bytes
cf-ray: 56522c14ff9adfbb-FRA
content-length: 8494
cf-bgj: imgq:100

GET
H2 200 toolTip.js Show response
www.news1.co.il/js/ 3 KB
952 B 14ms
13ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/toolTip.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fd05d685e4f01e591f192198a025a50d615d7598096fca8a38ea74d8bb4c1d2f

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"d2a859b8d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:11 GMT
server: cloudflare
age: 6266
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=3324
cf-ray: 56522c14ff94dfbb-FRA
cf-bgj: minify

GET
H2 200 AddOns.js Show response
www.news1.co.il/js/ 3 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/AddOns.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c91d2f0537a36d5d398fa8343782813c104a0ee315b98ef13d6943f99086f637

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"5d473db5d044d51:0"
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:06 GMT
server: cloudflare
age: 6266
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-polished: origSize=3755
cf-ray: 56522c14ff96dfbb-FRA
cf-bgj: minify

GET
H2 200 envelop.gif
www.news1.co.il/img/ 555 B
670 B 21ms
20ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/envelop.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 22ae0e8ad1341141c33a12fea60e493e24788e2a55609e3390c634d3270c8e0b

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6059
x-powered-by: ASP.NET
status: 200
content-length: 555
last-modified: Sat, 27 Jul 2019 23:12:32 GMT
server: cloudflare
etag: "425410c5d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c14ff9edfbb-FRA
cf-bgj: imgq:100

GET
H2 200 NEWSY17-790211975574494.jpg
www.news1.co.il/uploadimages/ 26 KB
26 KB 425ms
424ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/uploadimages/NEWSY17-790211975574494.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c50b342628b4645657450f0789132f788ea61ae2f5ee10b54bd2b05bf4f34a12

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Mar 2018 18:38:37 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "1569465531bad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 56522c14ff9fdfbb-FRA
content-length: 26310

GET
H2 200 squreColored.gif
www.news1.co.il/img/ 44 B
255 B 20ms
19ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/squreColored.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 850f277392add47a8f5b989cb6b0942d83928c2ad887ec0b4135e403ef9dff62

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6360
x-powered-by: ASP.NET
status: 200
content-length: 44
last-modified: Sat, 27 Jul 2019 23:13:21 GMT
server: cloudflare
etag: "b67fce2d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c14ffa0dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 triBlue.gif
www.news1.co.il/img/ 50 B
185 B 15ms
14ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/triBlue.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ece3f6384067f3c39ea938f572a7754c5e0673372bfa0883591b60dad8e08e57

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 5061
x-powered-by: ASP.NET
status: 200
content-length: 50
last-modified: Tue, 09 Apr 2002 13:21:26 GMT
server: cloudflare
etag: "04f5d73c9dfc11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c14ffa1dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 transArrowRed.gif
www.news1.co.il/img/ 49 B
168 B 20ms
19ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/transArrowRed.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0d8d2585c85779c7df16dce34babd287c67bd65e53162a18f8885080e5e49575

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6266
x-powered-by: ASP.NET
status: 200
content-length: 49
last-modified: Thu, 04 Dec 2008 14:29:10 GMT
server: cloudflare
etag: "be6975ac1c56c91:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: origSize=821
accept-ranges: bytes
cf-ray: 56522c14ffa2dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 NEWSY19-727535426616669.jpg
www.news1.co.il/thumbs/225/ 10 KB
10 KB 337ms
336ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-727535426616669.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0d6646576bbfb5f4a0340b5d0ecd016b52ece7f26021a404773efd80682a7aea

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2019 07:31:15 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "97c3c38b38f0d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 56522c14ffa3dfbb-FRA
content-length: 9770

GET
H2 200 NEWSY19-73208034038544.jpg
www.news1.co.il/thumbs/225/ 5 KB
6 KB 333ms
332ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-73208034038544.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0b013c84a12332275d384709944a6ecccad068f2469a72525718825829d45bf

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Mar 2019 11:49:39 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "c7ab90ff12dfd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 56522c14ffa4dfbb-FRA
content-length: 5597

GET
H2 200 NEWS1Y-351452052593232.jpg
www.news1.co.il/thumbs/225/ 5 KB
5 KB 279ms
279ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWS1Y-351452052593232.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 333af1439fbc3e16be652a8376f6b3d8536c7334ca1bc61eb139405f5aaf0ad7

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "3c152b2d5ca8d01:0"
cf-cache-status: REVALIDATED
last-modified: Tue, 16 Jun 2015 17:45:04 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=5330
accept-ranges: bytes
cf-ray: 56522c14ffa6dfbb-FRA
content-length: 4933
cf-bgj: imgq:100

GET
H2 200 NEWSY19-110622584819794.jpg
www.news1.co.il/thumbs/225/ 16 KB
16 KB 351ms
350ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-110622584819794.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75d203c56ad3184359916d0e94f3f6847fff89d902be3d16ecafa84e09e063b4

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2019 03:26:00 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "a7f9f74816f0d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 56522c14ffa7dfbb-FRA
content-length: 16407

GET
H2 200 NEWSY19-684963405132294.jpg
www.news1.co.il/thumbs/225/ 7 KB
7 KB 283ms
282ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-684963405132294.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6dd00c47cc8e98fdae501bb56e7985ea2c70f635f5fd2b245a1b483363bb6da6

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2019 03:24:44 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "9cd1631b16f0d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 56522c14ffa8dfbb-FRA
content-length: 7028

GET
H2 200 PepoleBanner.aspx Show response
www.news1.co.il/ Frame 8961 12 KB
2 KB 368ms
367ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2f4a6e5e498ad7ca051082a98a6b6f2b8a28b1b5eabf09667cfa8f44950e52e3

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /PepoleBanner.aspx?ShowType=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
set-cookie: ASP.NET_SessionId=np5wubwoqnzsgdorjao1vxiy; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c150fd3dfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 69EB 3 KB
1 KB 80ms
80ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5fec4a130a07e4caa90201535f4eb4957aa59fb5ed4ae04bb7c7fe1321419f9

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=10&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner10=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c150fd4dfbb-FRA
content-encoding: br

GET
H/1.1 200
OK news12
widget.walla.co.il/ Frame 1D74 0
0 206ms
143ms Document
text/html 2.19.33.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.walla.co.il/news12

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.19.33.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-19-33-73.deploy.static.akamaitechnologies.com

Software

openresty/1.15.8.1 / PHP/5.6.40

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Host: widget.walla.co.il
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

Content-Type: text/html; charset=UTF-8
Server: openresty/1.15.8.1
X-Powered-By: PHP/5.6.40
X-UA-Compatible: IE=edge
P3P: policyref="https://www.walla.co.il/w3c/p3p.xml", CP="NOI DSP COR NID CURa TAIa OUR IND UNI COM NAV"
Access-Control-Allow-Origin: http://wallanews.co.il
X-XSS-Protection: 1
Content-Encoding: gzip
X-Cached: BYPASS
Content-Length: 4683
Cache-Control: public, max-age=56, s-maxage=120
Expires: Fri, 14 Feb 2020 21:36:26 GMT
Date: Fri, 14 Feb 2020 21:35:30 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 NEWSY19-205181300640107.jpg
www.news1.co.il/thumbs/225/ 8 KB
9 KB 365ms
362ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-205181300640107.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 77831b2d8439cf4cc1aa3b419f5f266744248bc11cb7f9cd729be6b826e24921

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "bc726f65a8e7d41:0"
cf-cache-status: REVALIDATED
last-modified: Sun, 31 Mar 2019 09:59:14 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=9060
accept-ranges: bytes
cf-ray: 56522c151fe1dfbb-FRA
content-length: 8652
cf-bgj: imgq:100

GET
H2 200 NEWSY19-778068184852601.jpg
www.news1.co.il/thumbs/225/ 5 KB
5 KB 300ms
298ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-778068184852601.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3a5e184cc857214059eed3a9f48024349afb8b12fead508ac3190caf93899611

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "32252cb99f6d41:0"
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Apr 2019 10:22:30 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=5528
accept-ranges: bytes
cf-ray: 56522c151fe3dfbb-FRA
content-length: 5076
cf-bgj: imgq:100

GET
H2 200 NEWSY19-344814479351044.jpg
www.news1.co.il/thumbs/225/ 11 KB
11 KB 273ms
270ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/thumbs/225/NEWSY19-344814479351044.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4d3ae199814449d2b6c9032bc55b1a8c23a0bd8f72f2aae3927056a2313f0999

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "676535cb99f6d41:0"
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Apr 2019 10:22:30 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=11470
accept-ranges: bytes
cf-ray: 56522c151fe4dfbb-FRA
content-length: 10884
cf-bgj: imgq:100

GET
H2 200 imgArrowPH.gif
www.news1.co.il/img/ 53 B
158 B 16ms
13ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/imgArrowPH.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5cbf72fd0f83d6ce2dcbf919525342619602c612549af39a22bdd606b60bd82d

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6287
x-powered-by: ASP.NET
status: 200
content-length: 53
last-modified: Sat, 27 Jul 2019 23:12:46 GMT
server: cloudflare
etag: "acbcbcdd044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c151fe5dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 NEWSY19-587917506694794.jpg
www.news1.co.il/Thumbs/155/ 6 KB
6 KB 367ms
364ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/Thumbs/155/NEWSY19-587917506694794.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c7c50a0d7562d9d520276845c9872fe4f85fac4a7fcf77c97a6760944adb10aa

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
etag: "7c19f2454f0d41:0"
cf-cache-status: REVALIDATED
last-modified: Thu, 11 Apr 2019 10:48:47 GMT
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cf-polished: origSize=6537
accept-ranges: bytes
cf-ray: 56522c151fe6dfbb-FRA
content-length: 6025
cf-bgj: imgq:100

GET
H2 200 NEWSY19-588421046733857.jpg
www.news1.co.il/Thumbs/155/ 4 KB
4 KB 287ms
285ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/Thumbs/155/NEWSY19-588421046733857.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 569a7533d0ed88c9f87b9c7ce5ebc28e204d21398c39c4f13ff9905060806e84

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: MISS
last-modified: Wed, 03 Apr 2019 08:12:19 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "153a1ef5f4e9d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
accept-ranges: bytes
cf-ray: 56522c151fe9dfbb-FRA
content-length: 4062

GET
H2 200 harel_logo_new.jpg
www.news1.co.il/img/ 3 KB
3 KB 19ms
16ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/harel_logo_new.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 609ab6b80b09d9673746b259ef7ef3f4c21076c82b74684c8896ce6015576788

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6059
x-powered-by: ASP.NET
status: 200
content-length: 3425
last-modified: Sat, 27 Jul 2019 23:12:42 GMT
server: cloudflare
etag: "957db0cad044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=26569
accept-ranges: bytes
cf-ray: 56522c151fecdfbb-FRA
cf-bgj: imgq:100

GET
H2 200 ElbaLogo.jpg
www.news1.co.il/img/ 3 KB
3 KB 18ms
16ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/ElbaLogo.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cf829d4c83555cf4aae14fc315a4c452a2a4376118edb3010ea716baac23406a

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6059
x-powered-by: ASP.NET
status: 200
content-length: 2795
last-modified: Sat, 27 Jul 2019 23:12:32 GMT
server: cloudflare
etag: "13cda9c4d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=3414
accept-ranges: bytes
cf-ray: 56522c151feddfbb-FRA
cf-bgj: imgq:100

GET
H2 200 BPatent.jpg
www.news1.co.il/img/ 552 KB
553 KB 20ms
18ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/BPatent.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 423312a947d785b698faa30351d48a422e108c90692d539a0aed1185a7579011

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6059
x-powered-by: ASP.NET
status: 200
content-length: 565079
last-modified: Sat, 27 Jul 2019 23:12:25 GMT
server: cloudflare
etag: "d5e6c9c0d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=566844
accept-ranges: bytes
cf-ray: 56522c151feedfbb-FRA
cf-bgj: imgq:100

GET
H2 200 urchin.js Show response
www.google-analytics.com/ 22 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 01 Feb 2020 13:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 1151744
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=1209600
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6847
expires: Sat, 15 Feb 2020 13:39:46 GMT

GET
H2 200 init.js Show response
cdn.enable.co.il/licenses/enable-L1001f6hkxus0tp-1217-2123/ 384 KB
95 KB 60ms
24ms Script
application/javascript 2606:4700:3031::681b:a790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.enable.co.il/licenses/enable-L1001f6hkxus0tp-1217-2123/init.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681b:a790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.30
Resource Hash: 5740562bb2a4a71ffb9f74e2b775e6f442404772a10cbf3726c78a310e25ec92

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 6435
x-powered-by: PHP/5.6.30
status: 200
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: 'GET,HEAD,OPTIONS,POST,PUT', GET,HEAD,OPTIONS,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: '*', *
cache-control: 'no-cache, private'
cf-polished: origSize=393316
access-control-allow-credentials: 'true', true
cf-ray: 56522c15485c3237-FRA
access-control-allow-headers: 'Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers', Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 4AF3 2 KB
801 B 77ms
77ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 38a0d939e3a85a3f17b1f789227fedc3e557f93144d3bfb297aa87834b783dd7

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=23&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15281bdfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 09A8 3 KB
1003 B 81ms
81ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 851dad62939ebc6a92a4a678180e15a6e4754db383977d191548e9f076ad716f

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=13&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner13=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15281cdfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame C748 3 KB
993 B 343ms
343ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ae5953b2add066998012a086a699daa133ff607ca672a3c5c76288a915bd701

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=71&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner71=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c154868dfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 9CE7 4 KB
1 KB 328ms
327ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 97b4e45b75244ebb92e592324b082e85592b5ac8fd0c026f2245bb8629c10315

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=50&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15486edfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 3BE1 3 KB
995 B 97ms
97ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 222e460af9e16cc380fae509532b878178148be2bb46cd86ef34440e424589be

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=3&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner3=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c154870dfbb-FRA
content-encoding: br

GET
H2 200 gBack.png
www.news1.co.il/img/ 97 B
240 B 26ms
26ms Image
image/png 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/gBack.png
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 512d3e0bd2e6cb058a531f2d3f6b65c6871adab207097dc085be756ed68f59ef

Request headers

Referer: https://www.news1.co.il/css/nfc.css?t=06032016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 6435
x-powered-by: ASP.NET
status: 200
content-length: 97
last-modified: Sat, 27 Jul 2019 23:12:38 GMT
server: cloudflare
etag: "f45087c8d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: origSize=157
accept-ranges: bytes
cf-ray: 56522c154878dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 3181 3 KB
1 KB 318ms
318ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 54038079b8db85054bdfe0e1291524057badb9bda94669604afc2a1f5bd5bf11

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=58&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner58=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15588cdfbb-FRA
content-encoding: br

GET
H2 200 CountSpecialBoxes.aspx Show response
www.news1.co.il/ Frame AA97 0
64 B 80ms
80ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/CountSpecialBoxes.aspx?CountType=1
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /CountSpecialBoxes.aspx?CountType=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=rhpo1jh0lqq45xsqhlpjg4dc; OrderBanner73=5; isUserShowPlazma9055=Yes; OrderBannerHomePageTopLarge=1; OrderBannerHomePageTop=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15588fdfbb-FRA
content-encoding: br

GET
H2 200 CountSpecialBoxes.aspx Show response
www.news1.co.il/ Frame 28F4 0
99 B 1127ms
1126ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/CountSpecialBoxes.aspx?CountType=29
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /CountSpecialBoxes.aspx?CountType=29
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=rhpo1jh0lqq45xsqhlpjg4dc; OrderBanner73=5; isUserShowPlazma9055=Yes; OrderBannerHomePageTopLarge=1; OrderBannerHomePageTop=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:31 GMT
content-type: text/html
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15589ddfbb-FRA
content-encoding: br

GET
H2 200 CountSpecialBoxes.aspx Show response
www.news1.co.il/ Frame FB78 0
99 B 621ms
620ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/CountSpecialBoxes.aspx?CountType=18
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /CountSpecialBoxes.aspx?CountType=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=rhpo1jh0lqq45xsqhlpjg4dc; OrderBanner73=5; isUserShowPlazma9055=Yes; OrderBannerHomePageTopLarge=1; OrderBannerHomePageTop=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c15589fdfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 791A 2 KB
788 B 345ms
344ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c73d8d873eea13fd11673b8fed32c846b2ce1b04e6ab981cc776a9703543c6ec

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c1558a4dfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 5E95 3 KB
1 KB 813ms
813ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4457a1adf5ddeb1897e5e42e39f5baf0efa738bd895b7ef1158aff83365c3c9d

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=46&Time=18:23:51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner46=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c1558a8dfbb-FRA
content-encoding: br

GET
H2 200 countPage.aspx Show response
www.news1.co.il/ Frame 84BB 671 B
334 B 312ms
312ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/countPage.aspx?docid=412793&subjectid=1&TransID=0&ShowAll=
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bff7c8a8bc3e3bdc8067653df77531c243f337374a6f56060f9832182f872194

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /countPage.aspx?docid=412793&subjectid=1&TransID=0&ShowAll=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=rhpo1jh0lqq45xsqhlpjg4dc; OrderBanner73=5; isUserShowPlazma9055=Yes; OrderBannerHomePageTopLarge=1; OrderBannerHomePageTop=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c1558addfbb-FRA
content-encoding: br

GET
H2 200 ShowBanner.aspx Show response
banners.news1.co.il/ Frame 5274 3 KB
993 B 318ms
318ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bc23bb0fe1857cc7e19af037b3911d3e70a410969206dbc8f8851b4d3d24b1cf

Request headers

:method: GET
:authority: banners.news1.co.il
:scheme: https
:path: /ShowBanner.aspx?Target=9&Time=18:23:54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=ds2yxqyda0djd545yzwoqdy0; OrderBanner87=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: private
x-aspnet-version: 2.0.50727
set-cookie: OrderBanner9=5; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c1568b3dfbb-FRA
content-encoding: br

GET
H2 200 ShowPopUnderBanner.aspx Show response
www.news1.co.il/ Frame DA0E 692 B
453 B 105ms
105ms Document
text/html 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/ShowPopUnderBanner.aspx
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05077ca1d925c7d6de5cfec15ec588305660a10a0717ca48f4590de341e4fcbb

Request headers

:method: GET
:authority: www.news1.co.il
:scheme: https
:path: /ShowPopUnderBanner.aspx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da566905bde96fecda7a620749569aff11581716129; ASP.NET_SessionId=rhpo1jh0lqq45xsqhlpjg4dc; OrderBanner73=5; isUserShowPlazma9055=Yes; OrderBannerHomePageTopLarge=1; OrderBannerHomePageTop=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
x-aspnet-version: 4.0.30319
set-cookie: PopUnderBanner9230=Yes; expires=Sat, 15-Feb-2020 00:35:19 GMT; path=/ PopUnderBannerWait=Yes; expires=Fri, 14-Feb-2020 22:05:19 GMT; path=/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56522c1568b4dfbb-FRA
content-encoding: br

POST
H2 200 GetArticlePopup Show response
www.news1.co.il/ClientFuncs.aspx/ 31 B
148 B 101ms
101ms XHR
application/json 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/ClientFuncs.aspx/GetArticlePopup
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/js/jquery-1.11.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 55a7de57fb7ea50123a55a8255c29aeab7273b295798fd5a559c2d22570428d8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
Origin: https://www.news1.co.il
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
status: 200
cache-control: private, max-age=0
cf-ray: 56522c15a95ddfbb-FRA
content-length: 31

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5182
date: Fri, 14 Feb 2020 20:09:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Fri, 14 Feb 2020 22:09:08 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 63A1 42 KB
6 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c15a968dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 63A1 16 KB
6 KB 16ms
14ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c15a96bdfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 63A1 5 KB
2 KB 14ms
13ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c15a96cdfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 63A1 107 KB
38 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581716130183&ns_c=UTF-8&cv=3.5&c8=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581716130183&ns_c=UTF-8&cv=3.5&c8=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%9...

0
248 B

27ms
26ms

Image
text/plain

104.124.133.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581716130183&ns_c=UTF-8&cv=3.5&c8=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94&c7=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&c9=
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.124.133.20 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-124-133-20.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581716130183&ns_c=UTF-8&cv=3.5&c8=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94&c7=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&c9=
Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
101 B 15ms
14ms Image
image/gif 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1354704030&utmhn=www.news1.co.il&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94&utmhid=1228750069&utmr=-&utmp=%2FArchive%2F001-D-412793-00.html&utmht=1581716130240&utmac=UA-4297245-3&utmcc=__utma%3D148218536.1050157260.1581716130.1581716130.1581716130.1%3B%2B__utmz%3D148218536.1581716130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1459088979&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
122 B 5ms
5ms Image
image/gif 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=1.4&utmn=100531975&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=News1%20%7C%20%D7%A0%D7%A1%3A%20%D7%A1%D7%9B%D7%A1%D7%95%D7%9A%20%D7%A9%D7%A7%D7%A8%D7%99%20%D7%91%D7%91%D7%99%22%D7%97%20%D7%94%D7%93%D7%A1%D7%94&utmhn=www.news1.co.il&utmhid=1228750069&utmr=-&utmp=/Archive/001-D-412793-00.html&utmac=UA-4297245-1&utmcc=__utma%3D148218536.1050157260.1581716130.1581716130.1581716130.1%3B%2B__utmz%3D148218536.1581716130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:36:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1364325
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/news1/trc/3/ 7 KB
4 KB 309ms
308ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/news1/trc/3/json?tim=22%3A35%3A30.248&lti=deflated&data=%7B%22id%22%3A251%2C%22ii%22%3A%22%2Farticlepage.aspx%253fdocid%253d412793%2526subjectid%253d1%2526transid%253d0%2526afteradd%253d1%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581716130247%2C%22cv%22%3A%2220200211-14-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.news1.co.il%2FArticlePage.aspx%253fdocid%253d412793%2526subjectid%253d1%2526TransID%253d0%2526AfterAdd%253d1%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1585%2C%22dh%22%3A3691%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-rr%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A1896%2C%22mw%22%3A236%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200211-14-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e6915e8fdf956efb07bf792d91665f0a6e2ca6aadc4d1aea0218353a25aed36

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-vcl-time-ms: 279
date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-fra19169-FRA
server: nginx
x-timer: S1581716130.264037,VS0,VE279
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 facebook.png
www.news1.co.il/img/ 525 B
653 B 14ms
13ms Image
image/png 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/facebook.png
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js?hash=0bc5ceb15ef0631908953e06651fcb5c&ua=modern_es6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 76ad7e47ecbf656e808a8f0079aaac2bbc6bbda9376c1bdde0992c25f92d5d45

Request headers

Referer: https://www.news1.co.il/css/nfc.css?t=06032016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 4632
x-powered-by: ASP.NET
status: 200
content-length: 525
last-modified: Sat, 27 Jul 2019 23:12:34 GMT
server: cloudflare
etag: "654b65c6d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: pngoptimizer, origSize=634
accept-ranges: bytes
cf-ray: 56522c165b1edfbb-FRA
cf-bgj: imgq:100

GET
H2 200 twiit.png
www.news1.co.il/img/ 583 B
707 B 15ms
14ms Image
image/png 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/twiit.png
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js?hash=0bc5ceb15ef0631908953e06651fcb5c&ua=modern_es6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 610999e8b7ed9d759b0097a3f7962c0df5532e27581b729c0f18e47ada6ce04d

Request headers

Referer: https://www.news1.co.il/css/nfc.css?t=06032016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 4632
x-powered-by: ASP.NET
status: 200
content-length: 583
last-modified: Sun, 17 Jul 2016 21:39:58 GMT
server: cloudflare
etag: "463f6c373e0d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: pngoptimizer, origSize=719
accept-ranges: bytes
cf-ray: 56522c165b20dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 emailS.png
www.news1.co.il/img/ 464 B
588 B 14ms
14ms Image
image/png 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/emailS.png
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js?hash=0bc5ceb15ef0631908953e06651fcb5c&ua=modern_es6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b25d51c3b69369398c6264954b29ceff3d07639429306b71cc3cbdd01274cd58

Request headers

Referer: https://www.news1.co.il/css/nfc.css?t=06032016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 4632
x-powered-by: ASP.NET
status: 200
content-length: 464
last-modified: Sat, 27 Jul 2019 23:12:32 GMT
server: cloudflare
etag: "41e0bcc4d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cf-polished: pngoptimizer, origSize=575
accept-ranges: bytes
cf-ray: 56522c165b22dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 print.gif
www.news1.co.il/img/ 1 KB
1 KB 28ms
27ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/print.gif
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js?hash=0bc5ceb15ef0631908953e06651fcb5c&ua=modern_es6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a13e5a0af515cc85ddb028f68c0e6dc73fe277f81744f711177bfd738addd8c

Request headers

Referer: https://www.news1.co.il/css/nfc.css?t=06032016
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
cf-cache-status: HIT
age: 5060
x-powered-by: ASP.NET
status: 200
content-length: 1090
last-modified: Sat, 27 Jul 2019 23:13:09 GMT
server: cloudflare
etag: "a09931dbd044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c165b24dfbb-FRA
cf-bgj: imgq:100

GET
H2

200

feedback.php
www.facebook.com/plugins/ Frame D428
Redirect Chain

https://www.facebook.com/v2.7/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26o...
https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%...
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%...

0
0

97ms
97ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js?hash=0bc5ceb15ef0631908953e06651fcb5c&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
vary: Accept-Encoding
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: nMfcd5r6VvXoXGqsEyAjxYDJq493mCHkjdbW9EYT99W9t5WB/I7fw2fO7sKFM6Ns4xclAUI7mmyOKofhkEztkQ==
date: Fri, 14 Feb 2020 21:35:30 GMT Fri, 14 Feb 2020 21:35:30 GMT
alt-svc: h3-24=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df3c850c17001f5%26domain%3Dwww.news1.co.il%26origin%3Dhttps%253A%252F%252Fwww.news1.co.il%252Ff36a479a9c22e6%26relation%3Dparent.parent&color_scheme=light&container_width=493&height=100&href=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&locale=he_IL&numposts=3&sdk=joey&version=v2.7&width=492
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: dckKzqyUrpxCabtGHm2rhN1EsXQCeV/XXtTTmNnzawHEEVmHBvuNaKKoFAq78zFIzKfNFL8VeCHUY81+MGwJjg==
content-length: 0
date: Fri, 14 Feb 2020 21:35:30 GMT Fri, 14 Feb 2020 21:35:30 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html
platform.twitter.com/widgets/ Frame 9DBB 0
0 21ms
20ms Document
text/html 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.news1.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.7303c29a8108bca4ac5c9ef008ed8164.html?origin=https%3A%2F%2Fwww.news1.co.il
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/Archive/001-D-412793-00.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

status: 200
last-modified: Wed, 05 Feb 2020 23:46:01 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 14 Feb 2020 21:35:30 GMT
x-served-by: cache-iad2121-IAD, cache-hhn4041-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 148f0c71dd7ce39afae6ba47bf737657dcb983a70cdaff9c53c287e1a4f20b6f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 787 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a2fcea3847d29436cb6c465b7c65413fe22240ecc9b7184abb7bc65e97db9f4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 438 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9b558927a37e59adb70b8b84d906567d44d340905118ed80c0a633d81195954

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5cd8a82c8f3cdd485d0a2c5150cc76aebf357481c9529a535e78e3d1321676c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40c2df35f1dc731fdf432146528e5d6255ed545bd7d928f188f1cb6e5d9ca183

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 701 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bcd692ba843c2535734127f8a23443fe95c6eedf06d1d32693a7521456f68b3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a67a1fef37f113ae2b73e8fbcb611cd2db6f97ada4ef7aab05c45ebcd5c0fbf3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 318e620f71199b8c51e3bc6bd8be989f73c4f4a115c19bb28d13752b7bcb3608

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 949 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b4b11cc882379b04a094a4250c36ffbe3a699b626d966302cc9378b625c3128

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22896f8e3db5cc4458cd24273d949898eaa8db677372beeddef29903a5564565

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a9eebdc31e86178ee372c00a9993914de2f4f14381a2772438fda00d22da436

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf6e922ce5f6641693634211a3e10cedda8625e38d030b543e80d7cbb4973eef

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 208e7dfb8897d244b166f2becabf3823d6bfe440fc484310070478bbc6efabf5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 898 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22987271a9db59c5c4749fcfcd07dbd2a2c1b4b4734e8a2c6b760d850d2edab3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 625 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fb5ba492d85eac12ddd6da3362f0896117bd3691846bd4dcb3b9e51ecfe762a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 756 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57b939134c767c30d52288f097418952db4c6898c53643698b469d2ab228587c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72287519988bf32a51797a3e4529f1945197247996a9e7cd19437566ff5a0308

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 698d325d67773d4672cccc9731da6fb461f710e14c92656d31d3591861a34963

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 955 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9988945bb423eed2743fcfdc1d2622af3431722fd4f3a29c93474c0eec7419d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bbb61e038c09003a96ceac9b033b487e17d59b187aba6ba1f5738ba51b6fd74

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 866 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce56768a8799373c69c80bd891b73971709c7c1cf7c5927d8a68e797200204c2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c13ccc2804c88b3d8b5332ea1567951173f61839292e8e63ad4eb533071823ba

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2276c4652aed67dc1f63d3c79c0e93d3a5d98b4121f1fd1f2a035ba56e93ce45

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 9658 42 KB
6 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"8046b1b6d7ed51:0"
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c16ec9bdfbb-FRA
cf-bgj: minify

GET
H2 200 outstream.js Show response
akamai.advsnx.net/CDN/sdk/outstream/ Frame 9658 370 KB
141 KB 272ms
81ms Script
application/octet-stream 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/outstream/outstream.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: bb243ac30e5c8364bef71a03b2643b0f73b9bbb1cfc95f227069d539961d90f5

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
last-modified: Mon, 13 Jan 2020 15:07:15 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 3C74B08D0314E630
etag: W/"e49fd0a87a79274058c28e880b155143"
x-cache: HIT
x-amz-version-id: SztXGiSKaFB8IdKgceIBlLVM0uxuB1Gy
status: 200
cache-control: max-age=180
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-id-2: Xz6D4Y2S1n7RCiwnU2/2O0Qj0I/ocDZBFhi+vJIiCKcWF8CCrTLZt97oNSu799qyEcNrjKXUioM=

GET
H2 200 moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js Show response
platform.twitter.com/js/ 24 KB
8 KB 20ms
20ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.67dc174b757b0258b54544be2c7b1fe0.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7876
x-served-by: cache-iad2136-IAD, cache-hhn4041-HHN
last-modified: Wed, 05 Feb 2020 23:45:53 GMT
etag: "11d31148aa60716fb9039c36580956f1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.f2565d449b4dd797677034caa0d66bf8.js Show response
platform.twitter.com/js/ 21 KB
7 KB 22ms
22ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f2565d449b4dd797677034caa0d66bf8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 6657
x-served-by: cache-iad2149-IAD, cache-hhn4041-HHN
last-modified: Wed, 05 Feb 2020 23:45:53 GMT
etag: "3ac68eedc6c1bce6319c2bc023cdc98d+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 69EB 42 KB
6 KB 15ms
15ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c177e29dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 69EB 16 KB
6 KB 20ms
20ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c177e2ddfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 69EB 5 KB
2 KB 16ms
15ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c177e2fdfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 69EB 107 KB
38 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 4AF3 42 KB
6 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c177e30dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 4AF3 16 KB
6 KB 19ms
19ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c177e34dfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 4AF3 5 KB
2 KB 15ms
14ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=23&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c177e35dfbb-FRA
cf-bgj: minify

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 09A8 42 KB
6 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c177e3adfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 09A8 16 KB
6 KB 14ms
13ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c177e3cdfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 09A8 5 KB
2 KB 18ms
17ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c177e3ddfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 09A8 107 KB
38 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 63A1 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 63A1 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 63A1 221 KB
83 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/ Frame F2B5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200212/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 13 Feb 2020 01:43:32 GMT
expires: Thu, 27 Feb 2020 01:43:32 GMT
content-type: text/html; charset=UTF-8
etag: 17772678075199185246
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4496
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 157918
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 3BE1 42 KB
6 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c193a59dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 3BE1 16 KB
6 KB 19ms
18ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c193a5bdfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 3BE1 5 KB
2 KB 20ms
19ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c193a5ddfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3BE1 107 KB
38 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

OPTIONS
H2 200 gnt Show response
lb.advsnx.net/adServer/Service.svc/ Frame 9658 0
470 B 143ms
39ms XHR
application/octet-stream 34.246.76.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.advsnx.net/adServer/Service.svc/gnt?sk=news1&cv=2.3.3.032&cb=2559818194526&nr=true&sitePlatform=1&pt=out&pu=aHR0cHMlM0ElMkYlMkZ3d3cubmV3czEuY28uaWwlMkZBcmNoaXZlJTJGMDAxLUQtNDEyNzkzLTAwLmh0bWw=&r=aHR0cHMlM0ElMkYlMkZ3d3cubmV3czEuY28uaWwlMkZBcmNoaXZlJTJGMDAxLUQtNDEyNzkzLTAwLmh0bWw=&pn=bmV3czE=&platform=browser
Requested by: Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/outstream/outstream.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.76.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-76-49.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.news1.co.il
Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 0
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://www.news1.co.il
access-control-expose-headers: BreakMng, UUID
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, BreakMng, UUID
expires: -1

GET
H2 200 list Show response
cdn.syndication.twimg.com/timeline/ 127 KB
15 KB 282ms
280ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/list?callback=__twttr.callbacks.tl_i3_list_News1coil_list_old&dnt=false&domain=www.news1.co.il&lang=en&list_slug=list&screen_name=News1coil&suppress_response_codes=true&t=1757462&tz=GMT%2B0100

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

cfc81f2830d8972d58a40e26cfffe98dea7a1dc081cdda7dd89fab48dba9384a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 14617
x-xss-protection: 0
x-response-time: 254
last-modified: Fri, 14 Feb 2020 21:35:31 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 644dde7a3f0b1e0f0ce6f512dbfa9d0f
timing-allow-origin: *
x-transaction: 00c3b9f000530dee
expires: Fri, 14 Feb 2020 21:40:31 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
360 B 140ms
139ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1581716130884%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 117
pragma: no-cache
last-modified: Fri, 14 Feb 2020 21:35:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 11cd51d45f93027ef4665e0ef185dacf
x-transaction: 0020ca960042b1f9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 userx.20200211-14-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 36ms
34ms Script
application/javascript 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200211-14-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/news1/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f18214cfc8a894b7a8468f110802c529421830041d5cbc8b27b580e950cc8c4

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: Blh0YzsxVAAPvJMn8G5T0QdHej7Gi11S
content-encoding: gzip
age: 22
x-cache: HIT
status: 200
date: Fri, 14 Feb 2020 21:35:30 GMT
x-amz-replication-status: COMPLETED
content-length: 7711
x-amz-id-2: wy8gQiYTLtpqBu6xy+V3k+SWXOaejzo0AK0MWk7ZOEYc3JF3nyrqZn6rUT+bGwgb6T4xp8/ygko=
x-served-by: cache-fra19169-FRA
last-modified: Tue, 11 Feb 2020 19:44:45 GMT
server: AmazonS3
x-timer: S1581716131.928360,VS0,VE0
etag: "2de9d0894ea2543e37d8f8458fb4c94f"
vary: Accept-Encoding
x-amz-request-id: FECE5F5D93EF3220
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 59
x-cache-hits: 21

GET
H2

200

match
match.zorosrv.com/ Frame EB64
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d&tbid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&query=taboola_hm%3D1f3c1d17-48b8-...
https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d

0
293 B

30ms
28ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.440590,VS0,VE8
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
x-cache-hits: 0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-served-by: cache-hhn4021-HHN

Redirect headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.363839,VS0,VE9
location: https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4021-HHN

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame EB64 0
239 B 119ms
30ms Image
image/gif 69.173.144.136
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame EB64
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D

45 B
96 B

33ms
32ms

Image
image/gif

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.122472,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D
Date: Fri, 14 Feb 2020 21:35:30 GMT
Server: nginx
Connection: close
Etag: "WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame EB64
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30

0
54 B

32ms
32ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.242915,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
Server: MT3 2082 7bba72b master zrh-pixel-x8
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame EB64
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Fk4rKwIYHYuh&ev=1&pid=562107

0
63 B

32ms
32ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Fk4rKwIYHYuh&ev=1&pid=562107
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.122008,VS0,VE8
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Fk4rKwIYHYuh&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6c55bfb4dd-5dxtq
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame EB64
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola&tc=1

0
50 B

33ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola&tc=1
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.185325,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT, Fri, 14 Feb 2020 21:35:31 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/appnexus-network/1/rtb-h/ Frame EB64
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

0
60 B

33ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.106381,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:32 GMT
AN-X-Request-Uuid: faf26ead-97b7-4570-8b48-f50e4dcbf104
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.122; 185.210.217.122; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame EB64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJcmCSiClhKYTTtS_Ej4jKI&google_cver=1

0
54 B

34ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJcmCSiClhKYTTtS_Ej4jKI&google_cver=1
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.211230,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJcmCSiClhKYTTtS_Ej4jKI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame EB64
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

0
50 B

33ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.141851,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:33 GMT
AN-X-Request-Uuid: 4dfacbec-30c4-4b15-8834-cdb40dc7df6b
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.122; 185.210.217.122; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame EB64
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a

0
55 B

38ms
38ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.544843,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT
x-aspnet-version: 4.0.30319
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame EB64
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
54 B

33ms
32ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.938682,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
expires: 0
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame EB64 35 B
380 B 426ms
112ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:30 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame EB64 0
176 B 304ms
95ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&_r=6652986
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame EB64
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=dea17608-5c3d-493c-a837-07251b262074&bsw_param=dea17608-5c3d-493c-a837-07251b262074&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=dea17608-5c3d-493c-a837-07251b262074
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074

0
54 B

33ms
32ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.792235,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

status: 302
date: Fri, 14 Feb 2020 21:35:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
match.zorosrv.com/ Frame A4B4
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=1f3c1d17-48b8-413d-bcf8-61688277de7d&tbid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&query=taboola_hm%3D1f3c1d17-48b8-...
https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d

0
52 B

37ms
36ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.523752,VS0,VE8
x-served-by: cache-hhn4021-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.421042,VS0,VE8
location: https://match.zorosrv.com/match?tabid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&extuid=1f3c1d17-48b8-413d-bcf8-61688277de7d&excid=218&query=taboola_hm%3D1f3c1d17-48b8-413d-bcf8-61688277de7d
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4021-HHN

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A4B4 0
239 B 30ms
29ms Image
image/gif 69.173.144.136
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D

45 B
96 B

33ms
33ms

Image
image/gif

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.341489,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g%3D
Date: Fri, 14 Feb 2020 21:35:31 GMT
Server: nginx
Connection: close
Etag: "WYySVEomNWOjaeePi5KFfHcjcXJ6y5HVcsIQgB4r5-g="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30

0
64 B

33ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.333584,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
Server: MT3 2082 7bba72b master zrh-pixel-x17
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=d7ab5e47-12a2-4a00-968d-cc2a3c21ba30
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SfSBEJNFFZGR&ev=1&pid=562107

0
56 B

34ms
34ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SfSBEJNFFZGR&ev=1&pid=562107
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.329685,VS0,VE8
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=SfSBEJNFFZGR&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6c55bfb4dd-5dxtq
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola

0
56 B

42ms
42ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 17
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.331295,VS0,VE17
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT, Fri, 14 Feb 2020 21:35:31 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=LUiRGxbaSp4i3i92yZlK&pi=taboola
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/appnexus-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

0
84 B

35ms
35ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.334158,VS0,VE10
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:33 GMT
AN-X-Request-Uuid: 5626faa8-6c65-457c-ba06-d5394a9508cf
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.122; 185.210.217.122; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.135:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED_YGvOyWAZjAkAnqgFZ3nI&google_cver=1

0
54 B

33ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED_YGvOyWAZjAkAnqgFZ3nI&google_cver=1
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.443518,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESED_YGvOyWAZjAkAnqgFZ3nI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298

0
50 B

33ms
32ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716131.443011,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:33 GMT
AN-X-Request-Uuid: bf22a6b0-4bcc-48c8-9cff-69a00d2e3622
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=1657302821866649298
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.122; 185.210.217.122; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a

0
214 B

33ms
33ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.537117,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT
x-aspnet-version: 4.0.30319
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=3d287605-0390-4773-bf5c-d319d9f0e70a
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame A4B4
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
178 B

34ms
34ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:32 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.169469,VS0,VE9
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
expires: 0
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame A4B4 35 B
380 B 239ms
106ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:31 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame A4B4 0
176 B 291ms
96ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822&_r=6652986
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
cache-control: no-store
x-envoy-upstream-service-time: 1
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame A4B4
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=taboola&bds_param=dea17608-5c3d-493c-a837-07251b262074
https://x.bidswitch.net/sync?dsp_id=340&user_id=852df03f-7ced-4af0-8aaf-7ea2064a6f5a&expires=10&ssp=taboola&bsw_param=dea17608-5c3d-493c-a837-07251b262074
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074

0
83 B

34ms
34ms

Image
text/plain

151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Fri, 14 Feb 2020 21:35:32 GMT
via: 1.1 varnish
server: nginx
x-timer: S1581716132.993478,VS0,VE10
x-served-by: cache-fra19169-FRA
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

status: 302
date: Fri, 14 Feb 2020 21:35:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=dea17608-5c3d-493c-a837-07251b262074
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 69EB 109 B
171 B 27ms
26ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 69EB 109 B
171 B 26ms
25ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 69EB 221 KB
83 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 09A8 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 09A8 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 09A8 221 KB
83 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 3181 42 KB
6 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6355
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1a8da2dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 3181 16 KB
6 KB 18ms
17ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c1a8da5dfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 3181 5 KB
2 KB 17ms
16ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6358
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c1a8da9dfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3181 107 KB
38 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74917ac2c1bd6c6738980339b3dc5767eb87cebd8bbef7f292f4db96120b89fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38680
x-xss-protection: 0
server: cafe
etag: 13996565870061701194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:30 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 8961 42 KB
6 KB 19ms
17ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css?t=06032016
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"e43b27c6d7ed51:0"
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6361
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1ace3cdfbb-FRA
cf-bgj: minify

GET
H2 200 jquery-1.11.0.min.js Show response
www.news1.co.il/js/ Frame 8961 94 KB
32 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/jquery-1.11.0.min.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:08 GMT
server: cloudflare
age: 6438
x-powered-by: ASP.NET
etag: W/"4cefa2b6d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 56522c1ace40dfbb-FRA

GET
H2 200 iframeResizer.contentWindow.min.js Show response
www.news1.co.il/js/ Frame 8961 14 KB
5 KB 18ms
16ms Script
application/javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/js/iframeResizer.contentWindow.min.js
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9

Request headers

Referer: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Jul 2019 23:12:07 GMT
server: cloudflare
age: 6405
x-powered-by: ASP.NET
etag: W/"83b64ab6d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 56522c1ace44dfbb-FRA

GET
H2 200 NEWS1-13-280788600444794.jpg
www.news1.co.il/Thumbs/87/ Frame 8961 2 KB
2 KB 21ms
19ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/Thumbs/87/NEWS1-13-280788600444794.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dff62397e778ab08a05dfc1df0474834ef20fe97313463205ed4800f04d09b1

Request headers

Referer: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 4799
x-powered-by: ASP.NET
status: 200
content-length: 1677
last-modified: Sun, 22 May 2016 09:26:34 GMT
server: cloudflare
etag: "c93c448cb4d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=2206
accept-ranges: bytes
cf-ray: 56522c1ace46dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 NEWS1-13-390056788921357.jpg
www.news1.co.il/Thumbs/87/ Frame 8961 2 KB
2 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/Thumbs/87/NEWS1-13-390056788921357.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 19ed1eb29030a2d719f84a1f010b32c6c8c547bec0be043ba9511b569ce61cb5

Request headers

Referer: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 4100
x-powered-by: ASP.NET
status: 200
content-length: 1864
last-modified: Sun, 22 May 2016 09:22:00 GMT
server: cloudflare
etag: "15285c65bb4d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=2334
accept-ranges: bytes
cf-ray: 56522c1ace49dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 NEWS1-13-103664577007294.jpg
www.news1.co.il/Thumbs/87/ Frame 8961 2 KB
2 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/Thumbs/87/NEWS1-13-103664577007294.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5aa2ee8075442420eaec90591c438da5eff4fdb2389b5b4ef2f8ee6e03debd6c

Request headers

Referer: https://www.news1.co.il/PepoleBanner.aspx?ShowType=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 5210
x-powered-by: ASP.NET
status: 200
content-length: 1769
last-modified: Wed, 18 May 2016 06:51:12 GMT
server: cloudflare
etag: "b67642aad1b0d11:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-polished: origSize=2147
accept-ranges: bytes
cf-ray: 56522c1b7ff8dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0D88 0
0 168ms
168ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=600&slotname=1117496756&adk=265532217&adf=4145692389&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130482&bpp=96&bdt=395&fdt=523&idt=523&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=2229905711635&frm=24&ife=1&pv=2&ga_vid=1297653395.1581716131&ga_sid=1581716131&ga_hid=1116911875&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1641253526&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=208312370632048&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.5wbfz82vxgfl&fsb=1&dtd=542

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=600&slotname=1117496756&adk=265532217&adf=4145692389&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130482&bpp=96&bdt=395&fdt=523&idt=523&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=2229905711635&frm=24&ife=1&pv=2&ga_vid=1297653395.1581716131&ga_sid=1581716131&ga_hid=1116911875&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=300&ish=600&ifk=1641253526&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=208312370632048&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.5wbfz82vxgfl&fsb=1&dtd=542
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj; expires=Wed, 10-Mar-2021 21:35:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Fri, 14 Feb 2020 21:35:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63A1 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=87&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 9CE7 42 KB
6 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1b0f01dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 9CE7 16 KB
6 KB 15ms
15ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c1b0f02dfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 9CE7 5 KB
2 KB 18ms
18ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c1b0f04dfbb-FRA
cf-bgj: minify

GET
H2 200 squreColored.gif
www.news1.co.il/img/ Frame 9CE7 44 B
172 B 14ms
14ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/squreColored.gif
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 850f277392add47a8f5b989cb6b0942d83928c2ad887ec0b4135e403ef9dff62

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=50&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 6361
x-powered-by: ASP.NET
status: 200
content-length: 44
last-modified: Sat, 27 Jul 2019 23:13:21 GMT
server: cloudflare
etag: "b67fce2d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c1b0f05dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 5274 42 KB
6 KB 19ms
18ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1b0f06dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 5274 16 KB
6 KB 16ms
16ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c1b0f07dfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 5274 5 KB
2 KB 17ms
16ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c1b0f09dfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5274 107 KB
38 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame C748 42 KB
6 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1b1f2fdfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame C748 16 KB
6 KB 15ms
14ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c1b1f30dfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame C748 5 KB
2 KB 15ms
15ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c1b1f32dfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C748 107 KB
38 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 791A 42 KB
6 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1b1f34dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 791A 16 KB
6 KB 16ms
13ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c1b2f3adfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 791A 5 KB
2 KB 15ms
12ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=47&Time=18:23:54&inptNumLinks=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c1b2f3cdfbb-FRA
cf-bgj: minify

POST
H2 204 available Show response
trc.taboola.com/news1/log/3/ 0
252 B 34ms
34ms XHR
image/gif 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/news1/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200211-14-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
Origin: https://www.news1.co.il
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-fra19169-FRA
pragma: no-cache
server: nginx
x-timer: S1581716131.104752,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.news1.co.il
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 2f5229dd36b4ce3d551109db10ba61cd.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/ 11 KB
12 KB 26ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/2f5229dd36b4ce3d551109db10ba61cd.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 34626960c119c0c97e232eb4b424d972453ce7e2fe2ea92254845491a8fe80b8

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 1287165
edge-cache-tag: 561705630810792089899964814943088579290,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 15 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboolasyndication.com/libtrc/static/thumbnails/2f5229dd36b4ce3d551109db10ba61cd.jpg
content-length: 11512
x-served-by: cache-fra19148-FRA, cache-fra19169-FRA
last-modified: Wed, 15 Jan 2020 07:08:56 GMT
server: cloudinary
x-timer: S1581716131.477045,VS0,VE1
etag: "497b3b5714e13b654c8a1e4408779fd9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 %25D7%2597%25D7%2595%25D7%25A4%25D7%25A9%25D7%2594-%25D7%2596%25D7%2595%25D7%259C%25D7%2594-%25D7%2591%25D7%25A7%25D7%2595%25D7%25A8%25D7%25A4%25D7%2595-726x408.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.fly.tooty.co.il/wp-content/uploads/2016/05/ 7 KB
8 KB 25ms
24ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.fly.tooty.co.il/wp-content/uploads/2016/05/%25D7%2597%25D7%2595%25D7%25A4%25D7%25A9%25D7%2594-%25D7%2596%25D7%2595%25D7%259C%25D7%2594-%25D7%2591%25D7%25A7%25D7%2595%25D7%25A8%25D7%25A4%25D7%2595-726x408.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 954ce9ca316dc80aa5bb4115cdc51e4df5f93c8714176aa392d796318325be19

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 1687254
edge-cache-tag: 471112697884288022892870628361727618176,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 20 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.fly.tooty.co.il/wp-content/uploads/2016/05/%25D7%2597%25D7%2595%25D7%25A4%25D7%25A9%25D7%2594-%25D7%2596%25D7%2595%25D7%259C%25D7%2594-%25D7%2591%25D7%25A7%25D7%2595%25D7%25A8%25D7%25A4%25D7%2595-726x408.jpg
content-length: 7354
x-served-by: cache-fra19177-FRA, cache-fra19169-FRA
last-modified: Mon, 20 Jan 2020 14:37:02 GMT
server: cloudinary
x-timer: S1581716131.477057,VS0,VE0
etag: "e80ce6e1c2a42f2fa9f08b3980b7cb1d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 NEWS1-13-212993800640107.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.news1.co.il/uploadimages/ 6 KB
6 KB 26ms
25ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.news1.co.il/uploadimages/NEWS1-13-212993800640107.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 3dc2e4c5a0ba2c9dd160cc2bfeed52d091f300d6b83485cd42250b388b2fe731

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 460411
edge-cache-tag: 348408423855603252570767751973353245129,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 08 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//www.news1.co.il/uploadimages/NEWS1-13-212993800640107.jpg
content-length: 5927
x-served-by: cache-fra19142-FRA, cache-fra19169-FRA
last-modified: Thu, 06 Feb 2020 12:27:17 GMT
server: cloudinary
x-timer: S1581716132.502534,VS0,VE1
etag: "aeafb9e8ba415bbd9933878ec8aec175"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1

GET
H2 200 NEWS1-13-105755031108857.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.news1.co.il/uploadimages/ 3 KB
4 KB 27ms
26ms Image
image/jpeg 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.news1.co.il/uploadimages/NEWS1-13-105755031108857.jpg
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0b6845248ce3cf4332bd1f78f98c7bd9b8e8519905d781043b3f074b38c601e4

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 1256188
edge-cache-tag: 622745336723453568160259299453720327843,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.news1.co.il/uploadimages/NEWS1-13-105755031108857.jpg
content-length: 3261
x-request-id: 8df8481a6998a426d0774a5f50448542
x-served-by: cache-fra19155-FRA, cache-fra19169-FRA
last-modified: Sun, 05 Jan 2020 22:55:37 GMT
server: cloudinary
x-timer: S1581716132.504504,VS0,VE1
etag: "9cbd9349036387f60497483823e41495"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

POST
H2 200 gnt Show response
lb.advsnx.net/adServer/Service.svc/ Frame 9658 13 KB
13 KB 134ms
59ms XHR
application/xml 34.246.76.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.advsnx.net/adServer/Service.svc/gnt?sk=news1&cv=2.3.3.032&cb=2559818194526&nr=true&sitePlatform=1&pt=out&pu=aHR0cHMlM0ElMkYlMkZ3d3cubmV3czEuY28uaWwlMkZBcmNoaXZlJTJGMDAxLUQtNDEyNzkzLTAwLmh0bWw=&r=aHR0cHMlM0ElMkYlMkZ3d3cubmV3czEuY28uaWwlMkZBcmNoaXZlJTJGMDAxLUQtNDEyNzkzLTAwLmh0bWw=&pn=bmV3czE=&platform=browser
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.76.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-76-49.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: da6104c6edd6c382661c7768dd06166d8c9291878e169fefdb9befdcb57b0c65

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Origin: https://www.news1.co.il
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:31 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
status: 200
x-powered-by: ASP.NET
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml; charset=utf-8
access-control-allow-origin: https://www.news1.co.il
access-control-expose-headers: BreakMng, UUID
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, BreakMng, UUID
expires: -1

GET
H/1.1 200
OK license.12.js Show response
live.sekindo.com/content/F2YaBn/ 19 KB
7 KB 19ms
19ms Script
application/javascript 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/F2YaBn/license.12.js?cb=1581716131116&pubUrlAuto=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=78871&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: daff5f1be22f6bc0683dee7bcfc5f9b2f781ec753f47753ce8451999b8b9ab56

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 11:33:11 GMT
Server: nginx
ETag: W/"5d10b4f7-4c31"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3BE1 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3BE1 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 3BE1 221 KB
83 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39387ba8fdcd8ed6985a9e6752afe1669f60eaf13bedcf8c3cf968049d1a4f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84527
x-xss-protection: 0
server: cafe
etag: 740724096962296026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
736 B 34ms
33ms Image
image/png 151.101.14.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 6128
x-cache: HIT
status: 200
date: Fri, 14 Feb 2020 21:35:31 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19169-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1581716132.529269,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 59
x-cache-hits: 7080

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0CB8 0
0 132ms
132ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=140&slotname=1200162356&adk=2449704&adf=370430575&w=234&psa=0&guci=1.2.0.0.2.2.0.0&format=234x140&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130924&bpp=8&bdt=709&fdt=256&idt=256&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=4167347345831&frm=24&ife=1&pv=2&ga_vid=1989145169.1581716131&ga_sid=1581716131&ga_hid=1168023371&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=234&ish=140&ifk=3148986560&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C21065539&oid=3&pvsid=1857196533257167&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C234%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.q89ly733ppod&fsb=1&dtd=264

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=140&slotname=1200162356&adk=2449704&adf=370430575&w=234&psa=0&guci=1.2.0.0.2.2.0.0&format=234x140&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130924&bpp=8&bdt=709&fdt=256&idt=256&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=4167347345831&frm=24&ife=1&pv=2&ga_vid=1989145169.1581716131&ga_sid=1581716131&ga_hid=1168023371&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=234&ish=140&ifk=3148986560&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C21065539&oid=3&pvsid=1857196533257167&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C234%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.q89ly733ppod&fsb=1&dtd=264
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkegygBGBPgU1KCz7h9hkd1R4upI4NAv-eFm0zmh7UTOqQuDhCTYHz1MdON
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69EB 74 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3181 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3181 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 3181 221 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 2FEE 42 KB
6 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"8046b1b6d7ed51:0"
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1c298fdfbb-FRA
cf-bgj: minify

GET
H2 200 squreColored.gif
www.news1.co.il/img/ Frame 2FEE 44 B
106 B 16ms
16ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/squreColored.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 850f277392add47a8f5b989cb6b0942d83928c2ad887ec0b4135e403ef9dff62

Request headers

Referer: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 6361
x-powered-by: ASP.NET
status: 200
content-length: 44
last-modified: Sat, 27 Jul 2019 23:13:21 GMT
server: cloudflare
etag: "b67fce2d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c1c2992dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3F63 0
0 123ms
121ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=400&slotname=5630361953&adk=894626007&adf=370430568&w=240&psa=0&guci=1.2.0.0.2.2.0.0&format=240x400&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130952&bpp=5&bdt=729&fdt=284&idt=285&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=3366301063385&frm=24&ife=1&pv=2&ga_vid=1970471462.1581716131&ga_sid=1581716131&ga_hid=1910759472&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=240&ish=400&ifk=2350280920&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1636408994714153&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.s3rhx0wqj9ek&fsb=1&dtd=291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=400&slotname=5630361953&adk=894626007&adf=370430568&w=240&psa=0&guci=1.2.0.0.2.2.0.0&format=240x400&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716130952&bpp=5&bdt=729&fdt=284&idt=285&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=3366301063385&frm=24&ife=1&pv=2&ga_vid=1970471462.1581716131&ga_sid=1581716131&ga_hid=1910759472&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=240&ish=400&ifk=2350280920&scr_x=-12245933&scr_y=-12245933&oid=3&pvsid=1636408994714153&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.s3rhx0wqj9ek&fsb=1&dtd=291
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09A8 74 KB
27 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=13&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5274 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5274 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 5274 221 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 5E95 42 KB
6 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
etag: W/"8046b1b6d7ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c1c8a67dfbb-FRA
cf-bgj: minify

GET
H2 200 flowplayer-3.2.11.min.js Show response
banners.news1.co.il/ Frame 5E95 16 KB
6 KB 15ms
14ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/flowplayer-3.2.11.min.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 04 Sep 2012 08:18:53 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
etag: W/"f410aeeb758acd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-ray: 56522c1c8a69dfbb-FRA

GET
H2 200 swfobject.js Show response
banners.news1.co.il/JS/ Frame 5E95 5 KB
2 KB 13ms
12ms Script
application/x-javascript 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banners.news1.co.il/JS/swfobject.js
Requested by: Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"9467c97bab5bca1:0"
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2009 10:59:00 GMT
server: cloudflare
age: 6359
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cf-polished: origSize=6095
cf-ray: 56522c1c8a6adfbb-FRA
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5E95 107 KB
38 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: banners.news1.co.il
URL: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74917ac2c1bd6c6738980339b3dc5767eb87cebd8bbef7f292f4db96120b89fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38680
x-xss-protection: 0
server: cafe
etag: 13996565870061701194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C748 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C748 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame C748 221 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 sync
lb.artipbox.net/adServer/Service.svc/ Frame 7296 0
0 134ms
39ms Document
text/html 34.246.76.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.artipbox.net/adServer/Service.svc/sync?uuids=b1gxUzhkTHRsRUdpYW00cVhkanNFZHk0RDRWTGl3MHFXZS9nWUcwU0FaRVMzRTZjZjcwNzlEOWIySGMwZ2FrTyxvWDFTOGRMdGxFR2lhbTRxWGRqc0VkeTRENFZMaXcwcVdlL2dZRzBTQVpFUzNFNmNmNzA3OUQ5YjJIYzBnYWtP&t=1581716131307
Requested by: Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/outstream/outstream.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.76.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-76-49.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: lb.artipbox.net
:scheme: https
:path: /adServer/Service.svc/sync?uuids=b1gxUzhkTHRsRUdpYW00cVhkanNFZHk0RDRWTGl3MHFXZS9nWUcwU0FaRVMzRTZjZjcwNzlEOWIySGMwZ2FrTyxvWDFTOGRMdGxFR2lhbTRxWGRqc0VkeTRENFZMaXcwcVdlL2dZRzBTQVpFUzNFNmNmNzA3OUQ5YjJIYzBnYWtP&t=1581716131307
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:31 GMT
content-type: text/html
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=hyq5cofqbderbr4i4hvfscv1; path=/; HttpOnly; SameSite=None; Secure syncUuid=F4WGJD3==; path=/; SameSite=None; Secure
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 1728000
access-control-expose-headers: BreakMng, UUID
access-control-allow-headers: BreakMng, UUID

GET
H2 200 a.aspx Show response
lb.advsnx.net/asa/ Frame 9658 158 B
818 B 46ms
46ms XHR
text/xml 34.246.76.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.advsnx.net/asa/a.aspx?SiteID=1954&Random=6598531192361&Task=Get&nr=true&ZoneID=38486&VVSID=K6j-55MaqUaT4rMM3EhzQA&uuid=oX1S8dLtlEGiam4qXdjsEdy4D4VLiw0qWe%2fgYG0SAZES3E6cf7079D9b2Hc0gakO&cv=2.3.3.032&platform=browser&r=aHR0cHMlM0ElMkYlMkZ3d3cubmV3czEuY28uaWwlMkZBcmNoaXZlJTJGMDAxLUQtNDEyNzkzLTAwLmh0bWw=&break=0&pod=1
Requested by: Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/outstream/outstream.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.76.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-76-49.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7af9dbac072a69d6462efe827948a10b540a0de66a1a80fa1ae831a6482ea199

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
Origin: https://www.news1.co.il
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
breakmng: eAGrViooSi2LT07MLUjMTM%2fzdClWsoqO1VEqyS9JzHFKzMtLLSr2Sc1LL8lQsjLQASouyy0GKikpKk0F8VLLYDrB%2bmoBea8cmw%3d%3d
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 253
pragma: no-cache
server: Microsoft-IIS/10.0
vary: Accept-Encoding
content-type: text/xml
access-control-allow-origin: https://www.news1.co.il
access-control-expose-headers: BreakMng, UUID
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: BreakMng, UUID
expires: -1

GET
H2 200 flashesBGBlack.gif
www.news1.co.il/img/ Frame 2FEE 43 B
172 B 13ms
13ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/flashesBGBlack.gif
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5ee833d3d3957e09ce7b21b61022bd1ca2a47e21b21284bbf7d456ccd903743

Request headers

Referer: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%99%D7%A6%D7%97%D7%A7&lname=%D7%93%D7%A0%D7%95%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=izikda11
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 6124
x-powered-by: ASP.NET
status: 200
content-length: 43
last-modified: Wed, 31 Jul 2019 15:31:43 GMT
server: cloudflare
etag: "60bbafeb547d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: origSize=809
accept-ranges: bytes
cf-ray: 56522c1ccb0fdfbb-FRA
cf-bgj: imgq:100

GET
H2 200 sysbway-min.js Show response
akamai.advsnx.net/CDN/sdk/system-plugins/ Frame 9658 80 KB
30 KB 38ms
37ms Script
application/octet-stream 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysbway-min.js?1581716131350
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 82a0a7414afc83a08f5134ef168e493305a0c073259b9d980858eb2bd669a7ab

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
last-modified: Thu, 31 Jan 2019 14:27:10 GMT
server: NetDNA-cache/2.2
x-amz-request-id: CC2953B53113FDE3
etag: W/"01314c404bcc447927892de3e3bcecac"
x-cache: HIT
x-amz-version-id: Pp58_LDTRaAzmxv1wxUZ_rkL3hbR2MNY
status: 200
cache-control: max-age=180
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-id-2: Xbfq6l3E2Jwxnc6JwISMABQdsLli75kJQdFhhNCq5lrJ8tSINK5JKk5eraE/pEr09ApEK19kz3A=

GET
H2 200 syscct-min.js Show response
akamai.advsnx.net/CDN/sdk/system-plugins/ Frame 9658 106 KB
41 KB 41ms
40ms Script
application/octet-stream 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/syscct-min.js?1581716131350
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d6fbb6993377bead55bf43a7106e52088dbbfb99f6e92a0c2eacab30b3efbe1f

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 08:29:25 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 0F530552090A8E7B
etag: W/"59c9298a00e324ddc35653b73ed28782"
x-cache: HIT
x-amz-version-id: oAwuYIRcP7KjXvoUcGR_PjSCTfdqeCF2
status: 200
cache-control: max-age=180
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-id-2: gqQrJ+ItbOs6bJLE94n6R+iFarsuYjdv4n/cdSIoxkX8zgVpjjvbKtNd3bLtOOhgoWJP6rFOvj4=

GET
H2 200 syslotame-min.js Show response
akamai.advsnx.net/CDN/sdk/system-plugins/ Frame 9658 77 KB
29 KB 43ms
42ms Script
application/octet-stream 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/syslotame-min.js?1581716131351
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2d81fc971795fdc73d5e44fc345e3bd53136439cae960e045e71b40d72a22072

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
last-modified: Tue, 07 May 2019 09:43:41 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 05BF4BB2BFF09A46
etag: W/"5a3a3ce07193b89cb2ee2ae52e8c2a00"
x-cache: HIT
x-amz-version-id: 3N.YGMFwVX0VhplvOehfqBNOUaDn4X.I
status: 200
cache-control: max-age=180
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-id-2: JYsFgYF2I+lMRppjVyCEx/671iNeddUVjwyquc1Brd2iOVPrmIOMTv1lf4JBx6cTCN8FLozeEig=

GET
H2 200 sysnilsen-min.js Show response
akamai.advsnx.net/CDN/sdk/system-plugins/ Frame 9658 1 KB
1 KB 44ms
43ms Script
application/octet-stream 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysnilsen-min.js?1581716131351
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 29ee803ca1fb51ef42f3fc0fbdd072e45b94dd8d0b16740539df2c41613ff904

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 11:38:52 GMT
server: NetDNA-cache/2.2
x-amz-request-id: ABEE0D9E161A6938
etag: W/"6008b7efc2d707cde0b9e4cb03efab9e"
x-cache: HIT
x-amz-version-id: ksWLA5hBjFSbuuewQGjUhPYvK7yemXDe
status: 200
cache-control: max-age=180
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-id-2: aUSiCECYS1nDf6Up20q29+OjYm/q+rWGKgtlPoSyw9apfowSsfhHOUAZ3SgNF6eNDuXo+z7MqeE=

GET
H2 200 sysgauserdata.min.js Show response
akamai.advsnx.net/CDN/sdk/system-plugins/ Frame 9658 84 KB
32 KB 45ms
45ms Script
application/octet-stream 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysgauserdata.min.js?1581716131351
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d228db785d93beb7a1e2486435b09f0c87616c80c41008bb6abe9940ecb6cb45

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
last-modified: Mon, 13 Jan 2020 13:37:44 GMT
server: NetDNA-cache/2.2
x-amz-request-id: BE4E1E6503D5192D
etag: W/"8656e76980df18ceef1f741ed30ace64"
x-cache: HIT
x-amz-version-id: nZxIwIWZeYD94zBv1BL4EZFECCHLNwdS
status: 200
cache-control: max-age=180
content-type: application/octet-stream
access-control-allow-origin: *
x-amz-id-2: TChhIsvGZK33FG5h11kH+o7KyZW6M1EFyGsVgwS1ONC/IeZNmIaZS1VVkOtUltmwUYfuPLw7vEI=

GET
H2 200 J7wjk2VE
pbs.twimg.com/card_img/1228426043863818242/ Frame A8A6 15 KB
15 KB 24ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228426043863818242/J7wjk2VE?format=jpg&name=600x314

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A0) /

Resource Hash

6ab70256dd5f6624a7590eebcd8541205846a152230ccd09426c2228c0c5ff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 1564
x-cache: HIT
status: 200
content-length: 15238
x-response-time: 131
surrogate-key: card_img card_img/bucket/6 card_img/1228426043863818242
last-modified: Fri, 14 Feb 2020 21:07:26 GMT
server: ECS (fcn/41A0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c9d78fb9d2903ad4ae7c241ba64a727e
accept-ranges: bytes

GET
H2 200 1f9a0.png
abs.twimg.com/emoji/v2/72x72/ Frame A8A6 1 KB
2 KB 10ms
10ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f9a0.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4185) /

Resource Hash

1fbee0e57b5965130b857034ea337f939fdda31ab3ad771ab741ca851e4d3b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 16227336
x-ton-expected-size: 1506
x-cache: HIT
status: 200
content-length: 1506
x-response-time: 65
surrogate-key: twitter-assets
last-modified: Mon, 04 Jun 2018 23:14:16 GMT
server: ECS (fcn/4185)
etag: "IfEDgIhY8k68SiOgNc5/OQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 351699b592d00b53bac9d38db59d51f6
accept-ranges: bytes
expires: Sat, 13 Feb 2021 21:35:31 GMT

GET
H2 200 Mhl242qW
pbs.twimg.com/card_img/1228415866905255938/ Frame A8A6 48 KB
48 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228415866905255938/Mhl242qW?format=jpg&name=600x314

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

c18091bf1b82dbc90729285ed7598b33b51e5cf1305a08cc68865acc58e73c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 3697
x-cache: HIT
status: 200
content-length: 48928
x-response-time: 178
surrogate-key: card_img card_img/bucket/1 card_img/1228415866905255938
last-modified: Fri, 14 Feb 2020 20:27:00 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e84b0d4a3f408de6121049f9497608dd
accept-ranges: bytes

GET
H2 200 1f525.png
abs.twimg.com/emoji/v2/72x72/ Frame A8A6 928 B
1 KB 17ms
12ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f525.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 22227088
x-ton-expected-size: 928
x-cache: HIT
status: 200
content-length: 928
x-response-time: 32
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:26 GMT
server: ECS (fcn/40D1)
etag: "SGKFnTk7KmjONB+h88D/mw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: ca137d675914392c36bd71348d989493
accept-ranges: bytes
expires: Sat, 13 Feb 2021 21:35:31 GMT

GET
H2 200 1f49c.png
abs.twimg.com/emoji/v2/72x72/ Frame A8A6 498 B
640 B 13ms
12ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f49c.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

d5f855edcab4a6c68167a0f22e3d37ebeedc5146d01abca12659c5e366a98eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 20843352
x-ton-expected-size: 498
x-cache: HIT
status: 200
content-length: 498
x-response-time: 7
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:23 GMT
server: ECS (fcn/40B5)
etag: "bvGtyqgfEZ4+XcRK4Yw1WQ=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 20a809eac80b2023a2885dbb92afe048
accept-ranges: bytes
expires: Sat, 13 Feb 2021 21:35:31 GMT

GET
H2 200 1f607.png
abs.twimg.com/emoji/v2/72x72/ Frame A8A6 1 KB
1 KB 13ms
12ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f607.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41AE) /

Resource Hash

872aa7cb9054653cf230e04ce27232d9322b3f93c911e7ee8e7fe4d19bce50e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 21760891
x-ton-expected-size: 1112
x-cache: HIT
status: 200
content-length: 1112
x-response-time: 13
surrogate-key: twitter-assets
last-modified: Thu, 17 May 2018 19:31:18 GMT
server: ECS (fcn/41AE)
etag: "5T44Wmg2OiXx7MyaamuxSw=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 2275dc180934ab96d2f22eec53e5c090
accept-ranges: bytes
expires: Sat, 13 Feb 2021 21:35:31 GMT

GET
H2 200 BVN59J08
pbs.twimg.com/card_img/1228386071647588355/ Frame A8A6 25 KB
26 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228386071647588355/BVN59J08?format=jpg&name=600x314

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

415d0d7f55ab154d41e07cb38c20ca875f649d2e5d9b6d3aa08b3e51560b4a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 11027
x-cache: HIT
status: 200
content-length: 26029
x-response-time: 160
surrogate-key: card_img card_img/bucket/5 card_img/1228386071647588355
last-modified: Fri, 14 Feb 2020 18:28:36 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c8dae338841ce95223118d4216dda0a9
accept-ranges: bytes

GET
H2 200 1f1ee-1f1f1.png
abs.twimg.com/emoji/v2/72x72/ Frame A8A6 388 B
531 B 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ee-1f1f1.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

46fe86dc52ea46b8715997068ee8004676cd43a9bacb968df44ea2265c94bbd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 20882577
x-ton-expected-size: 388
x-cache: HIT
status: 200
content-length: 388
x-response-time: 55
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:26 GMT
server: ECS (fcn/4186)
etag: "AA46LihLz+dc5vxUmS542A=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7b110c3da056b024b7681b5db1457468
accept-ranges: bytes
expires: Sat, 13 Feb 2021 21:35:31 GMT

GET
H2 200 Y4paD37k
pbs.twimg.com/card_img/1227181581384720385/ Frame A8A6 7 KB
7 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1227181581384720385/Y4paD37k?format=jpg&name=144x144_2

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

8faa895ba9c651b21a840ba50d288bc103061fd4ab20be0d3d156146d48b10a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 10326
x-cache: HIT
status: 200
content-length: 7238
x-response-time: 167
surrogate-key: card_img card_img/bucket/0 card_img/1227181581384720385
last-modified: Tue, 11 Feb 2020 10:42:23 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 505f0184085a496ef80b17f865b29f47
accept-ranges: bytes

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B3CD 0
0 136ms
135ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=140&slotname=7107095156&adk=2880003653&adf=370430581&w=470&psa=0&guci=1.2.0.0.2.2.0.0&format=470x140&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131137&bpp=11&bdt=908&fdt=225&idt=225&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=1127318193398&frm=24&ife=1&pv=2&ga_vid=302893077.1581716131&ga_sid=1581716131&ga_hid=1026755964&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=470&ish=140&ifk=1138120897&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C36998751%2C44714170&oid=3&pvsid=1988390612397500&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C470%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.3by8lvessn1i&fsb=1&dtd=237

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=140&slotname=7107095156&adk=2880003653&adf=370430581&w=470&psa=0&guci=1.2.0.0.2.2.0.0&format=470x140&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131137&bpp=11&bdt=908&fdt=225&idt=225&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=1127318193398&frm=24&ife=1&pv=2&ga_vid=302893077.1581716131&ga_sid=1581716131&ga_hid=1026755964&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=470&ish=140&ifk=1138120897&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C36998751%2C44714170&oid=3&pvsid=1988390612397500&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C470%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.3by8lvessn1i&fsb=1&dtd=237
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BE1 74 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 69EB 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2afbc245ab7bb52f987cf599fc3644e8781a26aabde36e082f409e70c83148a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
Origin: https://banners.news1.co.il
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5157
x-xss-protection: 0

GET
H2 200 timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ Frame A8A6 52 KB
12 KB 21ms
20ms Stylesheet
text/css 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-cache: MISS, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-iad2129-IAD, cache-hhn4041-HHN
last-modified: Thu, 09 Jan 2020 22:37:57 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 21ms
20ms Image
text/css 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-cache: MISS, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-iad2129-IAD, cache-hhn4041-HHN
last-modified: Thu, 09 Jan 2020 22:37:57 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4DF6 0
0 133ms
132ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=400&slotname=4153628755&adk=1643137576&adf=370430583&w=175&psa=0&guci=1.2.0.0.2.2.0.0&format=175x400&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131208&bpp=15&bdt=616&fdt=206&idt=206&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=7337685044183&frm=24&ife=1&pv=2&ga_vid=996845412.1581716131&ga_sid=1581716131&ga_hid=1696746610&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=175&ish=400&ifk=2879556505&scr_x=-12245933&scr_y=-12245933&eid=21065304%2C44714237&oid=3&pvsid=1691622703644596&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C175%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.x42jpg4fm7up&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=400&slotname=4153628755&adk=1643137576&adf=370430583&w=175&psa=0&guci=1.2.0.0.2.2.0.0&format=175x400&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131208&bpp=15&bdt=616&fdt=206&idt=206&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=7337685044183&frm=24&ife=1&pv=2&ga_vid=996845412.1581716131&ga_sid=1581716131&ga_hid=1696746610&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=175&ish=400&ifk=2879556505&scr_x=-12245933&scr_y=-12245933&eid=21065304%2C44714237&oid=3&pvsid=1691622703644596&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C175%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.x42jpg4fm7up&fsb=1&dtd=211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3181 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=58&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 69EB 21 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5E95 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5E95 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=banners.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 5E95 221 KB
83 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39387ba8fdcd8ed6985a9e6752afe1669f60eaf13bedcf8c3cf968049d1a4f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84527
x-xss-protection: 0
server: cafe
etag: 740724096962296026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8BFF 0
0 131ms
131ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=250&slotname=5394859554&adk=4256552153&adf=370430603&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131271&bpp=8&bdt=607&fdt=198&idt=198&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=4842736899732&frm=24&ife=1&pv=2&ga_vid=1257165950.1581716131&ga_sid=1581716131&ga_hid=1087889688&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-10&ady=0&biw=-12245933&bih=-12245933&isw=960&ish=250&ifk=2940449076&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C21065533%2C21065538&oid=2&pvsid=2614797326942323&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.au2n2z4xpz6&fsb=1&dtd=204

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=250&slotname=5394859554&adk=4256552153&adf=370430603&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131271&bpp=8&bdt=607&fdt=198&idt=198&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=4842736899732&frm=24&ife=1&pv=2&ga_vid=1257165950.1581716131&ga_sid=1581716131&ga_hid=1087889688&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-10&ady=0&biw=-12245933&bih=-12245933&isw=960&ish=250&ifk=2940449076&scr_x=-12245933&scr_y=-12245933&eid=21065305%2C21065533%2C21065538&oid=2&pvsid=2614797326942323&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.au2n2z4xpz6&fsb=1&dtd=204
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5274 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0973 0
0 193ms
191ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=60&slotname=6967494351&adk=2107312494&adf=370430571&w=468&psa=0&guci=1.2.0.0.2.2.0.0&format=468x60&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131286&bpp=5&bdt=617&fdt=195&idt=195&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=8535173468726&frm=24&ife=1&pv=2&ga_vid=428251075.1581716131&ga_sid=1581716131&ga_hid=664516934&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=468&ish=60&ifk=3095083937&scr_x=-12245933&scr_y=-12245933&eid=21065382&oid=3&pvsid=4283367934078794&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.bb612lo7zj8a&fsb=1&dtd=200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=60&slotname=6967494351&adk=2107312494&adf=370430571&w=468&psa=0&guci=1.2.0.0.2.2.0.0&format=468x60&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131286&bpp=5&bdt=617&fdt=195&idt=195&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=8535173468726&frm=24&ife=1&pv=2&ga_vid=428251075.1581716131&ga_sid=1581716131&ga_hid=664516934&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=468&ish=60&ifk=3095083937&scr_x=-12245933&scr_y=-12245933&eid=21065382&oid=3&pvsid=4283367934078794&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C60&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.bb612lo7zj8a&fsb=1&dtd=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C748 74 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=71&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 SHKMIPf3_normal.jpg
pbs.twimg.com/profile_images/979755094160887808/ Frame A8A6 2 KB
2 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/979755094160887808/SHKMIPf3_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418E) /

Resource Hash

1f293005e25d0d3ee496b1127317d7a119497cff1d0dcd0c03dd6cb13daeb275

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 129886
x-cache: HIT
status: 200
content-length: 2339
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/3 profile_images/979755094160887808
last-modified: Fri, 30 Mar 2018 16:17:52 GMT
server: ECS (fcn/418E)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e0a90f6a8f02cc032dcfbc016fe3904c
accept-ranges: bytes

GET
H2 200 Uw4XZBkR_normal.jpg
pbs.twimg.com/profile_images/1221012545391222785/ Frame A8A6 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1221012545391222785/Uw4XZBkR_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B5) /

Resource Hash

e42bf443a1f3c70e905764b41c1786ad1231ddf155342bd83ccb68f4c0daf188

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 559480
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/2 profile_images/1221012545391222785
last-modified: Sat, 25 Jan 2020 10:08:50 GMT
server: ECS (fcn/40B5)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 217d41eef7c67e64e649c4222a725288
accept-ranges: bytes

GET
H2 200 pVgxeErM_normal.jpg
pbs.twimg.com/profile_images/1187004378307321857/ Frame A8A6 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1187004378307321857/pVgxeErM_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

9a44c18d59be7a335d73f6ccc312da5b7c5b0fc42ce0cb0e0474ab6bdfaef041

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 25265
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/1 profile_images/1187004378307321857
last-modified: Wed, 23 Oct 2019 13:52:31 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7620ca2b7d232d068ce33a4030beced8
accept-ranges: bytes

GET
H2 200 2a815fa68b33f2f29b1e7418400ce24d_normal.jpeg
pbs.twimg.com/profile_images/3505742507/ Frame A8A6 7 KB
7 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3505742507/2a815fa68b33f2f29b1e7418400ce24d_normal.jpeg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

c1372bdf33637c6fefc1d97efea8cef417cd094bb8221643ef0bce504d33c71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 487947
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/6 profile_images/3505742507
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/40B3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 129d007ee4cdec1be5229351a81cc41e
accept-ranges: bytes

GET
H2 200 JWt_NxXQ_normal.jpg
pbs.twimg.com/profile_images/581483998666309632/ Frame A8A6 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/581483998666309632/JWt_NxXQ_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

ac0dade94f4744eb4e2f717bf45407a586c2800a80d6fc4a72a16d9174979499

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 210722
x-cache: HIT
status: 200
content-length: 1579
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/0 profile_images/581483998666309632
last-modified: Fri, 27 Mar 2015 15:50:43 GMT
server: ECS (fcn/41A8)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 14a67bf26933e7d82594c86f311bb5ec
accept-ranges: bytes

GET
H2 200 i_Jrqe9A_normal.jpg
pbs.twimg.com/profile_images/1153387682669768705/ Frame A8A6 2 KB
2 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1153387682669768705/i_Jrqe9A_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

ae9f7550ed7db0c71e6efa53b3dbdeb1933f71ee42243e07aa54c6c0f330cc5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 344291
x-cache: HIT
status: 200
content-length: 1883
x-response-time: 115
surrogate-key: profile_images profile_images/bucket/6 profile_images/1153387682669768705
last-modified: Mon, 22 Jul 2019 19:31:47 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 20e64eb316adcbad2dfc98fcc368df92
accept-ranges: bytes

GET
H2 200 kUuht00m_normal.jpg
pbs.twimg.com/profile_images/874276197357596672/ Frame A8A6 2 KB
2 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/874276197357596672/kUuht00m_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A6) /

Resource Hash

ce7c766f2c09facbc2a622f5013802db92dcf41f60d53494f6645325611799e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 71099
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/1 profile_images/874276197357596672
last-modified: Mon, 12 Jun 2017 14:42:23 GMT
server: ECS (fcn/41A6)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a317197d63c8f526bfb08f56af1334ad
accept-ranges: bytes

GET
H2 200 sbVfjYUu_normal.jpg
pbs.twimg.com/profile_images/689449792385056769/ Frame A8A6 2 KB
2 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/689449792385056769/sbVfjYUu_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

af1634ce4d180bf7805766f7a1a532e4ba5e75413b11d9b9dab66c183f8d4e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 202973
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/7 profile_images/689449792385056769
last-modified: Tue, 19 Jan 2016 14:08:14 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9ff80c42f303c6a88b1fe4de59eafc1c
accept-ranges: bytes

GET
H2 200 IdvnYcYG_normal.jpg
pbs.twimg.com/profile_images/967695971953111041/ Frame A8A6 2 KB
2 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/967695971953111041/IdvnYcYG_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

4cd3e73f3343041328a5f7c04f4882da53391e21cb5688bac3be0d1eb4b177e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 31083
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/0 profile_images/967695971953111041
last-modified: Sun, 25 Feb 2018 09:39:13 GMT
server: ECS (fcn/41A2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 14ebbe05a5c4f702a41a431f5e2f371a
accept-ranges: bytes

GET
H2 200 r30rupUE_normal.jpg
pbs.twimg.com/profile_images/973147313307815936/ Frame A8A6 2 KB
2 KB 10ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/973147313307815936/r30rupUE_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40DA) /

Resource Hash

d6c3a73a187677731b36b3b23e26d59c5fa17d77c42febca1b57e7dce2f1dc68

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 121890
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 163
surrogate-key: profile_images profile_images/bucket/6 profile_images/973147313307815936
last-modified: Mon, 12 Mar 2018 10:40:54 GMT
server: ECS (fcn/40DA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0a17ab0acb4e193acc8d27e2da4e8c66
accept-ranges: bytes

GET
H2 200 naKO9vnX_normal.png
pbs.twimg.com/profile_images/1128776723506585601/ Frame A8A6 3 KB
4 KB 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1128776723506585601/naKO9vnX_normal.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E5) /

Resource Hash

e7ac8dcc36c0e4ca509f4dbe78398321ded2ed07bc07da4e3e61f36f7301b0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 323957
x-cache: HIT
status: 200
content-length: 3555
x-response-time: 110
surrogate-key: profile_images profile_images/bucket/8 profile_images/1128776723506585601
last-modified: Wed, 15 May 2019 21:36:37 GMT
server: ECS (fcn/40E5)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: aff21a69f252c24ced6432242151dd7f
accept-ranges: bytes

GET
H2 200 h9S-2Uxl_normal.jpeg
pbs.twimg.com/profile_images/572686678360215552/ Frame A8A6 2 KB
2 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/572686678360215552/h9S-2Uxl_normal.jpeg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419B) /

Resource Hash

16470798d5615898e55650375726580514c064d20d595eac04ab702cdb5be412

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 406333
x-cache: HIT
status: 200
content-length: 1731
x-response-time: 127
surrogate-key: profile_images profile_images/bucket/2 profile_images/572686678360215552
last-modified: Tue, 03 Mar 2015 09:13:18 GMT
server: ECS (fcn/419B)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a8fa46d6e020a7b4e3d61689267c0adf
accept-ranges: bytes

GET
H2 200 3ngaRc_X_normal.jpg
pbs.twimg.com/profile_images/1028216789258457088/ Frame A8A6 2 KB
2 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1028216789258457088/3ngaRc_X_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

7467acc06126d1fe0753510d9272da876457c160a144b7cb2b914a590397d9c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 144184
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 261
surrogate-key: profile_images profile_images/bucket/5 profile_images/1028216789258457088
last-modified: Sat, 11 Aug 2018 09:47:20 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2a30c808e1349090ccc8c2a054c49f89
accept-ranges: bytes

GET
H2 200 wiztyB6Y_normal.jpg
pbs.twimg.com/profile_images/759750089761882113/ Frame A8A6 2 KB
2 KB 11ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/759750089761882113/wiztyB6Y_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40B3) /

Resource Hash

83bbf029ab9910411ca12439f7c5ac82b46e6017ee8f2ca8001ecb95af7ee2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 269673
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 125
surrogate-key: profile_images profile_images/bucket/3 profile_images/759750089761882113
last-modified: Sun, 31 Jul 2016 13:56:31 GMT
server: ECS (fcn/40B3)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 405cb7f8b2e78bcf2f6691964f2c9ee5
accept-ranges: bytes

GET
H2 200 ZlOhua2a_normal.png
pbs.twimg.com/profile_images/1145666631890284550/ Frame A8A6 2 KB
2 KB 29ms
28ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1145666631890284550/ZlOhua2a_normal.png

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

dc59afefadb45c7b5aab4cefa30c093c99f1958c810496879ca448c6445ea299

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 160246
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/2 profile_images/1145666631890284550
last-modified: Mon, 01 Jul 2019 12:11:05 GMT
server: ECS (fcn/4199)
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7d6a0788ce6f95b1efb5334d15d3aa22
accept-ranges: bytes

GET
H2 200 9VdElVIW_normal.jpg
pbs.twimg.com/profile_images/1205528449491836935/ Frame A8A6 2 KB
2 KB 29ms
28ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1205528449491836935/9VdElVIW_normal.jpg

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

2f7f51b020acce5dc386e1375ad980c0b25cd4dafdccdc731a93a833110f340f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 494904
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 130
surrogate-key: profile_images profile_images/bucket/6 profile_images/1205528449491836935
last-modified: Fri, 13 Dec 2019 16:40:34 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 51163c06eb8a1f25c752195ea8837afa
accept-ranges: bytes

GET
H2 200 EQrT417WsAI8hB-
pbs.twimg.com/media/ Frame A8A6 17 KB
17 KB 29ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQrT417WsAI8hB-?format=jpg&name=360x360

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4192) /

Resource Hash

7311c548c0655c4ee380eaf9687f12daad847013633049efbe3afab63ec6155d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 54786
x-cache: HIT
status: 200
content-length: 17252
x-response-time: 234
surrogate-key: media media/bucket/4 media/1228026821914046466
last-modified: Thu, 13 Feb 2020 18:41:04 GMT
server: ECS (fcn/4192)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 53f6169aaa24383a087129aa6af71bb3
accept-ranges: bytes

GET
H2 200 qTmCjmmCIuxOBdzf
pbs.twimg.com/ext_tw_video_thumb/1228397670563225600/pu/img/ Frame A8A6 9 KB
9 KB 30ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1228397670563225600/pu/img/qTmCjmmCIuxOBdzf?format=jpg&name=240x240

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

f982f9386f05ea43ff2f143432487ca893f6f0026ea18a9738de973deb50906f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 7324
x-cache: MISS
status: 200
content-length: 8794
x-response-time: 153
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1228397670563225600
last-modified: Fri, 14 Feb 2020 19:14:41 GMT
server: ECS (fcn/40D4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b69993acf0814070aa24bb2778a0b872
accept-ranges: bytes

GET
H2 200 EQwgymtX0AQSzOQ
pbs.twimg.com/media/ Frame A8A6 4 KB
4 KB 29ms
29ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQwgymtX0AQSzOQ?format=jpg&name=240x240

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/419A) /

Resource Hash

0667adc3a2f0f3ebe9a126f70dc8faff3aad794d122cbf7c34623d93c4a692d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 9259
x-cache: HIT
status: 200
content-length: 4071
x-response-time: 145
surrogate-key: media media/bucket/9 media/1228392852121702404
last-modified: Fri, 14 Feb 2020 18:55:33 GMT
server: ECS (fcn/419A)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 24002ae2f2c68b7ee23cf4af08c00cac
accept-ranges: bytes

GET
H2 200 EQwaLqQW4AIqYhA
pbs.twimg.com/media/ Frame A8A6 3 KB
3 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQwaLqQW4AIqYhA?format=jpg&name=120x120

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40E1) /

Resource Hash

db78e8fae0597d91499232585b0e585445fbbef6d2c52e600cf1ec304c0fe78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 11044
x-cache: HIT
status: 200
content-length: 3007
x-response-time: 162
surrogate-key: media media/bucket/0 media/1228385585989083138
last-modified: Fri, 14 Feb 2020 18:26:40 GMT
server: ECS (fcn/40E1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b5707d299bdb20ecd6d01d7eef36a398
accept-ranges: bytes

GET
H2 200 EQwaLqTW4AARrMu
pbs.twimg.com/media/ Frame A8A6 3 KB
3 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQwaLqTW4AARrMu?format=jpg&name=120x120

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

9a4be004366e90798d2902920848c43e69519d46303b5b287d548faac0cc5476

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 11044
x-cache: HIT
status: 200
content-length: 3448
x-response-time: 138
surrogate-key: media media/bucket/7 media/1228385586001666048
last-modified: Fri, 14 Feb 2020 18:26:40 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: db64373c5baa299641769fdeb49a2d0a
accept-ranges: bytes

GET
H2 200 EQwaLqIXYAAqXet
pbs.twimg.com/media/ Frame A8A6 3 KB
3 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EQwaLqIXYAAqXet?format=jpg&name=120x120

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AD) /

Resource Hash

0deda3a485025849b5d1c3b08dc73bec2fdeaec1d07ae6ad11b5a8c1d2a52c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 11044
x-cache: HIT
status: 200
content-length: 3359
x-response-time: 131
surrogate-key: media media/bucket/5 media/1228385585955561472
last-modified: Fri, 14 Feb 2020 18:26:40 GMT
server: ECS (fcn/40AD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7127b11128f2d69081644a217e3ebec8
accept-ranges: bytes

GET
H/1.1

200
OK

uid
go.flx1.com/ Frame 9658
Redirect Chain

https://go.flx1.com/uid?m=141&pl=149&userid=19091a0d-48f6-4324-9447-8f3d92315b4b&random=1581716131556
https://go.flx1.com/uid?_check=1&m=141&pl=149&random=1581716131556&userid=19091a0d-48f6-4324-9447-8f3d92315b4b
https://ib.adnxs.com/getuid?https://go.flx1.com/uid?anuid=$UID&t=&m=141&_rdnr=1&fs=0
https://go.flx1.com/uid?anuid=1657302821866649298&t=&m=141&_rdnr=1&fs=0

294 B
294 B

24ms
24ms

Image
application/javascript

35.187.125.245
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.flx1.com/uid?anuid=1657302821866649298&t=&m=141&_rdnr=1&fs=0
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.187.125.245 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 245.125.187.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
Last-Modified: Fri, 14 Feb 2020 21:35:31 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 294
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:33 GMT
AN-X-Request-Uuid: f976de50-c388-486b-adbb-85d2c03bcdbd
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://go.flx1.com/uid?anuid=1657302821866649298&t=&m=141&_rdnr=1&fs=0
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.210.217.122; 185.210.217.122; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.47:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 9658
Redirect Chain

https://loadr.exelator.com/load/?p=1257&g=204&uuid=19091a0d-48f6-4324-9447-8f3d92315b4b&j=0
https://load77.exelator.com/pixel.gif

43 B
273 B

75ms
24ms

Image
image/gif

195.181.175.48
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.48 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS: unn-195-181-175-48.datapacket.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
access-control-allow-origin: *
x-edge-location: frankfurtDE
etag: "59f0c3fc-2b"
x-cache: HIT
content-type: image/gif
status: 200
x-edge-ip: 195.181.175.47
x-age: 987208
accept-ranges: bytes
content-length: 43

Redirect headers

date: Fri, 14 Feb 2020 21:35:31 GMT
server: nginx/1.14.0
x-powered-by: Undertow/1
location: https://load77.exelator.com/pixel.gif
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status: 302
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9658 44 KB
18 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/syscct-min.js?1581716131350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3719
date: Fri, 14 Feb 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 14 Feb 2020 22:33:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9658 126 KB
30 KB 12ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/syscct-min.js?1581716131350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: jOSVmDEJ9GEba3qeY6AqFpmcCCIITrhE8u74/leLfVRjNw4agnbGfrvDoM56hd2zJQrB1wyH+5W49bV96jBCeQ==
x-fb-trip-id: 1850256238
date: Fri, 14 Feb 2020 21:35:31 GMT, Fri, 14 Feb 2020 21:35:31 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

tpid=19091a0d-48f6-4324-9447-8f3d92315b4b
sync.crwdcntrl.net/map/ct=y/c=13979/tp=ARTI/ Frame 9658
Redirect Chain

https://sync.crwdcntrl.net/map/c=13979/tp=ARTI/tpid=19091a0d-48f6-4324-9447-8f3d92315b4b?redir=https%3A%2F%2Flb.advsnx.net%2Fstorepair%2Fmap.js%3Fu%3D19091a0d-48f6-4324-9447-8f3d92315b4b%26p%3D%24%...
https://sync.crwdcntrl.net/map/ct=y/c=13979/tp=ARTI/tpid=19091a0d-48f6-4324-9447-8f3d92315b4b?redir=https%3A%2F%2Flb.advsnx.net%2Fstorepair%2Fmap.js%3Fu%3D19091a0d-48f6-4324-9447-8f3d92315b4b%26p%3...

49 B
963 B

45ms
44ms

Image
image/gif

34.252.210.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=13979/tp=ARTI/tpid=19091a0d-48f6-4324-9447-8f3d92315b4b?redir=https%3A%2F%2Flb.advsnx.net%2Fstorepair%2Fmap.js%3Fu%3D19091a0d-48f6-4324-9447-8f3d92315b4b%26p%3D%24%7Bprofile_id%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.210.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-210-122.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:32 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.28.81
Connection: keep-alive
Content-Type: image/gif
Content-Length: 49
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 21:35:31 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location: https://sync.crwdcntrl.net/map/ct=y/c=13979/tp=ARTI/tpid=19091a0d-48f6-4324-9447-8f3d92315b4b?redir=https%3A%2F%2Flb.advsnx.net%2Fstorepair%2Fmap.js%3Fu%3D19091a0d-48f6-4324-9447-8f3d92315b4b%26p%3D%24%7Bprofile_id%7D
Cache-Control: no-cache
X-Server: 10.45.13.46
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 sysgauserdata_pixel.html
akamai.advsnx.net/CDN/sdk/system-plugins/ Frame 2A7B 0
0 62ms
59ms Document
text/html 151.139.236.239
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysgauserdata_pixel.html?t=1581716131584
Requested by: Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysgauserdata.min.js?1581716131351
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.236.239 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

:method: GET
:authority: akamai.advsnx.net
:scheme: https
:path: /CDN/sdk/system-plugins/sysgauserdata_pixel.html?t=1581716131584
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: UUID=oX1S8dLtlEGiam4qXdjsEdy4D4VLiw0qWe/gYG0SAZES3E6cf7079D9b2Hc0gakO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51

Response headers

status: 200
date: Fri, 14 Feb 2020 21:35:31 GMT
content-type: text/html
x-amz-id-2: ci8Sm9HZ27joI2u+Y0dUw/IUPftAHWhWRUuWGjhGMmPKNGrWyIPWB/UskJIDSKoRk10CzHxzjfM=
x-amz-request-id: 96BA60BF2E0CF474
cache-control: max-age=180
x-amz-meta-cb-modifiedtime: Mon, 13 Jan 2020 09:40:42 GMT
last-modified: Mon, 13 Jan 2020 13:11:57 GMT
x-amz-version-id: mRy6KlcxAixnMSMR1_5yOUF0.U0Pm6T4
etag: W/"154dff546812b0504cd0b068fc1debf9"
server: NetDNA-cache/2.2
access-control-allow-origin: *
x-cache: HIT
content-encoding: gzip

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3BE1 7 KB
5 KB 23ms
17ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d44d9e7347d07add929bd099226a57b3e671289987f002a38a26131eb4b1e160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
Origin: https://banners.news1.co.il
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5272
x-xss-protection: 0

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame A8A6 44 KB
7 KB 20ms
8ms Stylesheet
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581129
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 9de27e9573a13ed13c726c735bf26d4e
accept-ranges: bytes
expires: Fri, 21 Feb 2020 21:35:31 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 18ms
9ms Image
text/css 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418C) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581129
x-ton-expected-size: 45170
x-cache: HIT
status: 200
strict-transport-security: max-age=631138519
content-length: 6839
x-response-time: 8
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECS (fcn/418C)
etag: "4mhImCFS9rptiUICNnLD1g=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-connection-hash: 9de27e9573a13ed13c726c735bf26d4e
accept-ranges: bytes
expires: Fri, 21 Feb 2020 21:35:31 GMT

GET
DATA 200
OK truncated
/ Frame A8A6 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A8A6 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A8A6 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A8A6 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A8A6 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame A8A6 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 2A26 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Fri, 14 Feb 2020 20:34:43 GMT
expires: Sat, 13 Feb 2021 20:34:43 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3648
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 15A1 0
0 117ms
116ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=300&slotname=5490761157&adk=3474866384&adf=370430601&w=175&psa=0&guci=1.2.0.0.2.2.0.0&format=175x300&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131459&bpp=7&bdt=364&fdt=331&idt=331&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=3500181574874&frm=24&ife=1&pv=2&ga_vid=713196890.1581716132&ga_sid=1581716132&ga_hid=1951460430&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=175&ish=300&ifk=1118259071&scr_x=-12245933&scr_y=-12245933&eid=44714170%2C44714237&oid=3&pvsid=2053352368128797&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C175%2C300&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.d5b7iaxddbif&fsb=1&dtd=340

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=300&slotname=5490761157&adk=3474866384&adf=370430601&w=175&psa=0&guci=1.2.0.0.2.2.0.0&format=175x300&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716131459&bpp=7&bdt=364&fdt=331&idt=331&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=3500181574874&frm=24&ife=1&pv=2&ga_vid=713196890.1581716132&ga_sid=1581716132&ga_hid=1951460430&ga_fc=0&iag=3&icsg=2090&nhd=1&dssz=8&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=175&ish=300&ifk=1118259071&scr_x=-12245933&scr_y=-12245933&eid=44714170%2C44714237&oid=3&pvsid=2053352368128797&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C175%2C300&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=1.d5b7iaxddbif&fsb=1&dtd=340
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:31 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E95 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=46&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET userdata
log.advsnx.net/ Frame 9658 0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BE1 21 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5274 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200212&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcf9af468386c28be4557472b3481ed590508b3103ec8aa9b94b597d898e072b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
Origin: https://banners.news1.co.il
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5135
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5274 21 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H2 200 nfc.css
www.news1.co.il/css/ Frame 7E25 42 KB
6 KB 17ms
16ms Stylesheet
text/css 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.news1.co.il/css/nfc.css
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a

Request headers

Referer: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
content-encoding: br
etag: W/"8046b1b6d7ed51:0"
cf-cache-status: HIT
last-modified: Wed, 09 Oct 2019 06:44:49 GMT
server: cloudflare
age: 6356
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-polished: origSize=62347
cf-ray: 56522c207bc2dfbb-FRA
cf-bgj: minify

GET
H2 200 squreColored.gif
www.news1.co.il/img/ Frame 7E25 44 B
176 B 17ms
17ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/squreColored.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 850f277392add47a8f5b989cb6b0942d83928c2ad887ec0b4135e403ef9dff62

Request headers

Referer: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 6361
x-powered-by: ASP.NET
status: 200
content-length: 44
last-modified: Sat, 27 Jul 2019 23:13:21 GMT
server: cloudflare
etag: "b67fce2d044d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 56522c207bc4dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame E184 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Fri, 14 Feb 2020 20:34:43 GMT
expires: Sat, 13 Feb 2021 20:34:43 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3648
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 flashesBGBlack.gif
www.news1.co.il/img/ Frame 7E25 43 B
103 B 15ms
15ms Image
image/gif 2606:4700:20::681a:1a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.news1.co.il/img/flashesBGBlack.gif
Requested by: Host: www.news1.co.il
URL: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5ee833d3d3957e09ce7b21b61022bd1ca2a47e21b21284bbf7d456ccd903743

Request headers

Referer: https://www.news1.co.il/PrevArticlesList.aspx?fname=%D7%90%D7%99%D7%AA%D7%9E%D7%A8&lname=%D7%9C%D7%95%D7%99%D7%9F&yoavTime=11/04/2019%2010:58:35&blogName=itamar
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
cf-cache-status: HIT
age: 6124
x-powered-by: ASP.NET
status: 200
content-length: 43
last-modified: Wed, 31 Jul 2019 15:31:43 GMT
server: cloudflare
etag: "60bbafeb547d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cf-polished: origSize=809
accept-ranges: bytes
cf-ray: 56522c209c20dfbb-FRA
cf-bgj: imgq:100

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 85E5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Fri, 14 Feb 2020 20:34:43 GMT
expires: Sat, 13 Feb 2021 20:34:43 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3648
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 J7wjk2VE
pbs.twimg.com/card_img/1228426043863818242/ Frame A8A6 15 KB
15 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228426043863818242/J7wjk2VE?format=jpg&name=600x314

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/41A0) /

Resource Hash

6ab70256dd5f6624a7590eebcd8541205846a152230ccd09426c2228c0c5ff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 1564
x-cache: HIT
status: 200
content-length: 15238
x-response-time: 131
surrogate-key: card_img card_img/bucket/6 card_img/1228426043863818242
last-modified: Fri, 14 Feb 2020 21:07:26 GMT
server: ECS (fcn/41A0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c9d78fb9d2903ad4ae7c241ba64a727e
accept-ranges: bytes

GET
H2 200 Mhl242qW
pbs.twimg.com/card_img/1228415866905255938/ Frame A8A6 48 KB
48 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228415866905255938/Mhl242qW?format=jpg&name=600x314

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/Archive/001-D-412793-00.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

c18091bf1b82dbc90729285ed7598b33b51e5cf1305a08cc68865acc58e73c6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 3697
x-cache: HIT
status: 200
content-length: 48928
x-response-time: 178
surrogate-key: card_img card_img/bucket/1 card_img/1228415866905255938
last-modified: Fri, 14 Feb 2020 20:27:00 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e84b0d4a3f408de6121049f9497608dd
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 2 KB
558 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Assistant:400,600,700

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=78870&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec0946f77b90566ff3ccd792982107ac29994674f55bbd9b0b8426f32203d831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 21:35:31 GMT
server: ESF
date: Fri, 14 Feb 2020 21:35:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Feb 2020 21:35:31 GMT

GET
H/1.1 200
OK style.css
live.sekindo.com/content/toaster/ 7 KB
2 KB 19ms
19ms Stylesheet
text/css 185.220.204.204
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/toaster/style.css?cb=1519651596
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=78870&cbuster=[CACHE_BUSTER]&pubUrl=[PAGE_URL_ENCODED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 84acbbc410c7874b44c0358f2f2968581e4a5b2483f4d7118edecbf6fb5e35b4

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 14 Feb 2020 21:35:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Nov 2019 08:25:36 GMT
Server: nginx
ETag: W/"5dd64a00-1cbe"
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1

200
OK

Cookie set rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.news1... Frame 00C3
Redirect Chain

https://bcp.crwdcntrl.net/5/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.ne...
https://bcp.crwdcntrl.net/5/ct=y/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23w...

0
0

67ms
67ms

Document
text/html

18.202.191.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive/med=%23OpR%2384315%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive%20%3A%20001-D-412793-00/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13015/cc.js?ns=_cc13015
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.191.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-191-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: bcp.crwdcntrl.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _cc_dc=1; _cc_id=29e21304985fb0f3d778a5c46eb64e06; _cc_aud="ABR4nGNgYGCIcxdawgAHABC1AVw%3D"; _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/Archive/001-D-412793-00.html

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 14 Feb 2020 21:35:32 GMT
Expires: 0
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_id=29e21304985fb0f3d778a5c46eb64e06;Path=/;Domain=crwdcntrl.net;Expires=Tue, 10-Nov-2020 21:11:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMLJMNTI0NjCxtDBNSzJIM04xN7dINE02MUtNMjNJNTBjAII4d6ElDHDAd2PxeinG66kM%2FxkZGd6t3wVnN05EsG%2F92Qln79rwlBvGPnNSHca8sHgOC4x97ughZhj7wdQeRhj78vM7sjD2YST1h75YwpiXTj1ig7H3Lz8KVw4Ag4pIkw%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 10-Nov-2020 21:11:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIcxdawgADTAxs2edBDLbsc0ASADeFA90%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 10-Nov-2020 21:11:00 GMT;Max-Age=23328000;SameSite=None;Secure
Vary: Accept-Encoding
X-Server: 10.45.5.86
Content-Length: 686
Connection: keep-alive

Redirect headers

Cache-Control: no-cache
Date: Fri, 14 Feb 2020 21:35:32 GMT
Expires: 0
Location: https://bcp.crwdcntrl.net/5/ct=y/c=13015/rand=470902278/pv=y/seg=SekindoNetwork/geo=country%20%3A%20Israel/int=%23OpR%2384313%23www.news1.co.il%20%3A%20Total%20Site%20Traffic/int=%23OpR%2384314%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive/med=%23OpR%2384315%23www.news1.co.il%20%3A%20Site%20Section%20%3A%20Archive%20%3A%20001-D-412793-00/rt=ifr
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Pragma: no-cache
Set-Cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
X-Server: 10.45.6.211
Content-Length: 0
Connection: keep-alive

GET
H2 200 BVN59J08
pbs.twimg.com/card_img/1228386071647588355/ Frame A8A6 25 KB
26 KB 8ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1228386071647588355/BVN59J08?format=jpg&name=600x314

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

415d0d7f55ab154d41e07cb38c20ca875f649d2e5d9b6d3aa08b3e51560b4a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:31 GMT
x-content-type-options: nosniff
age: 11027
x-cache: HIT
status: 200
content-length: 26029
x-response-time: 160
surrogate-key: card_img card_img/bucket/5 card_img/1228386071647588355
last-modified: Fri, 14 Feb 2020 18:28:36 GMT
server: ECS (fcn/418F)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c8dae338841ce95223118d4216dda0a9
accept-ranges: bytes

GET
H2 200 2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/assistant/v4/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v4/2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/js/jquery-1.11.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17ff46917ea7eb9058381920b1c6e16f47044321e001808d8bc6eeb7a1c03a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Assistant:400,600,700
Origin: https://www.news1.co.il
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 23:06:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:35 GMT
server: sffe
age: 858521
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11036
x-xss-protection: 0
expires: Wed, 03 Feb 2021 23:06:51 GMT

GET
H2 200 2sDcZGJYnIjSi6H75xkzamW5Kb8VZBHR.woff2
fonts.gstatic.com/s/assistant/v4/ 4 KB
4 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/assistant/v4/2sDcZGJYnIjSi6H75xkzamW5Kb8VZBHR.woff2

Requested by

Host: www.news1.co.il
URL: https://www.news1.co.il/js/jquery-1.11.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e123e38371403db5c297da3c12214a0aed993fd937f371d427527501b65d900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Assistant:400,600,700
Origin: https://www.news1.co.il
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Feb 2020 04:41:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:26 GMT
server: sffe
age: 838470
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3596
x-xss-protection: 0
expires: Thu, 04 Feb 2021 04:41:02 GMT

GET
H2 200 Y4paD37k
pbs.twimg.com/card_img/1227181581384720385/ Frame A8A6 7 KB
7 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1227181581384720385/Y4paD37k?format=jpg&name=144x144_2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40AE) /

Resource Hash

8faa895ba9c651b21a840ba50d288bc103061fd4ab20be0d3d156146d48b10a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.news1.co.il/Archive/001-D-412793-00.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 21:35:32 GMT
x-content-type-options: nosniff
age: 10327
x-cache: HIT
status: 200
content-length: 7238
x-response-time: 167
surrogate-key: card_img card_img/bucket/0 card_img/1227181581384720385
last-modified: Tue, 11 Feb 2020 10:42:23 GMT
server: ECS (fcn/40AE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 505f0184085a496ef80b17f865b29f47
accept-ranges: bytes

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69EB 0
60 B 15ms
14ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200212&jk=1857196533257167&bg=!ZWalZn5YJQont1YvlSQCAAAAgFIAAAAkmQF42i5GHdOQuLvtkE6hbd3wd32CIaOsZzPJ0WDnF48Ut6uco7idtoVo9IQnO-uwkP-5OhmEX5vJVIV-0rLFoc0l9zEVdHdFlA9SGHngEw6pKkXbcdJ06S37iaWCAI3UMY691EjYpt025esPwGAnayswwQbIw8dgwxKylPCQDp0UDgXuoaCz04zLQLpvLwOHsZ3YJ5rFriiFKoQXM1GTAxKOfHPm6gL8bPg72_eiUfQbCmMRsasYdeUtokMj2Rlko7lvhb_2Bu9YOiJ38ZpsiwTeS--ORjSkvAQr-WkyXZyZX0LkptBKwA57Vh8mTDxVRQMVMCjylsijfdgEq733nfnIJAA7_YXVsY_UC6ZQhCGQSGgTSjDekG6U_VaweJ_FuWjrnAW8nJORH-AsMqAJled3bMjTOlGbxbWg9M15xvtn3W_mzbZ3d5o6UTx8zydh2lr2dhtMR4wbju5urAHfZhehBm-ebDZcqrlHMpXT_Wlg_RaFqakwTZy5Cg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=10&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BE1 0
69 B 16ms
15ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200212&jk=1988390612397500&bg=!goGlgZlYPGuq1jP8U9ICAAAAgFIAAAAQmQF4L4DZ-AGOToRkxGFzcSutUCtwQDIf58IzdCSkWgbyuiu8tMuOA6ie9NDjqa1eS4e-iMj8DOEf9UdYADAgOM1HP6TjyQXltwG7GJ8b2mNsTh0McV99HcAmu7UBJGfbAHTussPYerQJBYyaRvvXNvB8MS4BNirMSsYEq77hOOEd3q8W70BFbPO5Rmg9bXhyt9U2udnCPVXU_yR4jIUUQX4rf41SWsL9ctMGAN3u077QkZ7szy7ukMc211cvLsfKknfJYz1aqhBnu40nULd2Dpxl6aIzJmGiYpCbpLjaMp3l_eVna_y2H8zekdR89SHUoQPQVKKG5nqo_4Ypr06edXp2Rya92D3XVRhlFZZF4pCt9vTwoUtammAAv3K1yuEhY2aYd0A2mxDyLPCbx1KQHUf1ugC551-T1YVz6bDu_jiijajnNEV9zSQGX-85PY32D6OoaiOvjgwEqUqaj-9V-6D-71nrYyFkpNHiSEPom386zZIU6HjxzK_Dtw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=3&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5274 0
69 B 15ms
14ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gda_r20200212&jk=2614797326942323&bg=!LS6lLjZY3K4GlQFW_QcCAAAAblIAAAAOmQF4IYlDaXdEDjSR0Yx_fLy1eEwrcqNycX2G1lTdMU4B703jzEoEtbOUGSqNXjBUswMa2kZ_lwpKsI1c2FTgzHb9NTegdCAinNvRQoOAyanFHl0ePF7JIpHucCnNTKJ0H2FhcIpSZ_rjcXsVhIJG4G7GLADWrfun0Me_p6hx-t9s30mIX8pbC-9POuzw8d2__SQs8XfHqCdDiOas0mamBnw9I1Z3sMlH9k4RHsfi6USdXQMPAEsjGuqzoK93pYOT2dgl-EQfdJq72A2Jvd-l4I7tE-ZLDn-q9z4DFIQTv4bENnkR5lFPtGkEW0v7WoBf8zhIuUJJ7Yv_CcNgcCn2Dq5-lU2bkGjZ7VM01Ua-v5wqzlyH_gDOWgXSI3N1OIiMmjRE-eQC49FA7wRzJXZnJV9HOzdaVjtUFBmoZb98OoWsTtCjGUFdP-ryNU9yX-p15HT0TLbHS6ldqZtGMDe_oX1bOxHntId2gDuckMYmyBbcdbd5KiGy_-PU0g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://banners.news1.co.il/ShowBanner.aspx?Target=9&Time=18:23:54
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 21:35:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9658 107 KB
38 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: akamai.advsnx.net
URL: https://akamai.advsnx.net/CDN/sdk/outstream/outstream.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9658 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9658 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.news1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ Frame 9658 221 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84518
x-xss-protection: 0
server: cafe
etag: 17204687633813293547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 21:35:32 GMT

GET
H2

200

jot.html
platform.twitter.com/ Frame 40C7
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

27ms
23ms

Document
text/html

151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.news1.co.il
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 14 Feb 2020 21:35:32 GMT
x-served-by: cache-iad2148-IAD, cache-hhn4041-HHN
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Fri, 14 Feb 2020 21:35:32 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Fri, 14 Feb 2020 21:35:32 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 11cd51d45f93027ef4665e0ef185dacf
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 117
x-transaction: 009a6cd300c21874
x-tsa-request-body-time: 3
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8110 0
0 110ms
110ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1753959053144789&output=html&h=250&slotname=5394859554&adk=4269071496&adf=3279755403&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716132463&bpp=5&bdt=2285&fdt=45&idt=45&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=1272557218590&frm=23&ife=1&pv=2&ga_vid=1510724639.1581716132&ga_sid=1581716133&ga_hid=2146617453&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=133&biw=1585&bih=1200&isw=960&ish=250&ifk=2369449032&scr_x=0&scr_y=0&eid=21065304%2C26835106&oid=3&pvsid=1131216697420666&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.3meuj9e0e1av&fsb=1&dtd=51

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1753959053144789&output=html&h=250&slotname=5394859554&adk=4269071496&adf=3279755403&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fwww.news1.co.il%2FArchive%2F001-D-412793-00.html&ea=0&flash=0&wgl=1&adsid=NT&dt=1581716132463&bpp=5&bdt=2285&fdt=45&idt=45&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&correlator=1272557218590&frm=23&ife=1&pv=2&ga_vid=1510724639.1581716132&ga_sid=1581716133&ga_hid=2146617453&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=6&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=133&biw=1585&bih=1200&isw=960&ish=250&ifk=2369449032&scr_x=0&scr_y=0&eid=21065304%2C26835106&oid=3&pvsid=1131216697420666&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C960%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.3meuj9e0e1av&fsb=1&dtd=51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Feb 2020 21:35:32 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9658 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.news1.co.il/ShowBanner.aspx?Target=73&Time=18:23:51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 21:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Fri, 14 Feb 2020 21:35:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: log.advsnx.net
URL: https://log.advsnx.net/userdata?uuid=19091a0d-48f6-4324-9447-8f3d92315b4b

Verdicts & Comments Add Verdict or Comment

357 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.artipbox.net/	1970-01-20 07:56:29	Name: UUID Value: oX1S8dLtlEGiam4qXdjsEdy4D4VLiw0qWe/gYG0SAZES3E6cf7079D9b2Hc0gakO
lb.artipbox.net/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hyq5cofqbderbr4i4hvfscv1
.doubleclick.net/	1970-01-19 16:43:32	Name: IDE Value: AHWqTUniF_Wf7mWnD1ZrbTVhRjn3umflC0lTVSSY09-rCwvFAoimDIq8Zj770DKj
.facebook.com/	1970-01-19 09:31:32	Name: fr Value: 0SyPh6u32bRZ7wPZB..BeRxKi...1.0.BeRxKi.
.walla.co.il/	1970-01-19 07:21:56	Name: _gat_UA-4780630-105 Value: 1
.walla.co.il/	1970-01-19 09:31:32	Name: _fbp Value: fb.2.1581716130951.985419180
.news1.co.il/	1970-01-20 00:53:08	Name: _ga Value: GA1.3.1510724639.1581716132
.walla.co.il/	1970-01-19 16:07:37	Name: tp_state Value: true
.news1.co.il/	1970-01-19 07:23:22	Name: _gid Value: GA1.3.321736702.1581716132
.widget.walla.co.il/	1970-01-19 07:21:56	Name: _gat Value: 1
.news1.co.il/	1970-01-19 07:22:01	Name: AMSYNC Value: 1
.walla.co.il/	1970-01-19 07:23:22	Name: _gid Value: GA1.3.1445832190.1581716131
lb.artipbox.net/	1969-12-31 23:59:59	Name: syncUuid Value: F4WGJD3==
.widget.walla.co.il/	1970-01-20 00:53:08	Name: _ga Value: GA1.4.707273372.1581716131
.walla.co.il/	1970-01-19 07:21:56	Name: firstView Value: no
.walla.co.il/	1970-01-20 07:21:56	Name: textsize Value: NaN
.widget.walla.co.il/	1970-01-19 07:23:22	Name: _gid Value: GA1.4.1445832190.1581716131
.walla.co.il/	1970-01-19 07:21:56	Name: sponsorship Value: no
.advsnx.net/	1970-01-19 07:22:01	Name: AMGAUD Value: 1
banners.news1.co.il/	1969-12-31 23:59:59	Name: OrderBanner9 Value: 5
.walla.co.il/	1970-01-20 00:53:08	Name: _ga Value: GA1.3.707273372.1581716131
banners.news1.co.il/	1969-12-31 23:59:59	Name: OrderBanner71 Value: 5
.widget.walla.co.il/	1970-01-19 07:22:01	Name: strip_step Value: 1
www.news1.co.il/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: c4sngru0ore23y1ric3kzrzi
banners.news1.co.il/	1969-12-31 23:59:59	Name: OrderBanner46 Value: 5
.advsnx.net/	1970-01-20 07:56:29	Name: UUID Value: oX1S8dLtlEGiam4qXdjsEdy4D4VLiw0qWe/gYG0SAZES3E6cf7079D9b2Hc0gakO
.news1.co.il/	1970-01-19 07:22:01	Name: AMGAUD Value: 1
www.news1.co.il/	1970-01-19 16:07:32	Name: trc_cookie_storage Value: news1%253Asession-data%3Dv2_60ccae6455a4e3a9d2350cc7c698a5d7_fd40566b-709a-4b07-8297-9a28160960e7-tuct5409822_1581716130_1581716130_CNawjgYQk_4_GMeTg62ELiABKAEwFjjqxgdA5IYQSJucngFQ____________AVgAYAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522news1%253Asession-data%2522%252C%2522taboola%2520global%253Alspb%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Alspb%3DCwsIQhCv3EQMCwiJARCv3EQMCwhMEK_cRAwLCI4BEK_cRAwLCJEBEK_cRAwLCJUBEK_cRAwLCCAQr9xEDAsIJBCv3EQMCwhkEK_cRAwLCCcQr9xEDAsILRCv3EQMCwg7EK_cRAwLCD0Qz41EDAsIPxCv3EQMDBMU%7Ctaboola%2520global%253Auser-id%3Dfd40566b-709a-4b07-8297-9a28160960e7-tuct5409822
.news1.co.il/	1978-01-11 21:31:40	Name: AMUUID Value: oX1S8dLtlEGiam4qXdjsEdy4D4VLiw0qWe%2FgYG0SAZES3E6cf7079D9b2Hc0gakO
banners.news1.co.il/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 0bjmjym033jam455wo1g5tqq
.news1.co.il/	1970-01-19 08:05:08	Name: __cfduid Value: d8d492538dd872aa48e0ac93a642e12e31581716130

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://sdk.jeeng.com/v3.js(Line 2) Message: %c2020-02-14T21:35:30.265Z %c[INFO] %cJeeng: %cupdateServiceWorker: Force Popup. Stopping. color:DimGrey color:LimeGreen color:Black; font-weight: bold :
console-api	log	URL: https://akamai.advsnx.net/CDN/sdk/system-plugins/sysnilsen-min.js?1581716131351(Line 9) Message: Artimedia nilsen sys1 start with version: 1.0.3.011

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
adservice.google.com
adservice.google.de
akamai.advsnx.net
ams.creativecdn.com
banners.news1.co.il
bcp.crwdcntrl.net
bh.contextweb.com
bttrack.com
cdn.enable.co.il
cdn.syndication.twimg.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cm.smadex.com
connect.facebook.net
creativecdn.com
fonts.googleapis.com
fonts.gstatic.com
go.flx1.com
googleads.g.doubleclick.net
ib.adnxs.com
images.taboola.com
jeeng-api-prod.azureedge.net
lb.advsnx.net
lb.artipbox.net
live.sekindo.com
load77.exelator.com
loadr.exelator.com
log.advsnx.net
match.adsrvr.org
match.taboola.com
match.zorosrv.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.rubiconproject.com
platform.twitter.com
px.powerlinks.com
rtb.mfadsrvr.com
sb.scorecardresearch.com
sdk.jeeng.com
ssl.google-analytics.com
sync.crwdcntrl.net
sync.mathtag.com
syndication.twitter.com
tags.crwdcntrl.net
ton.twimg.com
tpc.googlesyndication.com
trc.taboola.com
u.ipw.metadsp.co.uk
widget.walla.co.il
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.news1.co.il
www.storygize.net
x.bidswitch.net
log.advsnx.net
100.20.21.65
104.124.133.20
104.244.42.136
141.226.224.32
147.75.102.200
151.101.1.195
151.101.112.157
151.101.114.49
151.101.14.2
151.139.236.239
172.217.16.162
18.196.130.47
18.202.191.48
185.184.8.30
185.220.204.204
185.29.133.208
185.33.223.200
192.132.33.46
195.181.175.48
2.19.33.73
2606:2800:134:1a0d:1429:742:782:b6
2606:4700:20::681a:1a5
2606:4700:3031::681b:a790
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:819::2003
2a00:1450:4001:819::2008
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200a
2a01:4a0:1338:28::c38a:ff0a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.246.76.49
34.252.210.122
35.187.125.245
35.210.239.72
40.113.136.100
52.212.184.249
52.4.85.154
52.59.81.212
69.173.144.136
74.214.194.140
93.184.220.113
00d1b1bcd080de5cc76f37596867259e9c618e978bf891edf7ec5e42785bcc51
03498f237498f7379a6032863b8951f5342aa8bc50c3bee8328f2cc40289da06
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05077ca1d925c7d6de5cfec15ec588305660a10a0717ca48f4590de341e4fcbb
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
05b3d4aca8d12c1499202421a02ec92ce1bb60acb351c223cad33a0528fe4293
0667adc3a2f0f3ebe9a126f70dc8faff3aad794d122cbf7c34623d93c4a692d1
0b6845248ce3cf4332bd1f78f98c7bd9b8e8519905d781043b3f074b38c601e4
0bcd692ba843c2535734127f8a23443fe95c6eedf06d1d32693a7521456f68b3
0bddfcdbe9d131078bba08a2b76bd2fd555af0a01662a127aba5e0149f4f6592
0d6646576bbfb5f4a0340b5d0ecd016b52ece7f26021a404773efd80682a7aea
0d8d2585c85779c7df16dce34babd287c67bd65e53162a18f8885080e5e49575
0deda3a485025849b5d1c3b08dc73bec2fdeaec1d07ae6ad11b5a8c1d2a52c6c
0dff62397e778ab08a05dfc1df0474834ef20fe97313463205ed4800f04d09b1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
148f0c71dd7ce39afae6ba47bf737657dcb983a70cdaff9c53c287e1a4f20b6f
163bbfa17399928e4f895f0a17d771baf9d33f9eeb11ef087120964ea7d14c61
16470798d5615898e55650375726580514c064d20d595eac04ab702cdb5be412
17ff46917ea7eb9058381920b1c6e16f47044321e001808d8bc6eeb7a1c03a04
19ed1eb29030a2d719f84a1f010b32c6c8c547bec0be043ba9511b569ce61cb5
1a13e5a0af515cc85ddb028f68c0e6dc73fe277f81744f711177bfd738addd8c
1a2fcea3847d29436cb6c465b7c65413fe22240ecc9b7184abb7bc65e97db9f4
1a4dee2269258e980cfbc6965cca52520d51b0cf399cef6218e123c7620cafdc
1a9eebdc31e86178ee372c00a9993914de2f4f14381a2772438fda00d22da436
1f293005e25d0d3ee496b1127317d7a119497cff1d0dcd0c03dd6cb13daeb275
1fbee0e57b5965130b857034ea337f939fdda31ab3ad771ab741ca851e4d3b4b
208e7dfb8897d244b166f2becabf3823d6bfe440fc484310070478bbc6efabf5
222e460af9e16cc380fae509532b878178148be2bb46cd86ef34440e424589be
2276c4652aed67dc1f63d3c79c0e93d3a5d98b4121f1fd1f2a035ba56e93ce45
22896f8e3db5cc4458cd24273d949898eaa8db677372beeddef29903a5564565
22987271a9db59c5c4749fcfcd07dbd2a2c1b4b4734e8a2c6b760d850d2edab3
22ae0e8ad1341141c33a12fea60e493e24788e2a55609e3390c634d3270c8e0b
29ee803ca1fb51ef42f3fc0fbdd072e45b94dd8d0b16740539df2c41613ff904
2afbc245ab7bb52f987cf599fc3644e8781a26aabde36e082f409e70c83148a1
2cbbf06750a206a4d19e94375ca49021159e3ac51c82c2dbcdc724470da2385a
2d81fc971795fdc73d5e44fc345e3bd53136439cae960e045e71b40d72a22072
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e123e38371403db5c297da3c12214a0aed993fd937f371d427527501b65d900
2f4a6e5e498ad7ca051082a98a6b6f2b8a28b1b5eabf09667cfa8f44950e52e3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7f51b020acce5dc386e1375ad980c0b25cd4dafdccdc731a93a833110f340f
318e620f71199b8c51e3bc6bd8be989f73c4f4a115c19bb28d13752b7bcb3608
333af1439fbc3e16be652a8376f6b3d8536c7334ca1bc61eb139405f5aaf0ad7
34626960c119c0c97e232eb4b424d972453ce7e2fe2ea92254845491a8fe80b8
36fe4a765639d8f27ee2aecec84c8b06acb1537f19bb4dec09a563727c9ffbce
378ff573a65c610ac2e8c8e97436dd0491d8100c24dee5d6d0b7ab0f37b538b1
38a0d939e3a85a3f17b1f789227fedc3e557f93144d3bfb297aa87834b783dd7
39387ba8fdcd8ed6985a9e6752afe1669f60eaf13bedcf8c3cf968049d1a4f38
3a5e184cc857214059eed3a9f48024349afb8b12fead508ac3190caf93899611
3ae5953b2add066998012a086a699daa133ff607ca672a3c5c76288a915bd701
3d6de33ad88b6b07fc60efcbf563e80022235cecf2805b9bf9daffadc0349f31
3dc2e4c5a0ba2c9dd160cc2bfeed52d091f300d6b83485cd42250b388b2fe731
3f3676e60e073548e6aba2261eb3bd4f663955d177483760bb4c5a73fcbe99ba
40c2df35f1dc731fdf432146528e5d6255ed545bd7d928f188f1cb6e5d9ca183
415d0d7f55ab154d41e07cb38c20ca875f649d2e5d9b6d3aa08b3e51560b4a78
423312a947d785b698faa30351d48a422e108c90692d539a0aed1185a7579011
438b7b13a6b18c792b2baf25aae2d15cb5ced68a1cf645df0def255dffe299b0
4457a1adf5ddeb1897e5e42e39f5baf0efa738bd895b7ef1158aff83365c3c9d
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
46fe86dc52ea46b8715997068ee8004676cd43a9bacb968df44ea2265c94bbd2
47c2cc3d8a2729c3216f85fdf618bf216aea6db9a9e2ed93280055d32252ca4f
4b4b11cc882379b04a094a4250c36ffbe3a699b626d966302cc9378b625c3128
4cd3e73f3343041328a5f7c04f4882da53391e21cb5688bac3be0d1eb4b177e3
4d3ae199814449d2b6c9032bc55b1a8c23a0bd8f72f2aae3927056a2313f0999
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
512d3e0bd2e6cb058a531f2d3f6b65c6871adab207097dc085be756ed68f59ef
51306b94354b978995db93f41f35703be797c4ae698013ffac3a20810d1947ae
54038079b8db85054bdfe0e1291524057badb9bda94669604afc2a1f5bd5bf11
55a7de57fb7ea50123a55a8255c29aeab7273b295798fd5a559c2d22570428d8
55b538cf1c909455a2d8fb088fd6f83b03439a12adc0767e50244958b1d12b4f
569a7533d0ed88c9f87b9c7ce5ebc28e204d21398c39c4f13ff9905060806e84
56cba88f9d7cea799326bb597ba8712ae737b9f72395b8fdc9bde5dd221b4900
5740562bb2a4a71ffb9f74e2b775e6f442404772a10cbf3726c78a310e25ec92
57b939134c767c30d52288f097418952db4c6898c53643698b469d2ab228587c
59f96e5b37967e736778accbc1db6fb0316b85a685c5faa93ee8521b14c32b42
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5aa2ee8075442420eaec90591c438da5eff4fdb2389b5b4ef2f8ee6e03debd6c
5c734036877f4eb3fd6df2bf2f0646c0e677726832cefcc8f804b3eae0414956
5cbf72fd0f83d6ce2dcbf919525342619602c612549af39a22bdd606b60bd82d
609ab6b80b09d9673746b259ef7ef3f4c21076c82b74684c8896ce6015576788
60d7b7715bc9a4b0421f2a2e2f2ace544f0c0b9ae579e58f65fc41efacd7bfd3
610999e8b7ed9d759b0097a3f7962c0df5532e27581b729c0f18e47ada6ce04d
61f1b5656920f261f85844811901f209df66d41e6051ca341687b896b3fc16b4
63b5085014a66af8d0d56afb98bb13f69a4c4f21c3c0e2cc63b30fe8c75a49d9
64a3c479e4d887e3eb1dc75f4e74349627e597cdfcd697c63a1dfc85c0a56d73
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
68bb318e7b3ec93dd781ec6f79dc54b8360ba00ae10332e89057c85f1df0a45a
698d325d67773d4672cccc9731da6fb461f710e14c92656d31d3591861a34963
6ab70256dd5f6624a7590eebcd8541205846a152230ccd09426c2228c0c5ff76
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd00c47cc8e98fdae501bb56e7985ea2c70f635f5fd2b245a1b483363bb6da6
6f18214cfc8a894b7a8468f110802c529421830041d5cbc8b27b580e950cc8c4
72287519988bf32a51797a3e4529f1945197247996a9e7cd19437566ff5a0308
7311c548c0655c4ee380eaf9687f12daad847013633049efbe3afab63ec6155d
7467acc06126d1fe0753510d9272da876457c160a144b7cb2b914a590397d9c0
74917ac2c1bd6c6738980339b3dc5767eb87cebd8bbef7f292f4db96120b89fd
75d203c56ad3184359916d0e94f3f6847fff89d902be3d16ecafa84e09e063b4
76ad7e47ecbf656e808a8f0079aaac2bbc6bbda9376c1bdde0992c25f92d5d45
77831b2d8439cf4cc1aa3b419f5f266744248bc11cb7f9cd729be6b826e24921
7a44f4698a93c685664f821e5e18e38341266416c4a75b42a8ab92b924822ff0
7af9dbac072a69d6462efe827948a10b540a0de66a1a80fa1ae831a6482ea199
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
82a0a7414afc83a08f5134ef168e493305a0c073259b9d980858eb2bd669a7ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bbf029ab9910411ca12439f7c5ac82b46e6017ee8f2ca8001ecb95af7ee2e2
84acbbc410c7874b44c0358f2f2968581e4a5b2483f4d7118edecbf6fb5e35b4
850f277392add47a8f5b989cb6b0942d83928c2ad887ec0b4135e403ef9dff62
851dad62939ebc6a92a4a678180e15a6e4754db383977d191548e9f076ad716f
8543c3fa0028a8cefe4008eeb095bee891501b9b5ead7fdec85ccbaa31b70e45
872aa7cb9054653cf230e04ce27232d9322b3f93c911e7ee8e7fe4d19bce50e6
88c406a5fa36cc1406f3d1b51cb684c893fc387d3782b0024f5ed9bd972d6594
8bbb61e038c09003a96ceac9b033b487e17d59b187aba6ba1f5738ba51b6fd74
8ccbc7ac43be265d9bede95fb075577f6bc81ba84987d4bdaf3176f3bc647cf1
8e6915e8fdf956efb07bf792d91665f0a6e2ca6aadc4d1aea0218353a25aed36
8f9438019c79ef997148272c2341ac0787da321fe8bf928e6544e83a2a1487bc
8faa895ba9c651b21a840ba50d288bc103061fd4ab20be0d3d156146d48b10a8
954ce9ca316dc80aa5bb4115cdc51e4df5f93c8714176aa392d796318325be19
97b4e45b75244ebb92e592324b082e85592b5ac8fd0c026f2245bb8629c10315
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
9988945bb423eed2743fcfdc1d2622af3431722fd4f3a29c93474c0eec7419d4
9a44c18d59be7a335d73f6ccc312da5b7c5b0fc42ce0cb0e0474ab6bdfaef041
9a4be004366e90798d2902920848c43e69519d46303b5b287d548faac0cc5476
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
9fb5ba492d85eac12ddd6da3362f0896117bd3691846bd4dcb3b9e51ecfe762a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a5cd8a82c8f3cdd485d0a2c5150cc76aebf357481c9529a535e78e3d1321676c
a5ee833d3d3957e09ce7b21b61022bd1ca2a47e21b21284bbf7d456ccd903743
a5fec4a130a07e4caa90201535f4eb4957aa59fb5ed4ae04bb7c7fe1321419f9
a67a1fef37f113ae2b73e8fbcb611cd2db6f97ada4ef7aab05c45ebcd5c0fbf3
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a8aee8c5c53993b3906fbe4ae4db40f874aa222ec61009c81369416945ba5f2d
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac0dade94f4744eb4e2f717bf45407a586c2800a80d6fc4a72a16d9174979499
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae9f7550ed7db0c71e6efa53b3dbdeb1933f71ee42243e07aa54c6c0f330cc5e
af1634ce4d180bf7805766f7a1a532e4ba5e75413b11d9b9dab66c183f8d4e29
af98496953708d60ca06bbf704705a2d54482eb8f936ba08c7aee05ee8769cf0
b0f4c358afcce0ddcde029e72ea2d6054eece0ce5a34c9a7e0c5761ff4f33a25
b25d51c3b69369398c6264954b29ceff3d07639429306b71cc3cbdd01274cd58
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b62f5fb0ed6285327e46477450897257d92a58504546a61f602fd0831f6a5f9c
b67204c82e753942136395187484ee584a4ba55843dc46dcbca04a0abb778e20
b6b4c7068174c1428ec69f25162b7933135013b941d5e4312a26a9f598c204ca
b74904cca5631f777274c6b07fb5e8eb9884ee9d3c484eea9234664eadb649c8
b7d93250ff7ef39434ec850b0ec936e33560e30cdbe6d2b08ddb2981536e0544
b9ee1644b381639e7434f23e9a4d83a96140c97a52a52e6d5301b11e146d36ed
ba737d0ae09c5f1eb52965d29f5d0031a5e413fc6161c33d1b1dfa87d27124aa
bb243ac30e5c8364bef71a03b2643b0f73b9bbb1cfc95f227069d539961d90f5
bc23bb0fe1857cc7e19af037b3911d3e70a410969206dbc8f8851b4d3d24b1cf
bff7c8a8bc3e3bdc8067653df77531c243f337374a6f56060f9832182f872194
c0c2ff5536ca0137e8966892471aa1fe1b8aa0b39b7cbab9d948603ed051695a
c129464463c242c20fdfad4d928bbb302348d45af7a1550313f434e23f8df70b
c1372bdf33637c6fefc1d97efea8cef417cd094bb8221643ef0bce504d33c71f
c13ccc2804c88b3d8b5332ea1567951173f61839292e8e63ad4eb533071823ba
c18091bf1b82dbc90729285ed7598b33b51e5cf1305a08cc68865acc58e73c6d
c3a76197d64f5ce208b794535baa72e56008a02777a081c733656aac38f3de0f
c50b342628b4645657450f0789132f788ea61ae2f5ee10b54bd2b05bf4f34a12
c73d8d873eea13fd11673b8fed32c846b2ce1b04e6ab981cc776a9703543c6ec
c7c50a0d7562d9d520276845c9872fe4f85fac4a7fcf77c97a6760944adb10aa
c8070fa2d4bd8e69b591db00d307d91f5df864c2d5a95a0876e4ff0c6b6d178d
c91d2f0537a36d5d398fa8343782813c104a0ee315b98ef13d6943f99086f637
c9b558927a37e59adb70b8b84d906567d44d340905118ed80c0a633d81195954
cc6c303316aec21720d376a8532416a91ed9833ef953f0a87b83fc488d9b82ed
ce56768a8799373c69c80bd891b73971709c7c1cf7c5927d8a68e797200204c2
ce7c766f2c09facbc2a622f5013802db92dcf41f60d53494f6645325611799e4
cee6c6c20b0eb43557db76a73add9321b8beea53e086c441ab824f3d59de3431
cf6e922ce5f6641693634211a3e10cedda8625e38d030b543e80d7cbb4973eef
cf829d4c83555cf4aae14fc315a4c452a2a4376118edb3010ea716baac23406a
cfc81f2830d8972d58a40e26cfffe98dea7a1dc081cdda7dd89fab48dba9384a
d13865e6a18f398bc5e57515e75940cf25160a99987876a26511dcc764fc9f6b
d228db785d93beb7a1e2486435b09f0c87616c80c41008bb6abe9940ecb6cb45
d44d9e7347d07add929bd099226a57b3e671289987f002a38a26131eb4b1e160
d5f855edcab4a6c68167a0f22e3d37ebeedc5146d01abca12659c5e366a98eb1
d6c3a73a187677731b36b3b23e26d59c5fa17d77c42febca1b57e7dce2f1dc68
d6fbb6993377bead55bf43a7106e52088dbbfb99f6e92a0c2eacab30b3efbe1f
da6104c6edd6c382661c7768dd06166d8c9291878e169fefdb9befdcb57b0c65
daff5f1be22f6bc0683dee7bcfc5f9b2f781ec753f47753ce8451999b8b9ab56
db78e8fae0597d91499232585b0e585445fbbef6d2c52e600cf1ec304c0fe78f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc59afefadb45c7b5aab4cefa30c093c99f1958c810496879ca448c6445ea299
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df3a23807c4dab2fde4045546d5d6ca327f9c206c386ec8dcc107b73e8c49cd8
dfcf0bfd14ec47c1e03ccf0c11ec034f065a634195438728caacfb988b802f01
e0b013c84a12332275d384709944a6ecccad068f2469a72525718825829d45bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42bf443a1f3c70e905764b41c1786ad1231ddf155342bd83ccb68f4c0daf188
e7ac8dcc36c0e4ca509f4dbe78398321ded2ed07bc07da4e3e61f36f7301b0e5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec0946f77b90566ff3ccd792982107ac29994674f55bbd9b0b8426f32203d831
ece3f6384067f3c39ea938f572a7754c5e0673372bfa0883591b60dad8e08e57
f62a07f9c55482e210929cfb75d443fb78f50c5b392d44f186ccabe2dbdfba56
f673ec3e3728ec2c7a3dbe888e8ea6a2c295c4df4d81da650dffad7e5f76f6a3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f74b0443c65d65e11b3c6777d078089b1aebf89ef1b5ab5d534ee5f28b8f3a67
f982f9386f05ea43ff2f143432487ca893f6f0026ea18a9738de973deb50906f
fcf9af468386c28be4557472b3481ed590508b3103ec8aa9b94b597d898e072b
fd05d685e4f01e591f192198a025a50d615d7598096fca8a38ea74d8bb4c1d2f

www.news1.co.il Open in urlscan Pro 2606:4700:20::681a:1a5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

315 Requests

100 %HTTPS

33 %IPv6

39 Domains

57 Subdomains

34 IPs

8 Countries

3766 kBTransfer

9429 kBSize

31 Cookies

21 Outgoing links

Redirected requests

315 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 29 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.news1.co.il Open in urlscan Pro
2606:4700:20::681a:1a5 Public Scan

Screenshot
Live screenshot

Full Image

315
Requests

100 %
HTTPS

33 %
IPv6

39
Domains

57
Subdomains

34
IPs

8
Countries

3766 kB
Transfer

9429 kB
Size

31
Cookies

315 HTTP transactions
29 data transactions