www.vesty.co.il Open in urlscan Pro
184.30.21.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.vesty.co.il/main/article/rk7aiqj4a
Submission Tags: falconsandbox
Submission: On February 05 via api (February 5th 2024, 4:28:37 am UTC) from US — Scanned from DE

Summary HTTP 131 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 31 domains to perform 131 HTTP transactions. The main IP is 184.30.21.140, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.vesty.co.il. The Cisco Umbrella rank of the primary domain is 597576.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 12th 2023. Valid for: a year.

This is the only time www.vesty.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	184.30.21.140 184.30.21.140	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2606:4700:440... 2606:4700:4400::ac40:985d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
12	143.204.98.111 143.204.98.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1 7	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
6	13.224.103.122 13.224.103.122	16509 (AMAZON-02) (AMAZON-02)
3	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:91b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:10:... 2606:4700:10::6816:4ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
13	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.200.98.54 34.200.98.54	14618 (AMAZON-AES) (AMAZON-AES)
10	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	35.162.236.57 35.162.236.57	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.3 13.32.27.3	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:2240:e000:11:da61:a100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:7711	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1f14:5db... 2600:1f14:5db:eb11:c921:e0ee:d11d:eb7	16509 (AMAZON-02) (AMAZON-02)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	18.244.28.11 18.244.28.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
131	41

7 184.30.21.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-140.deploy.static.akamaitechnologies.com

www.vesty.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
totalmedia2.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ynetnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images1.ynet.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:4400::ac40:985d (United States)

ASN13335 (CLOUDFLARENET, US)

ynet-pic1.yit.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.98.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-111.fra50.r.cloudfront.net

cdn.flowplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.103.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-122.zrh50.r.cloudfront.net

tags.dxmdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:91b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mrb.upapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4ad8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.98.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-98-54.compute-1.amazonaws.com

trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ads.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.162.236.57 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-236-57.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-3.fra56.r.cloudfront.net

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2240:e000:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.dxmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7711 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb11:c921:e0ee:d11d:eb7 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.244.28.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-28-11.cdg52.r.cloudfront.net

event.dxmdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

vd.trinitymedia.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

tr.dxmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	userway.org cdn.userway.org — Cisco Umbrella Rank: 3378 api.userway.org — Cisco Umbrella Rank: 3275 cdn77.api.userway.org — Cisco Umbrella Rank: 6857	394 KB
12	dxmdp.com tags.dxmdp.com — Cisco Umbrella Rank: 38880 event.dxmdp.com — Cisco Umbrella Rank: 37276	666 KB
12	flowplayer.com cdn.flowplayer.com — Cisco Umbrella Rank: 42868	272 KB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 955 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 480	178 KB
8	browsiprod.com cdn.browsiprod.com — Cisco Umbrella Rank: 7875 events.browsiprod.com — Cisco Umbrella Rank: 7106 yield-manager.browsiprod.com — Cisco Umbrella Rank: 7793	87 KB
8	yit.co.il ynet-pic1.yit.co.il — Cisco Umbrella Rank: 39703	2 MB
7	yastatic.net 1 redirects yastatic.net — Cisco Umbrella Rank: 6536	172 KB
5	google.com ads.google.com — Cisco Umbrella Rank: 22397 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	121 KB
5	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 881 api.btloader.com — Cisco Umbrella Rank: 960	19 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	21 KB
4	dxmcdn.com cf.dxmcdn.com — Cisco Umbrella Rank: 60486 tr.dxmcdn.com — Cisco Umbrella Rank: 40188	137 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	157 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 ad.doubleclick.net — Cisco Umbrella Rank: 163 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	167 KB
3	trinitymedia.ai trinitymedia.ai — Cisco Umbrella Rank: 14157 vd.trinitymedia.ai — Cisco Umbrella Rank: 17493	49 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	15 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 trc.taboola.com Failed	243 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 811 cloudflareinsights.com — Cisco Umbrella Rank: 794	7 KB
3	ynet.co.il totalmedia2.ynet.co.il — Cisco Umbrella Rank: 55683 images1.ynet.co.il — Cisco Umbrella Rank: 84214	82 KB
3	vesty.co.il www.vesty.co.il — Cisco Umbrella Rank: 597576	27 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	68 KB
2	gstatic.com fonts.gstatic.com	173 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 918	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	180 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 485 fonts.googleapis.com — Cisco Umbrella Rank: 28	136 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	7 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 423	288 B
1	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 3125
1	upapi.net 1 redirects mrb.upapi.net — Cisco Umbrella Rank: 58665	526 B
1	ynetnews.com www.ynetnews.com — Cisco Umbrella Rank: 217309	947 B
1	yandex.ru yandex.ru — Cisco Umbrella Rank: 2180	99 KB
131	31

	Domain	Requested by
12	cdn.flowplayer.com	www.vesty.co.il
10	cdn.userway.org	www.vesty.co.il cdn.userway.org
8	ynet-pic1.yit.co.il	www.vesty.co.il ynet-pic1.yit.co.il
7	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	yastatic.net	1 redirects yastatic.net
6	event.dxmdp.com	tags.dxmdp.com
6	tags.dxmdp.com	www.vesty.co.il tags.dxmdp.com
4	cdn77.api.userway.org	cdn.userway.org
4	events.browsiprod.com	cdn.browsiprod.com
4	connect.facebook.net	www.vesty.co.il connect.facebook.net
3	api.btloader.com	mrb.upapi.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	www.facebook.com	www.vesty.co.il connect.facebook.net
3	cdn.taboola.com	www.vesty.co.il cdn.taboola.com
3	cdn.browsiprod.com	www.vesty.co.il cdn.browsiprod.com
3	www.vesty.co.il	www.vesty.co.il ynet-pic1.yit.co.il
2	www.youtube.com	www.vesty.co.il www.youtube.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	fonts.gstatic.com	www.vesty.co.il
2	tr.dxmcdn.com	cf.dxmcdn.com
2	vd.trinitymedia.ai	trinitymedia.ai vd.trinitymedia.ai
2	ad-delivery.net	www.vesty.co.il
2	cf.dxmcdn.com	tags.dxmdp.com
2	scontent.xx.fbcdn.net	www.facebook.com
2	btloader.com	1 redirects www.vesty.co.il
2	www.googletagmanager.com	www.vesty.co.il www.googletagmanager.com
2	totalmedia2.ynet.co.il	www.vesty.co.il
2	securepubads.g.doubleclick.net	www.vesty.co.il securepubads.g.doubleclick.net
1	www.google.de	www.vesty.co.il
1	www.google.com	www.vesty.co.il
1	lh3.googleusercontent.com	www.vesty.co.il
1	fonts.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	gum.criteo.com	cdn.taboola.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ad.doubleclick.net	www.vesty.co.il
1	api.userway.org	cdn.userway.org
1	cdn.permutive.com	tags.dxmdp.com
1	yield-manager.browsiprod.com	cdn.browsiprod.com
1	ads.google.com	ynet-pic1.yit.co.il
1	trinitymedia.ai	www.vesty.co.il
1	mrb.upapi.net	1 redirects
1	static.cloudflareinsights.com	www.vesty.co.il
1	images1.ynet.co.il	www.vesty.co.il
1	www.ynetnews.com	www.vesty.co.il
1	yandex.ru	www.vesty.co.il
1	imasdk.googleapis.com	www.vesty.co.il
0	trc.taboola.com Failed	cdn.taboola.com
131	49

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
www.instagram.com
bit.ly
www.ynet.co.il
www.ynetnews.com
ynet.co.il

Subject Issuer	Validity	Valid
qa.vesty.co.il DigiCert TLS RSA SHA256 2020 CA1	`2023-11-12` - `2024-11-13`	a year	crt.sh
ynet-pic1.yit.co.il GTS CA 1P5	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.flowplayer.com Amazon RSA 2048 M01	`2023-05-02` - `2024-05-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tags.dxmdp.com Amazon RSA 2048 M03	`2023-12-24` - `2025-01-22`	a year	crt.sh
*.browsiprod.com Amazon RSA 2048 M03	`2023-12-15` - `2025-01-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.trinitymedia.ai Amazon RSA 2048 M02	`2023-11-08` - `2024-12-07`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
adwords.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gobrowsi.com Amazon RSA 2048 M02	`2023-12-20` - `2025-01-16`	a year	crt.sh
cf.dxmcdn.com Amazon RSA 2048 M02	`2023-03-27` - `2024-04-24`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
dxmdp.com Amazon RSA 2048 M02	`2024-01-25` - `2025-02-22`	a year	crt.sh
vd.trinitymedia.ai R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
tr.dxmcdn.com GTS CA 1D4	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
1784939676.rsc.cdn77.org R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.vesty.co.il/main/article/rk7aiqj4a
Frame ID: 5970757DCC3CB66C1B502463C66D407D
Requests: 128 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Frame ID: 8A0058827041C7DA45B919E857D6D060
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df435b054f4b50c771%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ffd61d808648b50627%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width=
Frame ID: 3B72FD8136A783CB1358FFAD0D313816
Requests: 1 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=971a46c6-e399-4d1b-97c5-4385665e42a1&monitoringConfig=%7B%22uuid%22%3A%22a5beb245-2949-4a76-95f5-bddfc2ec171c%22%2C%22fieldExtractions%22%3A%5B%7B%22uuid%22%3A%221356b34b-7496-402b-963b-48ae3223249d%22%2C%22field%22%3A%7B%22name%22%3A%22Tags%22%2C%22path%22%3A%22properties.tags%22%2C%22type%22%3A%22ARRAY_OF_STRING%22%7D%2C%22type%22%3A%22GLOBAL_VARIABLE%22%2C%22expression%22%3A%22dcTags%22%7D%2C%7B%22uuid%22%3A%220cf2e723-0399-43fb-a798-42106a50b9b2%22%2C%22field%22%3A%7B%22name%22%3A%22Category%22%2C%22path%22%3A%22properties.category%22%2C%22type%22%3A%22STRING%22%7D%2C%22type%22%3A%22GLOBAL_VARIABLE%22%2C%22expression%22%3A%22dcPath%22%7D%2C%7B%22uuid%22%3A%226b18ff53-b04a-42e4-bb6c-74e6d9ff4f79%22%2C%22field%22%3A%7B%22name%22%3A%22Author%22%2C%22path%22%3A%22properties.author%22%2C%22type%22%3A%22STRING%22%7D%2C%22type%22%3A%22META_PROPERTY%22%2C%22expression%22%3A%22vr%5C%5C%3Aauthor%22%7D%5D%2C%22providerExclusions%22%3A%5B%7B%22uuid%22%3A%22ef8fc925-3bd1-4e0a-8f43-2585622685f6%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22news%2Fcategory%2F184%22%7D%2C%7B%22uuid%22%3A%22d6a5ef94-3620-4fda-a50a-3e087b9b0d66%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22ynet.co.il%2Fhome%22%7D%2C%7B%22uuid%22%3A%224547b9f2-51cc-468e-8e87-bc4e57a3e542%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22%2Fnews%2Farticle%2F%22%7D%2C%7B%22uuid%22%3A%220fd31602-e883-47cb-b1ab-10c49d6f7a9c%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22ynet.co.il%2Fnews%22%7D%2C%7B%22uuid%22%3A%225fa84de3-2c30-4697-96f3-d2ef19938dbc%22%2C%22type%22%3A%22URL_EXACTLY_MATCH%22%2C%22expression%22%3A%22http%3A%2F%2Fwww.ynet.co.il%22%7D%5D%2C%22isDataCollectionEnabled%22%3Atrue%2C%22isDFPActivationEnabled%22%3Atrue%2C%22providerMonitoring%22%3A%7B%22uuid%22%3A%22a5beb245-2949-4a76-95f5-bddfc2ec171c%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D%7D
Frame ID: A279AC648607FFF9557D24AD1855375B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ЦАХАЛ существенно ужесточил наказания уклонистам

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

97 %
HTTPS

71 %
IPv6

31
Domains

49
Subdomains

41
IPs

5
Countries

5080 kB
Transfer

17684 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/vestyisrael

Search URL Search Domain Scan URL

URL: https://www.facebook.com/VestyIsrael/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vestyisrael/

Search URL Search Domain Scan URL

URL: https://bit.ly/3oO99Bg
Title: Ynetnews

Search URL Search Domain Scan URL

URL: https://www.ynet.co.il/home/0,7340,L-8,00.html
Title: Ynet

Search URL Search Domain Scan URL

URL: https://www.ynetnews.com/category/3083
Title: Ynetnews (англ. яз.)

Search URL Search Domain Scan URL

URL: https://ynet.co.il/redmail?notifyMistake=rk7aiqj4a
Title: Нашли техпроблему? Сообщите нам

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 36

https://mrb.upapi.net/code?w=5732901039636480&uponit=true HTTP 302
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true HTTP 302
https://btloader.com/tag?w=5732901039636480&upapi=true

131 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request rk7aiqj4a Show response
www.vesty.co.il/main/article/ 86 KB
25 KB 992ms
882ms Document
text/html 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-21-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

a66f31695f3465396279bf1a863181f7511c5fc1bf42808b6393a96091b1acdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 24780
Content-Type: text/html; charset=utf-8
Date: Mon, 05 Feb 2024 04:28:31 GMT
Last-Modified: Mon, 05 Feb 2024 04:28:30 GMT
OSV: c8
V-TTL: 0
VX-Cache: MISS
Vary: Accept-Encoding
WAI: 01
X-Frame-Options: SAMEORIGIN
X-me: ${S_HOSTNAME}
X-version: V3
backend-cache-control
vg_id: 2

GET
H2 200 vesty.20c16725e0270556dbbf56c596319027.css
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 765 KB
177 KB 165ms
58ms Stylesheet
text/css 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.20c16725e0270556dbbf56c596319027.css
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be584cf84d56b329d288e1e069f202e91330b12a6f16fa61670db50a3ce9eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:50:03 GMT
server: cloudflare
etag: "def530eaa052da1:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 85086836b8d8901c-FRA
expires: Thu, 07 Mar 2024 04:28:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 165ms
79ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3046408d74849e846692bcd0e7f8d419e10828742209bfb37bc1faaba918e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29657
x-xss-protection: 0
server: cafe
etag: 821 / 19758 / m202401290101 / config-hash: 8558731290873694684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 04:28:31 GMT

GET
H2 200 gpt_script_yns_ynv.js Show response
totalmedia2.ynet.co.il/new_gpt/vesty/ 142 KB
29 KB 232ms
114ms Script
application/x-javascript 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/new_gpt/vesty/gpt_script_yns_ynv.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 80087da8f89f2a1d11045cafd56b19c4d9d78461ae890b9113c4bc29fdc4fbc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 07:51:05 GMT
server: AkamaiNetStorage
etag: "8717f866c75582eb7fcb68fc1bd152e9:1700038983.041201"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 29165

GET
H2 200 ynv_templates.js Show response
totalmedia2.ynet.co.il/gpt/ynv/ 110 KB
44 KB 181ms
62ms Script
application/x-javascript 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://totalmedia2.ynet.co.il/gpt/ynv/ynv_templates.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-140.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 09:15:22 GMT
server: AkamaiNetStorage
etag: "0d986196c56347b4af883296acc3ef7f:1549530922"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 vendors-widgets.5a75e38506bb012f5b8b.js Show response
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 2 MB
539 KB 49ms
48ms Script
application/javascript 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daaa8665415c17083651c7dca5faa946d3c406ee11458c57a54d6c7867b2f4af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:50:00 GMT
server: cloudflare
age: 187
etag: "822a7de8a052da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
cf-ray: 85086839da30901c-FRA
expires: Thu, 07 Mar 2024 04:28:31 GMT

GET
H2 200 widgets.87a033765544273a6d17.js Show response
ynet-pic1.yit.co.il/Common/frontend/site/prod/ 3 MB
779 KB 48ms
48ms Script
application/javascript 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/widgets.87a033765544273a6d17.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bda54ff484b57ad77f4eb42d520a94b192bd30a28691103efeb02c39b0095424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:50:07 GMT
server: cloudflare
age: 288
etag: "4e583eeca052da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
cf-ray: 8508683a8a7d901c-FRA
expires: Thu, 07 Mar 2024 04:28:31 GMT

GET
H2 200 flowplayer.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/ 75 KB
25 KB 254ms
134ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/flowplayer.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0f3bdce8ab00155fb5f2245b44445ad7ca366360a63e37778ab182c8bf24511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: vkxYQ1mq72.ne.iFfgk66XKg6WaxSmdN
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 15:43:18 GMT
x-amz-cf-pop: FRA50-C1
age: 45914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:42:59 GMT
server: AmazonS3
etag: W/"c2cd1d341db6e2d15bd465bf85c99c26"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: eCbM-AUYwWYoJ6FSgrnDgCOAZ14zpHbj_5sTr1qtwUtSuAT4lFY-UA==

GET
H2 200 flowplayer.css
cdn.flowplayer.com/releases/native/3/stable/style/ 49 KB
12 KB 165ms
45ms Stylesheet
text/css 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/style/flowplayer.css
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abd687c3244a5dd8145325b0935e0508959f378ec61fce5dd1f7cd114e278616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 15:43:18 GMT
x-amz-version-id: WqNuq008iPLyMlaWTC_mnHGzceCG_ZUw
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 45914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:15 GMT
server: AmazonS3
etag: W/"afd33596bcde97481dbd9081af270d02"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: gDGbOP1OQ9LXj9VO1DtZVGK85C-HGzwuXaXzrwzSUwnmjgA4rcPgfQ==

GET
H2 200 ads.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 101 KB
102 KB 263ms
143ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/ads.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c523e30323b8fc361b5e812643fd508475144e0835d95493c078edfc61520b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 05:13:30 GMT
x-amz-version-id: AdFR4q8UKWLmJYJo98vPp0LPx73sWzGR
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 83702
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 103701
last-modified: Wed, 31 Jan 2024 15:43:01 GMT
server: AmazonS3
etag: "fc3016149af8bfe834f0ab4ba67d004f"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: jsKeY9OuNDXJTt3nM5BG8wtJvSsDmOrG5WeKkvEulDKrFgrUiTRGYw==

GET
H2 200 cuepoints.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 4 KB
2 KB 284ms
164ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/cuepoints.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: Wh1DT_77tHhyRCsqejbxE3OOwuexr4ZW
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 15:43:18 GMT
x-amz-cf-pop: FRA50-C1
age: 45914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:04 GMT
server: AmazonS3
etag: W/"bd50097b30cd0caf23b8970fee9bcd6d"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: 5yl_oF8qYugosDd81Iz_r5g9w9oTL-ZZ6o4T5y0v4icanBhvMyt-hg==

GET
H2 200 google-analytics.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 7 KB
2 KB 285ms
165ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/google-analytics.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b43e259d225a28f05b569877f8f49f89f9854d3cb26f3e331b753bc78791c33d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: VQ2ri2nYqSKVpLfG3IiZ.7.mWAj1nXgj
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 11:02:47 GMT
x-amz-cf-pop: FRA50-C1
age: 62745
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:07 GMT
server: AmazonS3
etag: W/"5c0498727712f9fdd57f71fb56866554"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: YlgpGf--CRxd-biHWBOTcGKf3Gy6foB0V5f5OjujpEa_6jE54PGg7w==

GET
H2 200 keyboard.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 5 KB
6 KB 257ms
138ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/keyboard.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b9888c8bd9c6a35c278cf20603448df08f1e42652193713a01a91fbc9140aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 05:13:31 GMT
x-amz-version-id: BiDyfocT7u1NFAthZxmA2.U_PzuO7OPu
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 83701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5318
last-modified: Wed, 31 Jan 2024 15:43:09 GMT
server: AmazonS3
etag: "44ab00c5388aae5dfddeb7d53fa99876"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: oH4YnegEfDhDCoAu1IYBGjj1BXYWY4O_uo5JvHob3e-L_sfpmWWhEA==

GET
H2 200 share.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 10 KB
4 KB 247ms
127ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/share.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c721ff6b7a55b7e2c6d78a6956d5308f750e9bd6896ee2569955740fdc1c1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: R9tu3GhMhi0ustzrSWgKJcBE907Jcq7R
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 09:49:40 GMT
x-amz-cf-pop: FRA50-C1
age: 67132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:12 GMT
server: AmazonS3
etag: W/"827e19548241dd0e5fa4c96cc0ea8c98"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: z4Ia3wBxARBLPVnQsiCYwnhOQPLyQmHORkBWplWkWDgWI4bFZzrpeg==

GET
H2 200 qsel.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 6 KB
3 KB 248ms
129ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/qsel.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 003241d1a155418bef20320f23819a7234f1c4ee67f8f9f1cd4c788184b46031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: .nMB6Wj3l_RP89aY2M36Xe.P0juca4W.
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 12:25:56 GMT
x-amz-cf-pop: FRA50-C1
age: 57756
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:11 GMT
server: AmazonS3
etag: W/"1c47e6c1c7739d0fd1853b2f4ea43af1"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: ZvYWaF_sdgDwrVx-gKkA6uI6_Htixg3DujwGJgBPHxM_6fowjMS2dg==

GET
H2 200 asel.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 8 KB
3 KB 166ms
47ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/asel.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fae11c9c633cff7b1d502c425ad3a3805f08824d583e8109e50e7790b1cc060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: efqPD0uLhpWsrecagjHSXHVRXvfY1oRR
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 11:02:47 GMT
x-amz-cf-pop: FRA50-C1
age: 62745
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:02 GMT
server: AmazonS3
etag: W/"93422b67d68933a5cc3090177a60a98e"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: kC8XX-cZNVVHYOAm-qgKgepqQSkoK-CWincU_dVLLZiz9ORqlR42cQ==

GET
H2 200 hls.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 360 KB
110 KB 173ms
54ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/hls.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb29ea5ade3b55dbd6b9c2f543eb9f8d6bb4fa609ff5465847c31cedea234049

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 9P41C3QrxI7ONWMovfCA.0iz1SMz3UR5
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 15:43:18 GMT
x-amz-cf-pop: FRA50-C1
age: 45914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:07 GMT
server: AmazonS3
etag: W/"d82dd606f5f75d29bac52b89412f0e19"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: kyxaMSVI_Ix7rh_RQY2uDUkadtqoak5A4V8gspMsQfdeStJN61VQvA==

GET
H2 200 float-on-scroll.min.js Show response
cdn.flowplayer.com/releases/native/3/stable/plugins/ 6 KB
3 KB 245ms
126ms Script
text/javascript 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/3/stable/plugins/float-on-scroll.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9615049edd32a33f0f3f46bc6afc9f0b5dd6f8ca372ee4c94159af10ce8ad9ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 15:43:18 GMT
x-amz-version-id: gCv5iOv4sP8fHxQYOVZJIhegQeDlRFbZ
content-encoding: gzip
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 45914
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 31 Jan 2024 15:43:06 GMT
server: AmazonS3
etag: W/"12ce633f09b0fe33b5ee094c76641588"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, HEAD
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: yn8M-vjHUOJj3fkFsgeRcJFpnLVno_1JzUqLv9YkNnCIedDEMl6ZJg==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 377 KB
130 KB 144ms
52ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17a039087b7ffee500196f00b651585da8e6f5e1094eb91200cbbe278042a88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132591
x-xss-protection: 0
expires: Mon, 05 Feb 2024 04:28:31 GMT

GET
H2 404 flowplayer.lang.ru.js
cdn.flowplayer.com/releases/native/translations/ 0
0 255ms
136ms Script
application/xml 143.204.98.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-111.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

348 KB
99 KB

257ms
87ms

Script
text/javascript

2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

05e60e2cff076eb5258e6dafd3d5f6507ab8d7ca1efe1217934551ce008e6749

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1707107311501790-260455260559098592-balancer-l7leveler-kubr-yp-vla-44-BAL-2602
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 05 Feb 2024 05:28:31 GMT

Redirect headers

date: Mon, 05 Feb 2024 04:28:31 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
location: https://yandex.ru/ads/system/context.js
access-control-allow-origin: *
timing-allow-origin: *
content-length: 0

GET
H2 200 jquery-3.6.3.min.js Show response
ynet-pic1.yit.co.il/Common/Api/Scripts/ 88 KB
37 KB 139ms
50ms Script
application/javascript 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/Api/Scripts/jquery-3.6.3.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 12:58:30 GMT
server: cloudflare
age: 252
etag: "4de1350be5cd91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, Max-age=300, must-revalidate
cf-ray: 85086836b8d9901c-FRA
expires: Thu, 07 Mar 2024 04:28:31 GMT

GET
H2 200 dmp-provider.js Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 125 KB
37 KB 164ms
49ms Script
text/javascript 13.224.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-122.zrh50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 0c790dc13673b1b5ceb1fb73033fc004a8ab68237af2f493e7c1a196a41edc3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 15:02:52 GMT
content-encoding: br
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: ZRH50-C1
age: 48339
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: 6lT-TcE9qTxCjxQweTLCEFq7JUSamTGR0AWA-m-XQ6oyYuieinWQmw==

GET
H2 200 1540.png
www.ynetnews.com/Cnt/Images/Weather/ 743 B
947 B 159ms
40ms Image
image/png 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ynetnews.com/Cnt/Images/Weather/1540.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 97410ffa08344b61c17b47069c041c25b4c83c7c3950535be02cc90fccdb1b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

backend-cache-control
date: Mon, 05 Feb 2024 04:28:31 GMT
last-modified: Tue, 30 Jan 2024 21:55:24 GMT
etag: "8406a31d827d41:0"
content-type: image/png
vx-cache: MISS
cache-control: private, max-age=149243
wai: 01
accept-ranges: bytes
content-length: 743
v-ttl: 0
expires: Tue, 06 Feb 2024 21:55:54 GMT

GET
H2 200 ____.png
ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/ 4 KB
4 KB 140ms
52ms Image
image/png 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ynet-pic1.yit.co.il/picserver5/wcm_upload/2023/01/10/Sy811PC5qj/____.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1100fa96bd3e19c286b7f41f7bbbbb8b73bc4d757ed0f5843380fe25e62fec34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
cf-cache-status: HIT
age: 6181
cf-polished: origSize=4244
content-length: 3819
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 12:16:18 GMT
server: cloudflare
etag: "5a4db457ed24d91:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85086836b8da901c-FRA
expires: Thu, 07 Mar 2024 04:28:31 GMT

GET
H2 200 DOAR_ADOM_A.gif
images1.ynet.co.il//PicServer5/2019/05/13/9242159/ 9 KB
9 KB 116ms
76ms Image
image/gif 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images1.ynet.co.il//PicServer5/2019/05/13/9242159/DOAR_ADOM_A.gif
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-140.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/10.0 /
Resource Hash: d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
last-modified: Mon, 13 May 2019 09:21:28 GMT
server: Microsoft-IIS/10.0
etag: "b27baa3e6d9d51:0"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=475639
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9053
expires: Sat, 10 Feb 2024 16:35:50 GMT

GET
H2 200 ryl6wmEx7o_0_47_1030_580_0_x-large.jpg
ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2022/10/09/ryl6wmEx7o/ 22 KB
23 KB 431ms
430ms Image
image/avif 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ynet-pic1.yit.co.il/cdn-cgi/image/format=auto/picserver5/crop_images/2022/10/09/ryl6wmEx7o/ryl6wmEx7o_0_47_1030_580_0_x-large.jpg

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e17259cb4b6646414d3b3e2a11699d48b3ebd06dccde8c61a3e82d12104db17

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
content-length: 22896
cf-resized: internal=ok/m q=0 n=146+223 c=0+0 v=2024.1.3 l=22896
last-modified: Wed, 22 Nov 2023 18:18:12 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cfV-QDDq5XbJXjAn7GQpMb6bHr1gWqs-rDoNB_ezzVDQ:10292641701dda1:0"
vary: Accept, Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 850868372908901c-FRA

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 35 KB
10 KB 165ms
43ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: w6Ha68pJacUnuHVEsK5t0V6hDTkI3luf
content-encoding: br
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
date: Mon, 05 Feb 2024 04:17:38 GMT
last-modified: Mon, 11 Dec 2023 09:04:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 654
x-amz-server-side-encryption: AES256
etag: W/"a5c7623fd48021f30f35d232712086d5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=3600
x-amz-cf-id: 85AQQ5Byqp8Ll2vmgAT1T942FTgLCuiH1j9RdnNxLE3o4ihDQWwV3A==

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 20 KB
7 KB 154ms
71ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8508683b5c832bc2-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 436 KB
136 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 16:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41319
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139485
x-xss-protection: 0
server: cafe
etag: 9760076492862216199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 03 Feb 2025 16:59:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
95 KB 146ms
60ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb5c7a49383453eb044f776bfd49fd0159154d8062ce593f8a1968f55ba7b3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Feb 2024 04:28:31 GMT

GET
H2 200 0da9130bc42203c9b541.js Show response
yastatic.net/partner-code-bundles/958942/ 14 KB
5 KB 130ms
129ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/958942/0da9130bc42203c9b541.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e4ad0dc51bf664e99ec8972b86f9b9aefbf1b3a972914432def0a715146b9c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4837
last-modified: Fri, 02 Feb 2024 15:52:01 GMT
server: nginx/1.17.9
etag: "2ab425e63c4e9179bf1296e8173d78cd"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 04 Feb 2054 11:03:03 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 86ms
86ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 78a73759f1d7aa62
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 10:13:38 GMT

GET
H2 200 a4eed8248bc69bf7c9e5.js Show response
yastatic.net/partner-code-bundles/958942/ 59 KB
15 KB 156ms
155ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/958942/a4eed8248bc69bf7c9e5.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

30037f45c07578d12a92602f457e862ee1ef17d8675cf65da7e3c94e82e31845

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14898
last-modified: Fri, 02 Feb 2024 15:52:02 GMT
server: nginx/1.17.9
etag: "9aa8e91f362cbcaa49ed8d68368be5c3"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 04 Feb 2054 11:03:03 GMT

GET
H2 200 eae9f8b2d7df547aff1e.js Show response
yastatic.net/partner-code-bundles/958942/ 24 KB
8 KB 176ms
175ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/958942/eae9f8b2d7df547aff1e.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

384b7076a112b0df4a6cc5ccf089f1b5799df685a16e261bfeb29c0a6d40020a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7942
last-modified: Fri, 02 Feb 2024 15:52:02 GMT
server: nginx/1.17.9
etag: "304d8842d316b78f6f2f0d8efbacc4f2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 04 Feb 2054 11:03:03 GMT

GET
H2 200 06ed0d84611360bed0c5.js Show response
yastatic.net/partner-code-bundles/958942/ 571 KB
108 KB 193ms
192ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/958942/06ed0d84611360bed0c5.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

aa2478257a2f98ee465b9336fa1c3f468d593a61378e674c81f3e71073405d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 109489
last-modified: Fri, 02 Feb 2024 15:52:01 GMT
server: nginx/1.17.9
etag: "354cfc6632824186d8e3ca87077636fc"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 04 Feb 2054 11:03:03 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 209ms
208ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 04 Feb 2054 11:04:12 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://mrb.upapi.net/code?w=5732901039636480&uponit=true
https://btloader.com/tag?w=5732901039636480&uponit=true&upapi=true
https://btloader.com/tag?w=5732901039636480&upapi=true

53 KB
18 KB

46ms
46ms

Script
application/javascript

2606:4700:10::6816:4ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?w=5732901039636480&upapi=true
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Server: 2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020790698720b9ccdb8aef579801fb9ba5674c99845461f6fbc4d109a8607208

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 04:10:09 GMT
server: cloudflare
age: 1033
etag: "19af8fc5d344cc6acca14f6ae576fb7b"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8508683cd8212c5d-FRA
content-length: 18254

Redirect headers

date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1510
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8
location: /tag?w=5732901039636480&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 8508683c5fdf2c5d-FRA

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/ynet-vesty/ 628 KB
64 KB 128ms
40ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d495196778de17f4f47f079b210a67d8a60efc38badb945498d6803c175099ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: vfWmef4rgw0jqM8.mUEXkPwPrORxuHjw
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Feb 2024 04:28:31 GMT
x-amz-request-id: MRY6YKCJRMX5V1H5
age: 115
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 65397
x-amz-id-2: lvZCgfu6845wmJRRkiu5PaMSVC7vZGpc+AqGVpVYUH6w/itptFJ3q7HH3lDypwXf/r0ZK0iOE/A=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 04 Feb 2024 18:12:14 GMT
server: AmazonS3
x-timer: S1707107312.897695,VS0,VE1
etag: "2be623c84566ef8b11de62e000d98c30"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 8A00 37 KB
14 KB 196ms
116ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f30d3405a37faa318ceb86a27ad1f685d8d8acc8ce95701ab308ba388ca3e4e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co media.tenor.com .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Feb 2024 04:28:31 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: NNt6MNISzh4P47h6zFdhLG/lJt4FcomYUtRwayk6WOAUh9kmuwuc7AXWwTEBqW2R4kX9Y6oRg27MGcLBzRFGhQ==
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
3 KB 125ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38513b02fba1d9b388273014b74b38a7c5abb9db272defe734bcd16e97218d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 04:28:31 GMT
content-md5: MEe/kO7FZ5F0+QbnumG8XQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: yvEFzSCJ8IbejxQv5HcKWml3p9sIN/2eYjrmRvE3hjVkzUaudb6OVXY2vR7cGlGSUGpwXxIuzdyhEE1kFyhgSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d22ec27bb6e4874b60f911c7da4bf194
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "fba053f7d8ee0abd064dc8205a990a54"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 05 Feb 2024 04:30:37 GMT

GET
H2 200 / Show response
trinitymedia.ai/player/trinity/2900001404/ 5 KB
2 KB 488ms
152ms Script
application/javascript 34.200.98.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trinitymedia.ai/player/trinity/2900001404/?pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.98.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-98-54.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 8cc194b1705d7394cd82ff580db35357e2a1c28c59d7361469edb9d48c43f295

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store
content-length: 1764

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 142ms
39ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 417b25971c9f1ce8d75df5fa7d73005730f3c6790aa2cc0679443c1f2f6bce0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:31 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 2074
x-amz-cf-pop: DUS51-P1
age: 751
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1707105237
x-77-nzt: EgwBnJIhiAH3GggAAAwBisclxAH3rwAAAA
x-accel-expires: @1707108837
x-77-age: 2249
x-cache-lb: HIT
last-modified: Fri, 02 Feb 2024 20:39:17 GMT
server: CDN77-Turbo
etag: W/"fb707651382f60f8ae83f9dc626f7141"
x-77-nzt-ray: f6587a1df728ad59ef63c06547257236
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: xpRiRGffPtMX2XjmgNXvmKNHE8tP-0CVQ50i9M5RkrRzjjcRWptchA==

GET
DATA 200
OK truncated
/ 616 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 276 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 702 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 639 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 637 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 241 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7c75468e63bbfc47e9b7e43bf8c709185836b2868ea3a893339966c208435c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9176dfafa2beac923666d80208d52163366268d65a3f6d4c9c7dc062f13db1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1645d05205c0de76ee78715ddbbbe2a5e4b2fe9f5faee9037e070c07691212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 864 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cab9d462a9a175760c61a7064803d06ffef31dedbf1f1e60a0a32a5cb2f3c273

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f2670e4f67d0c775f37608159388c8d7b8fe9623edf09fe619a258bc49dd916

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 799 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8783883968da07275df5ed817ae769253fa3a51509283f371d81aff455039d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 935 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 018144810275161f79a9ef6fe1708661f13c78fc5d5d87770a3bfc90c9be8ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 816 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a553df845d177b46293aab2013860f307d903ee751bd008e37786f04fa7c50a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 787 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aace298e700157aedcfe9b062cc530a67ece01ad08c3af7fe8a52be86bc01d04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11dbe46578266e04259c1ca0a713ffbf86c3803b94a379e5fc6ef8a381095084

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 NarkissBlock-Medium.woff2
ynet-pic1.yit.co.il/Common/images/fonts/ 20 KB
21 KB 202ms
115ms Font
application/font-woff2 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/images/fonts/NarkissBlock-Medium.woff2
Requested by: Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.20c16725e0270556dbbf56c596319027.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf

Request headers

Referer: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.20c16725e0270556dbbf56c596319027.css
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Nov 2020 12:15:54 GMT
server: cloudflare
etag: "0797f686db3d61:0"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=2629800, s-maxage=2629800, must-revalidate
cf-ray: 8508683bb9255d8b-FRA
expires: Thu, 07 Mar 2024 04:28:32 GMT

GET
H2 200 NarkissBlock-Bold.woff2
ynet-pic1.yit.co.il/Common/images/fonts/ 20 KB
20 KB 209ms
122ms Font
application/font-woff2 2606:4700:4400::ac40:985d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ynet-pic1.yit.co.il/Common/images/fonts/NarkissBlock-Bold.woff2
Requested by: Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.20c16725e0270556dbbf56c596319027.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:985d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a125935da70c13b8e02899542b319dde2d65cee1abc837f5743edd9153a3ed1

Request headers

Referer: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vesty.20c16725e0270556dbbf56c596319027.css
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 05 Nov 2020 12:15:54 GMT
server: cloudflare
etag: "0797f686db3d61:0"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=2629800, s-maxage=2629800, must-revalidate
cf-ray: 8508683bb9265d8b-FRA
expires: Thu, 07 Mar 2024 04:28:32 GMT

OPTIONS
H2 403 /
ads.google.com/ Frame 0
0 182ms
66ms Preflight
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.google.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/acx-adwords-navigation-frontend-prod/1;script-src 'report-sample' 'nonce-QnIMPf5wpy9eExp6LLm-lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA
Strict-Transport-Security	max-age=3600; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

acx-server-start-time: 1707107312053
acx-server-time: 9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/acx-adwords-navigation-frontend-prod/1;script-src 'report-sample' 'nonce-QnIMPf5wpy9eExp6LLm-lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA"
date: Mon, 05 Feb 2024 04:28:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AdqZYNeG0poCtdV4kIzbbF_sNwCxI1mV1uW4HEhCsSU6Bsx43CmWAdj1AGBm9HACQEN9xA"}]}
server: ESF
server-timing: server-processing;dur=9
strict-transport-security: max-age=3600; includeSubDomains
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-trace-id: 9024003848754760615
x-xss-protection: 0

PUT /
ads.google.com/ 0
0

GET
H/1.1 200
OK 1540.png
www.vesty.co.il/Cnt/Images/Weather/ 743 B
1023 B 40ms
40ms Image
image/png 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vesty.co.il/Cnt/Images/Weather/1540.png
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-140.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 97410ffa08344b61c17b47069c041c25b4c83c7c3950535be02cc90fccdb1b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/main/article/rk7aiqj4a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

backend-cache-control
Date: Mon, 05 Feb 2024 04:28:31 GMT
Last-Modified: Fri, 05 Jan 2024 21:49:00 GMT
ETag: "8406a31d827d41:0"
Content-Type: image/png
VX-Cache: MISS
WAI: 01
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 743
V-TTL: 0

GET
H2 200 0 Show response
www.vesty.co.il/iphone/json/api/talkbacks/list/rk7aiqj4a/end_to_start/ 2 KB
1 KB 157ms
157ms XHR
application/json 184.30.21.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vesty.co.il/iphone/json/api/talkbacks/list/rk7aiqj4a/end_to_start/0

Requested by

Host: ynet-pic1.yit.co.il
URL: https://ynet-pic1.yit.co.il/Common/frontend/site/prod/vendors-widgets.5a75e38506bb012f5b8b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.21.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-21-140.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a3c1dbc8dc5c82b37ff464bed6ef0db6796e7a72120d7a86e36283db3ca177f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.vesty.co.il/main/article/rk7aiqj4a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

backend-cache-control
x-me: ${S_HOSTNAME}
x-version: V3
content-encoding: gzip
date: Mon, 05 Feb 2024 04:28:32 GMT
vx-cache: MISS
wai: 01
v-ttl: 0
content-length: 816
last-modified: Mon, 05 Feb 2024 04:28:32 GMT
osv: c8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
vg_id: 2

GET
H2 200 6870 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 154ms
69ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/6870?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e7b8e362b53e61c3bef11f0a0e32810f41ade92a74bb97aa1b7d58adc6cd346

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mFLi7Ukeds7HNw5GgKD4Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mFLi7Ukeds7HNw5GgKD4Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgdkqfwRoAxJ8zZ7D-BmKf-hmsUUBcdvscax0QC8udZ5UGYiFujg_HG9exCSzYfEABALzsVfA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 304 KB
87 KB 81ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=8e00aaaa62d7b839ebbe578ac15f6ac8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bb849d686c7895ea95a8563b9a206a3681a30e063a6b80b75b5556c6264689d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 04:28:32 GMT
content-md5: WZJ5lSIWMMG7I6P5zN6uzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88713
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: w8noMabE+JVG1BJVg+huKZ6H2zE/OymDegJF0JOziYYZF9HztI85u7nsbDPwVE7b2VjhazqQHxET1PFQI8muhQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ad28b8dedf3bb4e2d636cb94b8209843
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b371dab6848258eb2eb2f25511e6e36a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Feb 2025 03:43:12 GMT

GET
H2 200 widget_app_base_1706906186205.js Show response
cdn.userway.org/widgetapp/2024-02-02-20-36-26/ 139 KB
41 KB 117ms
39ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c215d6b2d6b667788d0895e2531ab835706bed658f374a88e9e3eb07f303f761

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199954
x-amz-cf-pop: FRA60-P3
age: 748
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907358
x-77-nzt: EgwBnJIhiAH3Eg0DAAwB1GY4EQH3sAAAAA
x-accel-expires: @1732827182
x-77-age: 200130
x-cache-lb: HIT
last-modified: Fri, 02 Feb 2024 20:39:11 GMT
server: CDN77-Turbo
etag: W/"674c58ae3897f9859ed4c2c29d13edcc"
x-77-nzt-ray: f6587a1d0a41d85af063c06510d75d02
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: OqF1bZlKxF_fmv3u4oMjy1OdwerJDvpgREn17px5xAv0EhnMfFxSKg==

GET
H2 200 2mC_BIbRJAM.css
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/ Frame 8A00 20 KB
5 KB 215ms
133ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/2mC_BIbRJAM.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ccd29213ebc22e63d1918c0a7597d6a2a19fa0b85d15e7a288b872e25560a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wyutaryVTWI/HzNeGdOtug==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5264
x-fb-debug: 7RVqTM7ww3JDV6Ojxm6FBjR7cEct7jQBBByESV4CtVP4TwnxqCpmvBMYkUHg0aTaMxjnKozUQlNq07sRuXyO+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 02 Feb 2025 17:36:54 GMT

GET
H2 200 VDA1yVfx_0y.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 8A00 355 KB
92 KB 219ms
137ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/VDA1yVfx_0y.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

484119f30a2b2f2f97fae13a7543386ff74b983bdd33cd8a825c7f79c4f81e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U/nqDoWrS0qJ4NAPEJRK2A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 94020
x-fb-debug: /F77gnpJVy4+5YvxjViUgxL6zwlO32cqXnLJ/aKfxc7iFePYDVkeT0gG85OcV341jHZVesOxXXeG9cs19TOIzA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 29 Jan 2025 13:45:31 GMT

GET
H2 200 8ZrPme2EwKH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 8A00 9 KB
3 KB 183ms
100ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/8ZrPme2EwKH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JieWsOvZ3RFDEjZePuauxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2809
x-fb-debug: Ksa9WQzva9SkzL2VewAveTTyQ4RoUb1WkbNm0bGkc6G4nKAZ66nL7MleTRDzxvizBT9DodTBR317p/JEW8+0Ag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 25 Jan 2025 17:01:57 GMT

GET
H2 200 2o-XRyr-n9k.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 8A00 94 KB
27 KB 182ms
100ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/2o-XRyr-n9k.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df69087d551c81123be79901817746b3989b89049c4423f90972be0aea4c7d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TfpQvzLG3jSKUDNcIJi79A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27504
x-fb-debug: HXntfdbvlU/GRfnTtaW7F2X0TFR4qMbF7kCU0yeYHw/Y8NAw1LfawtW6KQ6Eh48IhHgzY52xQNw9SnLHKd4nTA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Feb 2025 00:33:53 GMT

GET
H2 200 5IFVSw5iabs.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yR/l/de_DE/ Frame 8A00 107 KB
31 KB 126ms
44ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yR/l/de_DE/5IFVSw5iabs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5173b274ddb18563c2149f25eae46a886d6adea29a2648773a917055098d142e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /aygCnzQBY3qGXR1KmAJqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31374
x-fb-debug: azazk1HPToG1ujMdwMClOPXEV0RM0aCGSQ3g04JbljCCfuMaE27mC083i1fAysFPgjF3LEejAG+ZBitV4VcuSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Feb 2025 21:48:56 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 8A00 507 B
487 B 214ms
132ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
x-fb-debug: osoXx3HsJXXg6vjgomRcUG640pno9VCI4zw1jQ9cUbVqqGqGRueVIyHvahgFeSp1EvsyqeN+NeI8n5vjRkJ3Xg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 24 Jan 2025 02:46:12 GMT

GET
H2 200 336298928_2992004974427750_8732295176742565021_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 8A00 16 KB
16 KB 42ms
42ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/336298928_2992004974427750_8732295176742565021_n.jpg?stp=dst-jpg_p130x130&_nc_cat=101&ccb=1-7&_nc_sid=081abc&_nc_ohc=YSerqUgzZ1AAX-wK_87&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfD6ZzlxKlasQV8Dk8fSCiwWhhsKEU0Em-tPSojRxk-_Nw&oe=65C53EEB
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 49b6f7a70ee3d7f71c178641dec7c2b4cae50de328e404d593f7318d9a8b6c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 05 Apr 2023 07:37:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2329757484
thrift_fmhk: GBDot2SpCVORURYdUu4s3QQTFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1347642013
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16135

GET
H3 200 336653612_1272733246996756_5037226267515267926_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 8A00 1 KB
1 KB 40ms
40ms Image
image/jpeg 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/336653612_1272733246996756_5037226267515267926_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=4da83f&_nc_ohc=02etCOVKH9YAX-5eJT0&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfA_Y3dZTrUqOS7daczRbf9rXBUsLXLK0j9XYQWOQddkTg&oe=65C5CE52
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https://www.facebook.com/vesti-502815246460949?fref=ts&width=300&height=300&colorscheme=light&show_faces=true&header=true&stream=false&show_border=true%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ab32b2c4c4edb597ff057500e0716830305580857189e611e5b07acbba87d78a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 05 Apr 2023 07:37:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1081392817
thrift_fmhk: GBBS52bYtpWTdQS06M2F1UIsFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 439318
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1442
priority: u=3,i

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
101 B 675ms
213ms XHR
text/plain 35.162.236.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=d@IPwROfQALRvqYBCEmN
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.236.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-236-57.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Mon, 05 Feb 2024 04:28:32 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 5 KB
2 KB 181ms
67ms XHR
application/json 13.32.27.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=vesty&pk=ynet&url=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&bid=d%40IPwROfQALRvqYBCEmN&at=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%20%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%20%D1%83%D0%B6%D0%B5%D1%81%D1%82%D0%BE%D1%87%D0%B8%D0%BB%20%D0%BD%D0%B0%D0%BA%D0%B0%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F%20%D1%83%D0%BA%D0%BB%D0%BE%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BC&sw=1600&sh=1200
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-3.fra56.r.cloudfront.net
Software: akka-http/10.2.1 /
Resource Hash: e09765300c2e29172a5fc60a7353c34827a85a744c691c5669bf993b199c2b0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: gzip
via: 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
server: akka-http/10.2.1
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
x-amz-cf-id: cHihsTM2WwtwHZcKSNLeY9PoI7cUiAeFTAJkKKza0WRQvmeVwaer1g==

OPTIONS
H2 200 PRE
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 0
0 132ms
43ms Preflight 13.224.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-122.zrh50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
age: 48287
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 04 Feb 2024 15:03:45 GMT
server: nginx/1.20.0
vary: Origin
via: 1.1 d7147e532e5cf73689fcb39fa760bcf2.cloudfront.net (CloudFront)
x-amz-cf-id: xHM6c8sezlHoIbvUW6l7rN6j-p2bZI418pYS2xYNkCTG5cU5Oy2tZg==
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront

OPTIONS
H2 200 POST
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ Frame 0
0 132ms
44ms Preflight 13.224.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-122.zrh50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
age: 48290
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 04 Feb 2024 15:03:42 GMT
server: nginx/1.20.0
vary: Origin
via: 1.1 d7147e532e5cf73689fcb39fa760bcf2.cloudfront.net (CloudFront)
x-amz-cf-id: bUiD-XgMCT1sq4uex2TGPSfCjBY6yG6LFG9OzzNPiMhedHNiS2TZzQ==
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront

GET
H2 200 survey.js Show response
cf.dxmcdn.com/dta/ 377 KB
104 KB 169ms
44ms Script
application/javascript 2600:9000:2240:e000:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/survey.js
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b36051a6fb8e5f6514f0abecfb0164d777b2dad5853fd751a55cdf7a4459a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: taNR86Yo5OpaOUzQQ6lghmbK1KAtBt7W
content-encoding: gzip
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
date: Sun, 04 Feb 2024 08:06:37 GMT
last-modified: Fri, 26 Jan 2024 09:03:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 73316
x-amz-server-side-encryption: AES256
etag: W/"b79c4ec888598034b8886fca8f5e4c3e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ZEdAlNxj6GA40vK8B4nJKW6bBrGh1AkwrGs90UJVMN5sB6xe31UDhw==

GET
H2 403 fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js
cdn.permutive.com/ 0
0 135ms
45ms Script
text/html 2606:4700::6811:7711
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js?d=2024-02-05
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 PRE Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 0
319 B 44ms
43ms Fetch
text/javascript 13.224.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/PRE
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-122.zrh50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/javascript

Response headers

date: Sun, 04 Feb 2024 15:04:25 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: ZRH50-C1
age: 48247
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: -2dd9f7js1MNLBTUBInUVBbB4tgbegPaJA6nx6pA4m4AD2dmM-BReA==

GET
H2 200 POST Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/ 0
320 B 44ms
44ms Fetch
text/javascript 13.224.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/snippets/POST
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-122.zrh50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/javascript

Response headers

date: Sun, 04 Feb 2024 15:04:25 GMT
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: ZRH50-C1
age: 48247
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 1iC_xnp8hk_w4MCjdcjMa1rCDarBC9V5VbXQq9Tkdx_CCveoRy654Q==

GET
H2 200 dmp-main.js Show response
tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/ 253 KB
78 KB 51ms
51ms Script
text/javascript 13.224.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-122.zrh50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 316403557ab46c8ff87770cc64da974db5c96ab172bd6f279fbb82fed792b9b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 15:02:52 GMT
content-encoding: br
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: ZRH50-C1
age: 48340
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: dBdPs9fRw1c9W8YpyhzmXR7C7s-R_ALIZqMqhn2efMfGfZ-r65NPPQ==

GET
H2 200 impl.20240204-39-RELEASE.js Show response
cdn.taboola.com/libtrc/ 854 KB
176 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240204-39-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 9e2e0035c524489980c5b0a7569f33dd86457cf4237d7323fda625f93ada5446

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: IZWzNc.3wFEz0yUgg2gwE2CJSJSrHykP
content-encoding: br
via: 1.1 varnish
date: Mon, 05 Feb 2024 04:28:32 GMT
x-amz-request-id: F6X188G24DBZBPVP
age: 9355
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 180276
x-amz-id-2: Gc83zVOHFaAaoUYIga86tdI/QeJz4085wqMGy8zBdS2cuon4QksRMX9IoBjCrQUjCupTVmywNeo=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 04 Feb 2024 17:44:05 GMT
server: AmazonS3-br
x-timer: S1707107312.100461,VS0,VE0
etag: "784a8d35d21fd799089e63d29c9483f7"
vary: Accept-Encoding
content-type: application/javascript
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 7980

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26e69d65fd152b11b14df718e88761a7d6925c90269f8c48118744ba9119b90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87067
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Feb 2024 04:28:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB9MN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 03:30:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3469
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 05 Feb 2024 05:30:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
57 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Feb 2024 04:28:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57202
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: zyFd2UWD7z/Rf0RCCsUf6F3LazWgVpzpmAO5P/d0bvlngypu+sYYn/PsgpchW0PRM/gSameL1I2bCjO1FxKIkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 TMdH3tdGg3 Show response
api.userway.org/api/tunings/ 3 KB
3 KB 607ms
194ms XHR
application/json 2600:1f14:5db:eb11:c921:e0ee:d11d:eb7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/TMdH3tdGg3
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:c921:e0ee:d11d:eb7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5147e8d55fc17381fff62b6f5de9f019e822a358aca5459bd019c5ec640ad8dd

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
etag: W/"a9f-uXKlr24eGlj/aQzbfOVNoK/x+H0"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr30b88e779a76433
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 2719
x-service-version: uw-pr

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 249ms
154ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
922 B 146ms
48ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1897162
x-guploader-uploadid: ABPtcPoCjHZz2Z_km5VaYiqzKu4s5KfgqgWdpKHaYGvXeoKl6M7Je-UrhCbADCxmlAWOMNfMc7zVfUcYnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zkTj%2BgcMS4rDWNbqpbR%2ByMxWU7DuiVCtQJ8vjalqd6rvCs6lhYoOluwU1vHyPLYE2bylNYTgi51O2BeFjlsKxiWjUpFVp5YnOAZNRp60%2FHrskXmKvpQqkTx4%2BwygCQgclFXV7QX6iG2LIpFRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8508683dcf905c92-FRA
expires: Sun, 14 Jan 2024 05:55:33 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 157ms
39ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 18:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Feb 2024 18:49:12 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
333 B 147ms
48ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.13031861907751185
Requested by: Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1897162
x-guploader-uploadid: ABPtcPoCjHZz2Z_km5VaYiqzKu4s5KfgqgWdpKHaYGvXeoKl6M7Je-UrhCbADCxmlAWOMNfMc7zVfUcYnA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c88NT5UnCUet881xPOeZgKeXhcp3WVETuAd59k8%2BJjcQgJupGa6cCFqG2SVGdo1xlr7jc3IkZztosQ6ZSjPxwBilb1dfP6KYsSewJgzIgQNxyCDvkohgOOpsPeIlSRyVz53ew4F5l2s5o7p3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8508683dcf925c92-FRA
expires: Sun, 14 Jan 2024 05:55:33 GMT

GET
H2 200 AGSKWxXGkZN91VhgLnTyi1uir37nxE0bx-6Y_qrClYEUqixJken6ZoKaUfexGWoB12lPOnrzXNg-iLV2Fzcvgg6VWlmzsx6v-8teiE4jUYhcwuF3ruWBHstFrd-GO6x4mzCnbVZUssB2mw== Show response
fundingchoicesmessages.google.com/f/ 385 KB
60 KB 133ms
133ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXGkZN91VhgLnTyi1uir37nxE0bx-6Y_qrClYEUqixJken6ZoKaUfexGWoB12lPOnrzXNg-iLV2Fzcvgg6VWlmzsx6v-8teiE4jUYhcwuF3ruWBHstFrd-GO6x4mzCnbVZUssB2mw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTA3MzEyLDE4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudmVzdHkuY28uaWwvbWFpbi9hcnRpY2xlL3JrN2FpcWo0YSIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImRlIl0sWzE5LCIxIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMz5VRiJy9OwG--o2Sg4RI-wGtUBww/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

411894ccedaccf5d8ed015f0d3105ee290ac7c40524628660122406c382569f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CTdIB3o-wD6B0doVpsXjCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-CTdIB3o-wD6B0doVpsXjCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgdkqfwRoAxJ8zZ7D-BmKf-hmsUUBcdvscax0QC8udZ5UGYiEejg_HG9exCTx48a2HEQAg_VcW"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 132ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HBGSDK9P6D&gtm=45je41v0v870073666z872590624za200&_p=1707107311281&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=971943362.1707107312&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%20%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%20%D1%83%D0%B6%D0%B5%D1%81%D1%82%D0%BE%D1%87%D0%B8%D0%BB%20%D0%BD%D0%B0%D0%BA%D0%B0%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F%20%D1%83%D0%BA%D0%BB%D0%BE%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BC&sid=1707107312&sct=1&seg=0&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&en=page_view&_fv=1&_nsi=1&_ss=1&ep.article_id=rk7aiqj4a&ep.author_name=%D0%92%D0%B5%D1%81%D1%82%D0%B8-Ynet&ep.editor_name=Kostya%20P&ep.date_modified=2023-11-22%2017%3A25%3A38&ep.date_published=2023-11-22%2017%3A25%3A38&epn.videos_count=0&ep.sponsored_content=No&ep.word_count=193&ep.article_tags=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%2C%20%D0%A0%D0%B5%D0%B7%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D1%82%D1%8B%2C%20%D0%9E%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%22%D0%96%D0%B5%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B5%D1%87%D0%B8%22&epn.comments_count=1&ep.dc_path=50.Vesti-13147.VNews-13229.VIsrael&ep.page_type=Article&ep.ad_blocker=false&ep.channel_name=Vesty&tfd=2176
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HBGSDK9P6D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 04:28:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 card-interference-detector.20240204-39-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 39ms
39ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20240204-39-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-vesty/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d7316f49cab1183391beaff45e8c99e0937990a77dbb960659d79f221622444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: 8bHQCQCi_XR4Dc.C6RauXMbT3XURtN.j
content-encoding: gzip
via: 1.1 varnish
date: Mon, 05 Feb 2024 04:28:32 GMT
x-amz-request-id: RX361C9N6V1XPWBE
age: 37927
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2181
x-amz-id-2: 3DvBkG1o3CeHqdtAebwLKc5PZyvZ+gplMEc8Ge0EN7inhWZ1MXDbIIUxqqqtnrdbFXR1MDFVDG0=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 04 Feb 2024 17:56:25 GMT
server: AmazonS3
x-timer: S1707107312.236624,VS0,VE0
etag: "69df0a09fc8f963a37130bab0782b178"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 94
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 19102

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 156ms
56ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240204-39-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 258312
expires: 60

GET
H3 200 935048389980151 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 143ms
143ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/935048389980151?v=2.9.144&r=stable&domain=www.vesty.co.il&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19ce1ff8a4b2b971c754ab8b5fb7ea04f25735f47257b9b04017a0791618555a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 05 Feb 2024 04:28:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: o9/n+eR8ofXaDm4sT/8FpSdAu+L9wzObIwcoc1bRfX1mIRMwm3Gu6nMvFbKRaUgx5POY5MeBY4D9aha+6AH2SA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 middy-desktop-4.22.14.js Show response
cdn.browsiprod.com/sd/apps/middy/ 296 KB
72 KB 125ms
45ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.22.14.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa464839adf45e76d965f6c8e5242d5cd80d15713e5a5372f21d9fba1109976e

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:27:36 GMT
x-amz-version-id: FHCzIg28flu5cM4.XUw4A9.XX5obyJBB
content-encoding: br
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 4813257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 30 Nov 2023 13:00:47 GMT
server: AmazonS3
etag: W/"2a65a997e467dc83ecb470f8afb5c67a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: XDTJbPOWOqrIv0ruMg284evXF-2BQeuSlSSM7GeqqhveSgz-EA_Fvw==

OPTIONS
H2 200 events
event.dxmdp.com/rest/api/v1/ Frame 0
0 185ms
65ms Preflight 18.244.28.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Mon, 05 Feb 2024 04:28:32 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1d88a25ceb508fe1d5a673b8279d4c7c.cloudfront.net (CloudFront)
x-amz-cf-id: LKbnN1Z7ZYuaxitwj_QU6V4W751OVY55WxyqceJQ0SjMcq3-zJ5_3g==
x-amz-cf-pop: CDG52-P5
x-cache: Miss from cloudfront

OPTIONS
H2 200 sync
event.dxmdp.com/rest/api/v1/ Frame 0
0 183ms
64ms Preflight 18.244.28.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Mon, 05 Feb 2024 04:28:32 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1d88a25ceb508fe1d5a673b8279d4c7c.cloudfront.net (CloudFront)
x-amz-cf-id: QtjUEwiI9NX6XhFGzkpl6W5uiYr88miA_6_ODwiV7t32WXmnioCOtQ==
x-amz-cf-pop: CDG52-P5
x-cache: Miss from cloudfront

POST
H2 200 events Show response
event.dxmdp.com/rest/api/v1/ 549 KB
550 KB 217ms
122ms Fetch
application/json 18.244.28.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/events
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 5c319d54f7e167911f7f7a246e2c307cdb1387e449e4a772300ba6f8400d01c8

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 b3c3867bcc3f09d634cc38a60db5bb78.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P5
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
x-amz-cf-id: bRFP5ZF8ZS0ttW1y3g4yecQUEgol4L1MDeugE2Sqe5GfK44uemR5-w==

GET
H2 200 sync Show response
event.dxmdp.com/rest/api/v1/ 13 B
482 B 160ms
65ms Fetch
application/json 18.244.28.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 b3c3867bcc3f09d634cc38a60db5bb78.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P5
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
x-amz-cf-id: TFce_FH8434--q1tbPdwUPdWNFcXAiEOqmqbg6poKP7rQ2U0tdZcFg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1624708336&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&dp=%2Fmain%2Farticle%2Frk7aiqj4a&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%20%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%20%D1%83%D0%B6%D0%B5%D1%81%D1%82%D0%BE%D1%87%D0%B8%D0%BB%20%D0%BD%D0%B0%D0%BA%D0%B0%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F%20%D1%83%D0%BA%D0%BB%D0%BE%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=889911770&gjid=1282877950&cid=971943362.1707107312&uid=0&tid=UA-5536870-20&_gid=1562792267.1707107312&_slc=1&gtm=45He41v0n71NB9MN6v72590624za200&cd1=false&cd2=0&cd3=0&cd4=2024%2F02%2F06%2006%3A28%3A33&cd12=Article&cd14=50.Vesti-13147.VNews-13229.VIsrael&cd15=%D0%92%D0%B5%D1%81%D1%82%D0%B8-Ynet&cd16=2023-11-22%2017%3A25%3A38&cd17=2023-11-22%2017%3A25%3A38&cd18=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%2C%20%D0%A0%D0%B5%D0%B7%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D1%82%D1%8B%2C%20%D0%9E%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%22%D0%96%D0%B5%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B5%D1%87%D0%B8%22&cd19=rk7aiqj4a&cd21=193&cd23=Kostya%20P&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1103660616

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 153ms
51ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5536870-20&cid=971943362.1707107312&jid=889911770&gjid=1282877950&_gid=1562792267.1707107312&_u=YCDAgEABAAAAAGAAI~&z=1516726086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trinity-injector-script.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20240201_372802f60fe2e428936699a750ca73fd9e80d955/ 139 KB
46 KB 143ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20240201_372802f60fe2e428936699a750ca73fd9e80d955/trinity-injector-script.js
Requested by: Host: trinitymedia.ai
URL: https://trinitymedia.ai/player/trinity/2900001404/?pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&GDPR=$$GDPR_MACRO$$&GDPR_CONSENT=$$GDPR_CONSENT_MACRO$$
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: d47e6468e1430d380742ead721a7621b3c2675385d5d069135ea0611bb93b863

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
x-amz-version-id: W9tRlYOe9ldle7S7nyogVGEENXF8lKw_
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: G2V694DPJ34AZTPQ
cdn-cachedat: 02/01/2024 09:06:49
cdn-pullzone: 112690
x-amz-id-2: 8AxXIG2PLToKx+C7VVchg4mrQu+HvM0FBDNqQ++PH/tsrxNup3h/DyxyMq04Y3VIgyLClOlKzIM=
last-modified: Thu, 01 Feb 2024 09:01:28 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"b1a68db6773ee6caa8dcb16841a7564b"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: acbc2e0b-1875-472e-93e7-be7f028b2851
access-control-max-age: 3000
cache-control: public, max-age=604800
cdn-requestid: ee4fc60f817e54975e1fcf69e92a1e3d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 survey-executed Show response
tr.dxmcdn.com/rest/api/v1/ 0
332 B 148ms
62ms Fetch
text/html 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.dxmcdn.com/rest/api/v1/survey-executed

Requested by

Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/survey.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
server: Google Frontend
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: text/html
access-control-allow-origin: https://www.vesty.co.il
x-cloud-trace-context: a4d252d1a751d7566e96d01ebab584c1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 0
0 184ms
60ms Preflight
text/html 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.dxmcdn.com/rest/api/v1/survey-executed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.vesty.co.il
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: text/html
date: Mon, 05 Feb 2024 04:28:32 GMT
expires: 0
pragma: no-cache
server: Google Frontend
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cloud-trace-context: 09f3ca491625d5d7d041abd57e1709ff
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 8A00 573 B
708 B 40ms
40ms Image
image/png 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/2mC_BIbRJAM.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/2mC_BIbRJAM.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
x-fb-debug: 8VS7GbuC7RSVeIe1FK06Ga6HdF431zLtHlS4fiac7cyTEHbU6sW9M1SGzrxUL8DhzY9QHWZ+KAkpaMwcqfKffQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 23 Jan 2025 02:11:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 105 KB
6 KB 139ms
53ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxyli0GUH1qw5S5ieLhzZRcHATUTw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 05 Feb 2024 04:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 04:28:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 05 Feb 2024 04:28:32 GMT

GET
H2 200 6iu8TueMYvXyIgUzkmSLFnDbzFKaoGGwg1ZGgrfHfb09AsZW0kI5pNALo4FdRjON3wXw5T-8fAmXkm2Z0nAjWhmhZ93NV_3Ju3zNG53REx1oL0vI9pA=h60
lh3.googleusercontent.com/ 7 KB
7 KB 127ms
40ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6iu8TueMYvXyIgUzkmSLFnDbzFKaoGGwg1ZGgrfHfb09AsZW0kI5pNALo4FdRjON3wXw5T-8fAmXkm2Z0nAjWhmhZ93NV_3Ju3zNG53REx1oL0vI9pA=h60

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb408a3f4c5c7ba9cd3672310df56a5a9a5f6e9fa36e73e20b54c643614f0af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 02:22:02 GMT
x-content-type-options: nosniff
age: 7590
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7051
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 06 Feb 2024 02:22:02 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 235ms
149ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:59:51 GMT
x-content-type-options: nosniff
age: 466121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:59:51 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 00:59:33 GMT
x-content-type-options: nosniff
age: 530939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 00:59:33 GMT

POST
H3 204 AGSKWxWWATBR4Jsp2KQKZF6IT-07N8zr5hskjM3zj_npPgh2wsFg1oDWPyNB-_z1nEfIQyO1R_OtnHa3Yq65xMhxaKFTDAJP2yEVLnT5v1UE3VRMN2VLhAeJzKw5POLmo4rF5w8DQBkajA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 133ms
52ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWATBR4Jsp2KQKZF6IT-07N8zr5hskjM3zj_npPgh2wsFg1oDWPyNB-_z1nEfIQyO1R_OtnHa3Yq65xMhxaKFTDAJP2yEVLnT5v1UE3VRMN2VLhAeJzKw5POLmo4rF5w8DQBkajA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lAZPOil9Rlg22nJCoC6wSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-lAZPOil9Rlg22nJCoC6wSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQDistvnWOuAWFjuPKs0EAvxcHw43riOTaBj8ckPjADnGiKt"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
129 B 41ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=935048389980151&ev=PageView&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&rl=&if=false&ts=1707107312406&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.2.1707107312405.677935626&ler=empty&cdl=API_unavailable&it=1707107312228&coo=false&exp=e1&rqm=GET

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 05 Feb 2024 04:28:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
101 B 306ms
212ms XHR
text/plain 35.162.236.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=761b2ebf-7b54-4480-847a-56b0d07147b4
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.22.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.236.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-236-57.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Mon, 05 Feb 2024 04:28:32 GMT
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 40ms
40ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.22.14.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-37.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 04:30:30 GMT
x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: br
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 86283
x-cache: Hit from cloudfront
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: E6b4wVHMMVMUbvYCknzw_fHqVbWAqI9g6p-249lFSMRmJ1FBWhu3YQ==

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
102 B 296ms
212ms XHR
text/plain 35.162.236.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=761b2ebf-7b54-4480-847a-56b0d07147b4
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.22.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.236.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-236-57.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Mon, 05 Feb 2024 04:28:32 GMT
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 137ms
49ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5536870-20&cid=971943362.1707107312&jid=889911770&_u=YCDAgEABAAAAAGAAI~&z=2000175297

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 138ms
51ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5536870-20&cid=971943362.1707107312&jid=889911770&_u=YCDAgEABAAAAAGAAI~&z=2000175297

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 150ms
149ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 150ms
150ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=F93w6IqmV&w=5732901039636480&o=6244355308257280&cv=2.1.32-1-g3ff2e17&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&sid=jJplzpPz&pm=false&upapi=true
Requested by: Host: mrb.upapi.net
URL: https://mrb.upapi.net/code?w=5732901039636480&uponit=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 05 Feb 2024 04:28:32 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 6844.bundle.js Show response
vd.trinitymedia.ai/trinity-player/tts-player/20240201_372802f60fe2e428936699a750ca73fd9e80d955/ 936 B
1 KB 117ms
39ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20240201_372802f60fe2e428936699a750ca73fd9e80d955/6844.bundle.js
Requested by: Host: vd.trinitymedia.ai
URL: https://vd.trinitymedia.ai/trinity-player/tts-player/20240201_372802f60fe2e428936699a750ca73fd9e80d955/trinity-injector-script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 48f890075381c927dd3fb4c4ce0033f68b0e6f36aff84d1dcdc1b4173f796845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
x-amz-version-id: T1UDiOd2TZ.G1Iy2Rc6yNKOdxDsBMKh5
content-encoding: br
cdn-edgestorageid: 1080
x-amz-request-id: H06J02S53XM4PEP9
cdn-cachedat: 02/01/2024 09:11:52
cdn-pullzone: 112690
x-amz-id-2: dDhrqCkgcVAqIjHbW/tUJPRW9Lkqrx763tVWqAk4M5Om3efNkH3Be0meNKqzdVrbbADT0TMRIEQ=
last-modified: Thu, 01 Feb 2024 09:01:27 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"59ce2692216bb23f45cbf910a5ed2de3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: acbc2e0b-1875-472e-93e7-be7f028b2851
cache-control: public, max-age=604800
cdn-requestid: abcbaea215b84abbe21df79ca2d2a4e5
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 comments.php
www.facebook.com/v5.0/plugins/ Frame 3B72 0
0 71ms
71ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/comments.php?app_id=206136563190788&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df435b054f4b50c771%26domain%3Dwww.vesty.co.il%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.vesty.co.il%252Ffd61d808648b50627%26relation%3Dparent.parent&container_width=824&height=100&href=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&locale=ru_RU&numposts=3&sdk=joey&version=v5.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=8e00aaaa62d7b839ebbe578ac15f6ac8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co media.tenor.com .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 05 Feb 2024 04:28:32 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0,i
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: FzyDTNPmUbknFJ3S9rsA3yV4LEfQfVwqTm3H1+1jPtSsB4h9Z4iOj+H1Kuiabb40jZd8IrUQtbGieedap1N4Cw==
x-frame-options: DENY
x-xss-protection: 0

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 80ms
79ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: application/json

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vesty.co.il
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 850868412fe81e5e-FRA

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 137ms
40ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 86400
cf-ray: 85086840efc81e5e-FRA
content-encoding: gzip
content-type: text/plain
date: Mon, 05 Feb 2024 04:28:32 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1624708336&t=timing&_s=2&dl=https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a&dp=%2Fmain%2Farticle%2Frk7aiqj4a&dh=vesty.co.il&ul=en-us&de=UTF-8&dt=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%20%D1%81%D1%83%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE%20%D1%83%D0%B6%D0%B5%D1%81%D1%82%D0%BE%D1%87%D0%B8%D0%BB%20%D0%BD%D0%B0%D0%BA%D0%B0%D0%B7%D0%B0%D0%BD%D0%B8%D1%8F%20%D1%83%D0%BA%D0%BB%D0%BE%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2605&pdt=39&dns=0&rrt=0&srt=882&tcp=79&dit=1759&clt=1912&_gst=2074&_gbt=2215&_u=YCDAgEABAAAAAGAAI~&jid=&gjid=&cid=971943362.1707107312&uid=0&tid=UA-5536870-20&_gid=1562792267.1707107312&gtm=45He41v0n71NB9MN6v72590624za200&cd1=false&cd2=0&cd3=0&cd4=2024%2F02%2F06%2006%3A28%3A33&cd12=Article&cd14=50.Vesti-13147.VNews-13229.VIsrael&cd15=%D0%92%D0%B5%D1%81%D1%82%D0%B8-Ynet&cd16=2023-11-22%2017%3A25%3A38&cd17=2023-11-22%2017%3A25%3A38&cd18=%D0%A6%D0%90%D0%A5%D0%90%D0%9B%2C%20%D0%A0%D0%B5%D0%B7%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D1%82%D1%8B%2C%20%D0%9E%D0%BF%D0%B5%D1%80%D0%B0%D1%86%D0%B8%D1%8F%20%22%D0%96%D0%B5%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B5%D1%87%D0%B8%22&cd19=rk7aiqj4a&cd21=193&cd23=Kostya%20P&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=844872468

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 18:55:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34391
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ru.json Show response
cdn.userway.org/widgetapp/2024-02-02-20-36-26/locales/ 759 B
1 KB 39ms
39ms XHR
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/locales/ru.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e90fb03c32e686e745b1119734233b4578dc1f243ffe387ddb6a1c09a2ab29b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199891
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907421
x-77-nzt: EgwBnJIhiAH30wwDAAwBnJIhJwH36QAAAA
x-accel-expires: @1732827188
x-77-age: 200124
x-cache-lb: HIT
last-modified: Fri, 02 Feb 2024 20:39:11 GMT
server: CDN77-Turbo
etag: W/"f0083a06d7c255c440a3870eb59e61dd"
x-77-nzt-ray: f6587a1d0a41d85af063c065e1bef52c
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: zsq1_9V6b3be_REv6WCI-4WPLL1BRJ3c84y344abnfkhokcRORWeDQ==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.vesty.co.il
URL: https://www.vesty.co.il/main/article/rk7aiqj4a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

276af2b9ae1b1daae8bcd2166ed84ad35f28c870cc050e31afa80b309c0faf50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 05 Feb 2024 04:28:32 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a1d7d0f8/www-widgetapi.vflset/ 216 KB
67 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a1d7d0f8/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bed34862194969206abb50c773289cfa769f3e34f4a96e6d2c1291b5e87d58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 20:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68450
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 05:17:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 03 Feb 2025 20:33:23 GMT

OPTIONS
H2 200 sync
event.dxmdp.com/rest/api/v1/ Frame 0
0 68ms
68ms Preflight 18.244.28.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync?audids=XwnuDZ2Z,awcTSkr7,GPb0deI1,zDDDMl3T,ZF4ZoHjq,j0OxwZNF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.vesty.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Mon, 05 Feb 2024 04:28:32 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1d88a25ceb508fe1d5a673b8279d4c7c.cloudfront.net (CloudFront)
x-amz-cf-id: AGBAiRiit0zSn2Iha5Lej1OcyAm-hBfmoQBRgnJxrVYdGESaLUHsVg==
x-amz-cf-pop: CDG52-P5
x-cache: Miss from cloudfront

GET
H2 200 sync Show response
event.dxmdp.com/rest/api/v1/ 78 B
600 B 67ms
67ms Fetch
application/json 18.244.28.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync?audids=XwnuDZ2Z,awcTSkr7,GPb0deI1,zDDDMl3T,ZF4ZoHjq,j0OxwZNF
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.28.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-28-11.cdg52.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: b82512dfeee1d796be2d54feef58fd8e7edd4f5e6c81e3ffa393a68e8b7010eb

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 05 Feb 2024 04:28:32 GMT
via: 1.1 b3c3867bcc3f09d634cc38a60db5bb78.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: CDG52-P5
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.vesty.co.il
access-control-allow-credentials: true
x-amz-cf-id: -WiJgOFL8QgNU_qYAUC8thu9Gd5OXYbAlGO2yEq7bUGUMDzUgAh7rg==

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
101 B 212ms
212ms XHR
text/plain 35.162.236.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=761b2ebf-7b54-4480-847a-56b0d07147b4
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.22.14.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.236.57 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-236-57.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.vesty.co.il
date: Mon, 05 Feb 2024 04:28:33 GMT
access-control-allow-credentials: true

GET
H2 200 dmp-common-iframe.html Show response
cf.dxmcdn.com/dta/ Frame A279 93 KB
32 KB 43ms
42ms Document
text/html 2600:9000:2240:e000:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=971a46c6-e399-4d1b-97c5-4385665e42a1&monitoringConfig=%7B%22uuid%22%3A%22a5beb245-2949-4a76-95f5-bddfc2ec171c%22%2C%22fieldExtractions%22%3A%5B%7B%22uuid%22%3A%221356b34b-7496-402b-963b-48ae3223249d%22%2C%22field%22%3A%7B%22name%22%3A%22Tags%22%2C%22path%22%3A%22properties.tags%22%2C%22type%22%3A%22ARRAY_OF_STRING%22%7D%2C%22type%22%3A%22GLOBAL_VARIABLE%22%2C%22expression%22%3A%22dcTags%22%7D%2C%7B%22uuid%22%3A%220cf2e723-0399-43fb-a798-42106a50b9b2%22%2C%22field%22%3A%7B%22name%22%3A%22Category%22%2C%22path%22%3A%22properties.category%22%2C%22type%22%3A%22STRING%22%7D%2C%22type%22%3A%22GLOBAL_VARIABLE%22%2C%22expression%22%3A%22dcPath%22%7D%2C%7B%22uuid%22%3A%226b18ff53-b04a-42e4-bb6c-74e6d9ff4f79%22%2C%22field%22%3A%7B%22name%22%3A%22Author%22%2C%22path%22%3A%22properties.author%22%2C%22type%22%3A%22STRING%22%7D%2C%22type%22%3A%22META_PROPERTY%22%2C%22expression%22%3A%22vr%5C%5C%3Aauthor%22%7D%5D%2C%22providerExclusions%22%3A%5B%7B%22uuid%22%3A%22ef8fc925-3bd1-4e0a-8f43-2585622685f6%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22news%2Fcategory%2F184%22%7D%2C%7B%22uuid%22%3A%22d6a5ef94-3620-4fda-a50a-3e087b9b0d66%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22ynet.co.il%2Fhome%22%7D%2C%7B%22uuid%22%3A%224547b9f2-51cc-468e-8e87-bc4e57a3e542%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22%2Fnews%2Farticle%2F%22%7D%2C%7B%22uuid%22%3A%220fd31602-e883-47cb-b1ab-10c49d6f7a9c%22%2C%22type%22%3A%22URL_CONTAINS%22%2C%22expression%22%3A%22ynet.co.il%2Fnews%22%7D%2C%7B%22uuid%22%3A%225fa84de3-2c30-4697-96f3-d2ef19938dbc%22%2C%22type%22%3A%22URL_EXACTLY_MATCH%22%2C%22expression%22%3A%22http%3A%2F%2Fwww.ynet.co.il%22%7D%5D%2C%22isDataCollectionEnabled%22%3Atrue%2C%22isDFPActivationEnabled%22%3Atrue%2C%22providerMonitoring%22%3A%7B%22uuid%22%3A%22a5beb245-2949-4a76-95f5-bddfc2ec171c%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D%7D
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/a5beb245-2949-4a76-95f5-bddfc2ec171c/dmp-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:e000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b57972978b3131b7d14ec39d91864299fdc80c0d84a5e6b3b4a739837cf507f

Request headers

Referer: https://www.vesty.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84880
content-encoding: gzip
content-type: text/html
date: Sun, 04 Feb 2024 04:53:53 GMT
etag: W/"b7c5b5df1d28b3190c229567dd2c05ae"
last-modified: Fri, 26 Jan 2024 09:03:37 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
x-amz-cf-id: Zfd_YzLlFX8kJf-TOJ3UoHIweVzojnRVNxJoYEfvm6U-8Y44-Oq5AA==
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: Ipt9tvGfG_K0ht4ZgAgJP75UeszD9NhW
x-cache: Hit from cloudfront

GET
H2 200 remediation_1706906186205.js Show response
cdn.userway.org/widgetapp/2024-02-02-20-36-26/remediation/ 112 KB
30 KB 101ms
100ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/remediation/remediation_1706906186205.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ebe545e62053e86625ae7cc3279615e7174dbb78f42c9778707931aebebb2cde

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:33 GMT
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199951
x-amz-cf-pop: FRA60-P3
age: 731
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907362
x-77-nzt: EgwBnJIhiAH3Dw0DAAwB1GY4EQH3sgAAAA
x-accel-expires: @1732827184
x-77-age: 200129
x-cache-lb: HIT
last-modified: Fri, 02 Feb 2024 20:39:11 GMT
server: CDN77-Turbo
etag: W/"e02bb541856dfbf1d4b8deab93203b05"
x-77-nzt-ray: f6587a1d0a41d85af163c0653bf57e0f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: bb-IyR0JW4HUnO1bPi5V-T1TNg8Xxu8MymmzTPsgh0420sn76tTttw==

GET
H2 200 GCkYaaCzyYoVrPuS.json Show response
cdn.userway.org/remediations/consolidated/2572728/ 953 KB
143 KB 48ms
48ms XHR
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2572728/GCkYaaCzyYoVrPuS.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 85f9e1cac453830b993fc868763920c36af2f04a0996140c86b050186ec345fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:33 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 166700
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706940613
x-77-nzt: EgwBnJIhiAH3LIsCAAwBJRPCNAH3OQAAAA
x-accel-expires: @1738476556
x-77-age: 166757
x-cache-lb: HIT
last-modified: Sat, 03 Feb 2024 06:09:15 GMT
server: CDN77-Turbo
etag: W/"e7a766f640b8695354e80a2c6de825f5"
x-77-nzt-ray: f6587a1d0a41d85af163c065c696780f
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: YcUhnJdFLANdUBei-U7Q71iimMQc5t2LTxNpsCgwodh16owYO42Arw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 42ms
41ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:33 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199955
x-amz-cf-pop: FRA60-P3
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907358
x-77-nzt: EgwBnJIhiAH3Ew0DAAwBJRPCNAH3sgAAAA
x-accel-expires: @1732827180
x-77-age: 200133
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: f6587a1df728ad59f163c06568210811
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: WoGZ3Y_skbRieXtOHDeEGueNZPjTRePkgDA56Y_RFTdTIc50R3c8ow==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:33 GMT
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199955
x-amz-cf-pop: FRA60-P3
age: 4
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907358
x-77-nzt: EgwBnJIhiAH3Ew0DAAwBnJIhHwH3sgAAAA
x-accel-expires: @1732827180
x-77-age: 200133
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: f6587a1df728ad59f163c065fcce0d11
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: grlSASHQg3vPIwiH28xmEvARLVhLe_DZxFR5poK6kmwMiPiH2G_Tow==

GET
H2 200 remediation-tool.js Show response
cdn.userway.org/remediation/paid/ 49 KB
18 KB 41ms
40ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706906186205
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b8f9b0f28637041e05cd76c465d90599cb81e8845e4958b5da7517fda7e57982

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:33 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199951
x-amz-cf-pop: FRA60-P3
age: 730
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907362
x-77-nzt: EgwBnJIhiAH3Dw0DAAwB1GY4EQH3sQAAAA
x-accel-expires: @1732827185
x-77-age: 200128
x-cache-lb: HIT
last-modified: Fri, 02 Feb 2024 20:39:17 GMT
server: CDN77-Turbo
etag: W/"fd1af69dd4c552316ce8fc439e082ffe"
x-77-nzt-ray: f6587a1d0a41d85af163c065163cb417
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: hNRfwPgxQAE4fjA-B6fKqPNzr0SjCD8_9iA20Uop3EwoFs0A2wbAPA==

GET
H2 200 GCkYaaCzyYoVrPuS.json Show response
cdn.userway.org/remediations/consolidated/2572728/ 953 KB
143 KB 41ms
41ms Fetch
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/2572728/GCkYaaCzyYoVrPuS.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706906186205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 85f9e1cac453830b993fc868763920c36af2f04a0996140c86b050186ec345fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vesty.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:33 GMT
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 166700
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706940613
x-77-nzt: EgwBnJIhiAH3LIsCAAwBJRPCNAH3OQAAAA
x-accel-expires: @1738476556
x-77-age: 166757
x-cache-lb: HIT
last-modified: Sat, 03 Feb 2024 06:09:15 GMT
server: CDN77-Turbo
etag: W/"e7a766f640b8695354e80a2c6de825f5"
x-77-nzt-ray: f6587a1d0a41d85af163c065778a541a
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
content-type: application/json
x-amz-cf-id: YcUhnJdFLANdUBei-U7Q71iimMQc5t2LTxNpsCgwodh16owYO42Arw==

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ Frame 0
0 323ms
199ms Preflight 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2FCnt%2FImages%2FWeather%2F1540.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Mon, 05 Feb 2024 04:28:34 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WqEQAACAGKxyXEAAA
x-77-nzt-ray: 4c1562242e0372c2f263c06511fabe09
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-ca87f731

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ 208 B
774 B 39ms
39ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2FCnt%2FImages%2FWeather%2F1540.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706906186205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 33e3a50eed9b8ba1c90b195e4bb1d2b17c998597c5230c921e657453bff22812

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:34 GMT
content-encoding: gzip
x-age-lb: 92930
x-77-cache: HIT
x-accel-date: 1707014384
x-service-version: img-dscr-srv-ca87f731
x-77-nzt: EgwBw7WqEQH3AmsBAAwBisclxAH3KrgDAA
x-accel-expires: @1707375430
x-77-age: 336684
x-cache-lb: HIT
server: CDN77-Turbo
etag: W/"d0-1YX5EYTHz/o6cSoAiRnklcW+Hfw"
x-77-nzt-ray: 4c1562242e0372c2f263c0651b33a915
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

GET
H2 200 nav_menu_helper_1706906186205.js Show response
cdn.userway.org/widgetapp/2024-02-02-20-36-26/remediation/ 23 KB
7 KB 40ms
39ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/remediation/nav_menu_helper_1706906186205.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-02-02-20-36-26/widget_app_base_1706906186205.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038

Request headers

Referer: https://www.vesty.co.il/
Origin: https://www.vesty.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:34 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 199950
x-amz-cf-pop: DUS51-P1
age: 729
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1706907364
x-77-nzt: EgwBnJIhiAH3Dg0DAAwBisclxAH3swAAAA
x-accel-expires: @1732827185
x-77-age: 200129
x-cache-lb: HIT
last-modified: Fri, 02 Feb 2024 20:39:11 GMT
server: CDN77-Turbo
etag: W/"f270f813f648a284d50fe8f345c21bdc"
x-77-nzt-ray: f6587a1d0a41d85af263c065819cd317
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: HbufcmohMRSFqfHXQVvWd1Wu1B-PFSpnbbfE69u2t1fyJobgJeIGJg==

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ Frame 0
0 515ms
515ms Preflight 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages1.ynet.co.il%2F%2FPicServer5%2F2019%2F05%2F13%2F9242159%2FDOAR_ADOM_A.gif%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Flh3.googleusercontent.com%2F6iu8TueMYvXyIgUzkmSLFnDbzFKaoGGwg1ZGgrfHfb09AsZW0kI5pNALo4FdRjON3wXw5T-8fAmXkm2Z0nAjWhmhZ93NV_3Ju3zNG53REx1oL0vI9pA%3Dh60%22%2C%22alt%22%3A%22Welcome%20to%20Vesty%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2022%2F10%2F09%2Fryl6wmEx7o%2Fryl6wmEx7o_0_47_1030_580_0_x-large.jpg%22%2C%22alt%22%3A%22%D7%9C%D7%95%D7%97%D7%9E%D7%99%20%D7%95%D7%9C%D7%95%D7%97%D7%9E%D7%95%D7%AA%20%D7%94%D7%9E%D7%A2%D7%91%D7%A8%D7%99%D7%9D%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fpicserver5%2Fwcm_upload%2F2023%2F01%2F10%2FSy811PC5qj%2F____.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.vesty.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Mon, 05 Feb 2024 04:28:35 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBw7WqEQAACAGKxyXBAAA
x-77-nzt-ray: 4c1562242e0372c2f363c065d19b7d02
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-ca87f731

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/ 979 B
1 KB 256ms
256ms Fetch
application/json 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/TMdH3tdGg3/2572728/RLqwMG7OTpTSzPtC/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fimages1.ynet.co.il%2F%2FPicServer5%2F2019%2F05%2F13%2F9242159%2FDOAR_ADOM_A.gif%22%2C%22alt%22%3A%22%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Flh3.googleusercontent.com%2F6iu8TueMYvXyIgUzkmSLFnDbzFKaoGGwg1ZGgrfHfb09AsZW0kI5pNALo4FdRjON3wXw5T-8fAmXkm2Z0nAjWhmhZ93NV_3Ju3zNG53REx1oL0vI9pA%3Dh60%22%2C%22alt%22%3A%22Welcome%20to%20Vesty%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fpicserver5%2Fcrop_images%2F2022%2F10%2F09%2Fryl6wmEx7o%2Fryl6wmEx7o_0_47_1030_580_0_x-large.jpg%22%2C%22alt%22%3A%22%D7%9C%D7%95%D7%97%D7%9E%D7%99%20%D7%95%D7%9C%D7%95%D7%97%D7%9E%D7%95%D7%AA%20%D7%94%D7%9E%D7%A2%D7%91%D7%A8%D7%99%D7%9D%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fynet-pic1.yit.co.il%2Fpicserver5%2Fwcm_upload%2F2023%2F01%2F10%2FSy811PC5qj%2F____.png%22%2C%22alt%22%3A%22%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1706906186205
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 17d995d189c667b045c672555a08143e54588e479a92d9768e5fa373cc334fc9

Request headers

Referer: https://www.vesty.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Mon, 05 Feb 2024 04:28:35 GMT
content-encoding: gzip
x-77-cache: MISS
x-service-version: img-dscr-srv-ca87f731
x-77-nzt: EggBw7WqEQFBCAGKxyXBAUE
x-cache-lb: MISS
server: CDN77-Turbo
etag: W/"3d3-W8fi+1Q6K0HaIENostM2pizjIpw"
x-77-nzt-ray: 4c1562242e0372c2f363c0658ef44221
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

GET json
trc.taboola.com/ynet-vesty/trc/3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.google.com
URL: https://ads.google.com/

Domain: trc.taboola.com
URL: https://trc.taboola.com/ynet-vesty/trc/3/json?tim=05%3A28%3A37.228&lti=deflated&data=%7B%22id%22%3A946%2C%22ii%22%3A%22%2Fmain%2Farticle%2Frk7aiqj4a%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1707070326743%2C%22vi%22%3A1707107317225%2C%22cv%22%3A%2220240204-39-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.vesty.co.il%2Fmain%2Farticle%2Frk7aiqj4a%22%2C%22vpi%22%3A%22%2Fmain%2Farticle%2Frk7aiqj4a%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2240%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22alternating-thumbnails-abc%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Page%20Article%20Thumbnails%20ND%22%2C%22orig_uip%22%3A%22Mid%20Page%20Article%20Thumbnails%20ND%22%2C%22cd%22%3A1208.6875%2C%22mw%22%3A824%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-z-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%20ND%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%20ND%22%2C%22cd%22%3A1286.390625%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbs-feed-01-b-nd%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Wide%20ND%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Wide%20ND%22%2C%22cd%22%3A1748.6875%2C%22mw%22%3A824%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmain%2Farticle%2Frk7aiqj4a%2CBelow%20Article%20Thumbnails%20Wide%20ND%3Dthumbs-feed-01-b-nd%3Aabp%3D0%2C%2CMid%20Page%20Article%20Thumbnails%20ND%3Dalternating-thumbnails-abc%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%20ND%3Dthumbnails-z-nd%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2

Verdicts & Comments Add Verdict or Comment

284 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vesty.co.il/	1970-01-21 02:50:11	Name: dcsyncundefined Value: true
www.vesty.co.il/	1970-01-21 02:50:11	Name: tmcundefined Value: 1
.vesty.co.il/	1970-01-20 20:21:23	Name: _gcl_au Value: 1.1.1478593185.1707107312
.vesty.co.il/	1970-01-21 03:47:47	Name: _ga_HBGSDK9P6D Value: GS1.1.1707107312.1.0.1707107312.0.0.0
www.vesty.co.il/	1970-01-20 18:11:49	Name: __browsiSessionID Value: 8d5faece-7e55-4ae1-8f3f-e8ac209f7f5b&false&false&DEFAULT&de&desktop-4.22.14&false
www.vesty.co.il/	1970-01-21 02:57:23	Name: __browsiUID Value: a089a727-be3c-4c70-8d15-8cbe56c23cab
.vesty.co.il/	1970-01-21 03:47:47	Name: _ga Value: GA1.3.971943362.1707107312
.vesty.co.il/	1970-01-20 18:13:13	Name: _gid Value: GA1.3.1562792267.1707107312
.vesty.co.il/	1970-01-20 18:11:47	Name: _dc_gtm_UA-5536870-20 Value: 1
trinitymedia.ai/	1970-01-20 18:21:52	Name: AWSALBCORS Value: a/mEDw2wCZwQcdgq1Fft3CuD/cUPNXPzNlXwRzpi+Qe12YDebHSiJOidbsF57SepKOZ926stGiAlXSg16u53WbFYEyCaW9EWOIHrjiK16XqIAjQIM+a2Y8OQdiOX
.vesty.co.il/	1970-01-20 20:21:23	Name: _fbp Value: fb.2.1707107312405.677935626
www.vesty.co.il/	1970-01-21 02:57:23	Name: TRINITY_USER_DATA Value: eyJ1c2VySWRUUyI6MTcwNzEwNzMxMjUwNH0=
www.vesty.co.il/	1970-01-21 02:57:23	Name: TRINITY_USER_ID Value: 015ed407-e253-4bf0-b482-f2207b6382d6
.dxmdp.com/	1970-01-21 03:47:47	Name: dmpid Value: 971a46c6-e399-4d1b-97c5-4385665e42a1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qYfg7c58yGE
.youtube.com/	1970-01-20 22:30:59	Name: VISITOR_INFO1_LIVE Value: ROmqZAHO1qg
.vesty.co.il/	1970-01-20 18:21:52	Name: dmp-FE-cookie-dmpid Value: 971a46c6-e399-4d1b-97c5-4385665e42a1
.vesty.co.il/	1970-01-20 18:21:52	Name: dmp-FE-cookie-ts Value: 1707063148251
.dxmdp.com/	1970-01-21 03:47:47	Name: audids Value: XwnuDZ2Z%2CawcTSkr7%2CGPb0deI1%2CzDDDMl3T%2CZF4ZoHjq%2Cj0OxwZNF

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.flowplayer.com/releases/native/translations/flowplayer.lang.ru.js Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript	error	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Access to fetch at 'https://ads.google.com/' from origin 'https://www.vesty.co.il' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://ads.google.com/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cdn.permutive.com/fe68d1f7-c9f4-45b3-8905-7cda73d3fd74-web.js?d=2024-02-05 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/935048389980151?v=2.9.144&r=stable&domain=www.vesty.co.il&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.vesty.co.il/main/article/rk7aiqj4a Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
ads.google.com
api.btloader.com
api.userway.org
btloader.com
cdn.browsiprod.com
cdn.flowplayer.com
cdn.permutive.com
cdn.taboola.com
cdn.userway.org
cdn77.api.userway.org
cf.dxmcdn.com
cloudflareinsights.com
connect.facebook.net
event.dxmdp.com
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gum.criteo.com
images1.ynet.co.il
imasdk.googleapis.com
lh3.googleusercontent.com
mrb.upapi.net
region1.google-analytics.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tags.dxmdp.com
totalmedia2.ynet.co.il
tr.dxmcdn.com
trc.taboola.com
trinitymedia.ai
vd.trinitymedia.ai
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.vesty.co.il
www.ynetnews.com
www.youtube.com
yandex.ru
yastatic.net
yield-manager.browsiprod.com
ynet-pic1.yit.co.il
ads.google.com
trc.taboola.com
13.224.103.122
13.32.27.3
130.211.23.194
142.250.185.70
143.204.98.111
151.101.129.44
18.244.28.11
18.66.97.37
184.30.21.140
2001:4860:4802:34::36
216.239.38.21
2400:52e0:1e00::1082:1
2600:1f14:5db:eb11:c921:e0ee:d11d:eb7
2600:9000:2240:e000:11:da61:a100:93a1
2606:4700:10::6816:4ad8
2606:4700:20::681a:346
2606:4700:20::681a:91b
2606:4700:4400::ac40:985d
2606:4700::6810:3965
2606:4700::6811:7711
2a00:1450:4001:800::200a
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9b
2a02:2638:3::c
2a02:6b8:20::215
2a02:6b8:a::a
2a02:6ea0:c700::17
2a02:6ea0:c700::19
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.200.98.54
35.162.236.57
003241d1a155418bef20320f23819a7234f1c4ee67f8f9f1cd4c788184b46031
018144810275161f79a9ef6fe1708661f13c78fc5d5d87770a3bfc90c9be8ad5
020790698720b9ccdb8aef579801fb9ba5674c99845461f6fbc4d109a8607208
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05e60e2cff076eb5258e6dafd3d5f6507ab8d7ca1efe1217934551ce008e6749
0b36051a6fb8e5f6514f0abecfb0164d777b2dad5853fd751a55cdf7a4459a78
0b9888c8bd9c6a35c278cf20603448df08f1e42652193713a01a91fbc9140aad
0c59a4311973393ca533b13f245d027fb9acd2c40b23ddb6c75d1c53196a3b96
0c790dc13673b1b5ceb1fb73033fc004a8ab68237af2f493e7c1a196a41edc3c
1100fa96bd3e19c286b7f41f7bbbbb8b73bc4d757ed0f5843380fe25e62fec34
11dbe46578266e04259c1ca0a713ffbf86c3803b94a379e5fc6ef8a381095084
17a039087b7ffee500196f00b651585da8e6f5e1094eb91200cbbe278042a88d
17d995d189c667b045c672555a08143e54588e479a92d9768e5fa373cc334fc9
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19ce1ff8a4b2b971c754ab8b5fb7ea04f25735f47257b9b04017a0791618555a
1a125935da70c13b8e02899542b319dde2d65cee1abc837f5743edd9153a3ed1
1bb849d686c7895ea95a8563b9a206a3681a30e063a6b80b75b5556c6264689d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f0cd7c2795df1dcce059d553cb1d9b88170cb9e66310a06fce4104965852394
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
26e69d65fd152b11b14df718e88761a7d6925c90269f8c48118744ba9119b90d
276af2b9ae1b1daae8bcd2166ed84ad35f28c870cc050e31afa80b309c0faf50
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
2a553df845d177b46293aab2013860f307d903ee751bd008e37786f04fa7c50a
2f2670e4f67d0c775f37608159388c8d7b8fe9623edf09fe619a258bc49dd916
30037f45c07578d12a92602f457e862ee1ef17d8675cf65da7e3c94e82e31845
316403557ab46c8ff87770cc64da974db5c96ab172bd6f279fbb82fed792b9b4
33e3a50eed9b8ba1c90b195e4bb1d2b17c998597c5230c921e657453bff22812
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038
384b7076a112b0df4a6cc5ccf089f1b5799df685a16e261bfeb29c0a6d40020a
38513b02fba1d9b388273014b74b38a7c5abb9db272defe734bcd16e97218d0d
3bed34862194969206abb50c773289cfa769f3e34f4a96e6d2c1291b5e87d58b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dc8e482ec8a9c56efec00e46e88e84f3a7ccdf0ade53d5c89c4d679469cdabb
411894ccedaccf5d8ed015f0d3105ee290ac7c40524628660122406c382569f6
417b25971c9f1ce8d75df5fa7d73005730f3c6790aa2cc0679443c1f2f6bce0d
461b089258235b416226d5ece6052923a1135af7c1f73f683d2fe93353153a9d
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
484119f30a2b2f2f97fae13a7543386ff74b983bdd33cd8a825c7f79c4f81e92
48f890075381c927dd3fb4c4ce0033f68b0e6f36aff84d1dcdc1b4173f796845
49b6f7a70ee3d7f71c178641dec7c2b4cae50de328e404d593f7318d9a8b6c9b
4b57972978b3131b7d14ec39d91864299fdc80c0d84a5e6b3b4a739837cf507f
4be584cf84d56b329d288e1e069f202e91330b12a6f16fa61670db50a3ce9eda
4ccd29213ebc22e63d1918c0a7597d6a2a19fa0b85d15e7a288b872e25560a80
5147e8d55fc17381fff62b6f5de9f019e822a358aca5459bd019c5ec640ad8dd
5173b274ddb18563c2149f25eae46a886d6adea29a2648773a917055098d142e
5c319d54f7e167911f7f7a246e2c307cdb1387e449e4a772300ba6f8400d01c8
5f30d3405a37faa318ceb86a27ad1f685d8d8acc8ce95701ab308ba388ca3e4e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6a3c1dbc8dc5c82b37ff464bed6ef0db6796e7a72120d7a86e36283db3ca177f
6fae11c9c633cff7b1d502c425ad3a3805f08824d583e8109e50e7790b1cc060
7d7316f49cab1183391beaff45e8c99e0937990a77dbb960659d79f221622444
7e17259cb4b6646414d3b3e2a11699d48b3ebd06dccde8c61a3e82d12104db17
80087da8f89f2a1d11045cafd56b19c4d9d78461ae890b9113c4bc29fdc4fbc0
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf
85f9e1cac453830b993fc868763920c36af2f04a0996140c86b050186ec345fe
867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b
8783883968da07275df5ed817ae769253fa3a51509283f371d81aff455039d8b
87d3b26f33f39e3bb4b4c1f2291f906ad5826c4d9624a08f0db8a2163a9df369
8cc194b1705d7394cd82ff580db35357e2a1c28c59d7361469edb9d48c43f295
9176dfafa2beac923666d80208d52163366268d65a3f6d4c9c7dc062f13db1fc
9615049edd32a33f0f3f46bc6afc9f0b5dd6f8ca372ee4c94159af10ce8ad9ba
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97410ffa08344b61c17b47069c041c25b4c83c7c3950535be02cc90fccdb1b93
9b1645d05205c0de76ee78715ddbbbe2a5e4b2fe9f5faee9037e070c07691212
9e2e0035c524489980c5b0a7569f33dd86457cf4237d7323fda625f93ada5446
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9e7b8e362b53e61c3bef11f0a0e32810f41ade92a74bb97aa1b7d58adc6cd346
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a0f3bdce8ab00155fb5f2245b44445ad7ca366360a63e37778ab182c8bf24511
a2d58e29c3c454ef9b3e47ea01f4c5ddf2027f9c583d1104f0c26ccaf2aeb426
a3f48c9d80f4f4a6360437b1d44e91684428a008caf42d71cf23c8f2bcc8987d
a66f31695f3465396279bf1a863181f7511c5fc1bf42808b6393a96091b1acdc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
aa2478257a2f98ee465b9336fa1c3f468d593a61378e674c81f3e71073405d8f
aa464839adf45e76d965f6c8e5242d5cd80d15713e5a5372f21d9fba1109976e
aace298e700157aedcfe9b062cc530a67ece01ad08c3af7fe8a52be86bc01d04
ab32b2c4c4edb597ff057500e0716830305580857189e611e5b07acbba87d78a
abd687c3244a5dd8145325b0935e0508959f378ec61fce5dd1f7cd114e278616
b43e259d225a28f05b569877f8f49f89f9854d3cb26f3e331b753bc78791c33d
b7c75468e63bbfc47e9b7e43bf8c709185836b2868ea3a893339966c208435c5
b82512dfeee1d796be2d54feef58fd8e7edd4f5e6c81e3ffa393a68e8b7010eb
b8f9b0f28637041e05cd76c465d90599cb81e8845e4958b5da7517fda7e57982
bda54ff484b57ad77f4eb42d520a94b192bd30a28691103efeb02c39b0095424
c215d6b2d6b667788d0895e2531ab835706bed658f374a88e9e3eb07f303f761
c2e8fb14b1e0aab8514cfb56c1e62417ba717b034a397017696cfa9e517b0f6b
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c523e30323b8fc361b5e812643fd508475144e0835d95493c078edfc61520b3f
c721ff6b7a55b7e2c6d78a6956d5308f750e9bd6896ee2569955740fdc1c1f4d
c9080387801ea7c0d202021563e4cc47e205dfe238953109c6f39348cb9a5533
cab9d462a9a175760c61a7064803d06ffef31dedbf1f1e60a0a32a5cb2f3c273
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3046408d74849e846692bcd0e7f8d419e10828742209bfb37bc1faaba918e2f
d47e6468e1430d380742ead721a7621b3c2675385d5d069135ea0611bb93b863
d495196778de17f4f47f079b210a67d8a60efc38badb945498d6803c175099ac
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d6cdb6570660f6cc2ab311a53a12a3f547e706f2409d8817185bd2be74d24a19
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daa8bc4312e8a5c936e55144c18f3232cb013593ae25cfe616e487611b754e1b
daaa8665415c17083651c7dca5faa946d3c406ee11458c57a54d6c7867b2f4af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df69087d551c81123be79901817746b3989b89049c4423f90972be0aea4c7d1f
e09765300c2e29172a5fc60a7353c34827a85a744c691c5669bf993b199c2b0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad0dc51bf664e99ec8972b86f9b9aefbf1b3a972914432def0a715146b9c3c
e90fb03c32e686e745b1119734233b4578dc1f243ffe387ddb6a1c09a2ab29b0
e9279aa82470c7b0c894eb3ecbaabceb01423a632d9fbc7460c560f11a99abad
ea1a9b993dbc93ca4669209f552aead7852ea68031cf347990078369adf47072
eb5c7a49383453eb044f776bfd49fd0159154d8062ce593f8a1968f55ba7b3c5
ebe545e62053e86625ae7cc3279615e7174dbb78f42c9778707931aebebb2cde
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb29ea5ade3b55dbd6b9c2f543eb9f8d6bb4fa609ff5465847c31cedea234049
fb408a3f4c5c7ba9cd3672310df56a5a9a5f6e9fa36e73e20b54c643614f0af8

www.vesty.co.il Open in urlscan Pro 184.30.21.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

97 %HTTPS

71 %IPv6

31 Domains

49 Subdomains

41 IPs

5 Countries

5080 kBTransfer

17684 kBSize

19 Cookies

7 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vesty.co.il Open in urlscan Pro
184.30.21.140 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

97 %
HTTPS

71 %
IPv6

31
Domains

49
Subdomains

41
IPs

5
Countries

5080 kB
Transfer

17684 kB
Size

19
Cookies

131 HTTP transactions
19 data transactions