URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Submission: On July 31 via manual from IL

Summary

This website contacted 50 IPs in 11 countries across 50 domains to perform 221 HTTP transactions. The main IP is 104.79.89.90, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.yediot.co.il.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 5th 2021. Valid for: a year.
This is the only time www.yediot.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 104.79.89.90 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 35.201.85.158 15169 (GOOGLE)
3 104.103.80.80 16625 (AKAMAI-AS)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 216.58.212.162 15169 (GOOGLE)
48 151.101.13.44 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 35.186.243.63 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 142.250.185.226 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 178.63.13.144 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f12... 32934 (FACEBOOK)
4 6 142.250.181.226 15169 (GOOGLE)
2 17 141.226.228.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.106.33.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 6 76.223.111.131 16509 (AMAZON-02)
4 4 185.94.180.126 35220 (SPOTX-AMS)
8 8 52.28.167.107 16509 (AMAZON-02)
3 3 23.111.200.118 7979 (SERVERS-COM)
4 4 66.155.71.25 13768 (COGECO-PEER1)
2 2 54.78.254.47 16509 (AMAZON-02)
4 4 35.227.248.159 15169 (GOOGLE)
2 2 3.120.43.188 16509 (AMAZON-02)
2 2 2.19.35.65 16625 (AKAMAI-AS)
4 104.109.78.125 16625 (AKAMAI-AS)
6 12 69.173.144.138 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 1 185.29.132.245 30419 (MEDIAMATH...)
2 2 151.101.14.49 54113 (FASTLY)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 2 198.148.27.140 19189 (PULSEPOINT)
1 185.33.221.89 29990 (ASN-APPNEX)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 216.52.2.19 29791 (VOXEL-DOT...)
1 185.86.138.114 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 172.104.121.22 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 49.12.13.182 24940 (HETZNER-AS)
2 2 18.195.66.88 16509 (AMAZON-02)
1 2 35.244.159.8 15169 (GOOGLE)
1 18.214.172.53 14618 (AMAZON-AES)
1 2 76.223.111.18 16509 (AMAZON-02)
1 2a04:4e42:3::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
221 50
Apex Domain
Subdomains
Transfer
70 taboola.com
cdn.taboola.com
trc.taboola.com
sync.taboola.com
15.taboola.com
il-trc-events.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
c3.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
match.taboola.com
pips.taboola.com
cds.taboola.com
2 MB
32 yediot.co.il
www.yediot.co.il
site.yediot.co.il
428 KB
19 ynet.co.il
totalmedia2.ynet.co.il
dy2.ynet.co.il
images1.ynet.co.il
www.ynet.co.il
3 MB
18 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
30 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
665 KB
14 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
141 KB
11 google.com
www.google.com
72 KB
8 bidswitch.net
x.bidswitch.net
3 KB
7 facebook.com
graph.facebook.com
www.facebook.com
1 KB
6 adsrvr.org
match.adsrvr.org
3 KB
5 exposebox.com
server.exposebox.com
sf.exposebox.com
35 KB
4 tapad.com
pixel.tapad.com
2 KB
4 sitescout.com
pixel-sync.sitescout.com
3 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 google-analytics.com
www.google-analytics.com
39 KB
4 tinypass.com
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
146 KB
3 betweendigital.com
ads.betweendigital.com
2 KB
3 google.de
www.google.de
280 B
3 facebook.net
connect.facebook.net
168 KB
3 cxense.com
cdn.cxense.com
comcluster.cxense.com
34 KB
3 googletagmanager.com
www.googletagmanager.com
125 KB
2 3lift.com
eb2.3lift.com
736 B
2 openx.net
u.openx.net
504 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
1 KB
2 yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
667 B
2 sportradarserving.com
a.sportradarserving.com
2 KB
2 exelator.com
loadm.exelator.com
1 KB
2 youtube.com
www.youtube.com
43 KB
2 googleadservices.com
www.googleadservices.com
15 KB
1 postrelease.com
jadserve.postrelease.com
540 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
363 B
1 criteo.com
dis.criteo.com
568 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 pubmatic.com
simage2.pubmatic.com
545 B
1 adnxs.com
ib.adnxs.com
681 B
1 mathtag.com
sync.mathtag.com
632 B
1 rlcdn.com
id.rlcdn.com
66 B
1 npttech.com
www.npttech.com
3 KB
1 googleapis.com
fonts.googleapis.com
589 B
1 bootstrapcdn.com
stackpath.bootstrapcdn.com
7 KB
1 promisejs.org
www.promisejs.org
3 KB
0 demdex.net Failed
dpm.demdex.net Failed
0 outbrain.com Failed
widgets.outbrain.com Failed
0 cloudfront.net Failed
d1clufhfw8sswh.cloudfront.net Failed
221 50
Domain Requested by
25 www.yediot.co.il www.yediot.co.il
15 images.taboola.com www.yediot.co.il
vidstat.taboola.com
13 images1.ynet.co.il www.yediot.co.il
11 cdn.taboola.com www.yediot.co.il
cdn.taboola.com
11 www.google.com 1 redirects www.yediot.co.il
site.yediot.co.il
www.gstatic.com
www.google.com
10 www.gstatic.com www.google.com
www.gstatic.com
9 sync.taboola.com 2 redirects server.exposebox.com
am-match.taboola.com
imprammp.taboola.com
9 trc.taboola.com cdn.taboola.com
am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
8 x.bidswitch.net 8 redirects
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
7 site.yediot.co.il www.yediot.co.il
site.yediot.co.il
6 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
6 match.adsrvr.org 5 redirects eus.rubiconproject.com
6 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
6 cm.g.doubleclick.net 4 redirects eus.rubiconproject.com
6 www.facebook.com site.yediot.co.il
5 token.rubiconproject.com 3 redirects eus.rubiconproject.com
5 fonts.gstatic.com www.google.com
4 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
4 pixel.tapad.com 4 redirects
4 pixel-sync.sitescout.com 4 redirects
4 sync.search.spotxchange.com 4 redirects
4 www.google-analytics.com www.googletagmanager.com
www.yediot.co.il
www.google-analytics.com
4 server.exposebox.com www.yediot.co.il
sf.exposebox.com
server.exposebox.com
3 ads.betweendigital.com 3 redirects
3 il-trc-events.taboola.com
3 www.google.de site.yediot.co.il
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
3 connect.facebook.net site.yediot.co.il
connect.facebook.net
3 www.googletagmanager.com www.yediot.co.il
site.yediot.co.il
3 securepubads.g.doubleclick.net www.yediot.co.il
securepubads.g.doubleclick.net
3 dy2.ynet.co.il www.yediot.co.il
2 eb2.3lift.com 1 redirects
2 u.openx.net 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ce.lijit.com 1 redirects
2 bh.contextweb.com 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 loadm.exelator.com 2 redirects
2 c3.taboola.com
2 imprammp.taboola.com www.yediot.co.il
vidstat.taboola.com
2 15.taboola.com cdn.taboola.com
2 www.youtube.com www.yediot.co.il
www.youtube.com
2 www.googleadservices.com www.googletagmanager.com
www.googleadservices.com
2 stats.g.doubleclick.net www.google-analytics.com
2 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
2 experience.tinypass.com www.yediot.co.il
cdn.tinypass.com
2 totalmedia2.ynet.co.il www.yediot.co.il
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 jadserve.postrelease.com
1 match.taboola.com
1 bidswitch-eu.splicky.com 1 redirects
1 bttrack.com
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 simage2.pubmatic.com
1 ib.adnxs.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 ads.yahoo.com eus.rubiconproject.com
1 sync.mathtag.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 comcluster.cxense.com www.yediot.co.il
1 buy.tinypass.com cdn.tinypass.com
1 cdn.tinypass.com experience.tinypass.com
1 sf.exposebox.com server.exposebox.com
1 graph.facebook.com www.yediot.co.il
1 www.ynet.co.il www.yediot.co.il
1 www.npttech.com www.yediot.co.il
1 fonts.googleapis.com www.yediot.co.il
1 stackpath.bootstrapcdn.com www.yediot.co.il
1 www.promisejs.org www.yediot.co.il
0 dpm.demdex.net Failed
0 widgets.outbrain.com Failed www.yediot.co.il
0 d1clufhfw8sswh.cloudfront.net Failed www.yediot.co.il
221 81
Subject Issuer Validity Valid
qa.vesty.co.il
DigiCert SHA2 Secure Server CA
2021-04-05 -
2022-04-13
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-15 -
2022-06-14
a year crt.sh
*.exposebox.com
Go Daddy Secure Certificate Authority - G2
2020-09-10 -
2021-10-12
a year crt.sh
json.ynet.co.il
GeoTrust RSA CA 2018
2021-06-15 -
2022-06-20
a year crt.sh
www.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-05 -
2021-09-27
3 months crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA
2020-09-17 -
2021-09-17
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.cxense.com
DigiCert SHA2 Secure Server CA
2021-05-21 -
2022-05-26
a year crt.sh
*.google.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
www.google.de
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.google.de
GTS CA 1C3
2021-06-28 -
2021-09-20
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-07-08 -
2021-08-25
2 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2020-05-07 -
2022-05-12
2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2021-05-18 -
2022-06-19
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-29 -
2022-03-29
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.postrelease.com
Amazon
2021-01-28 -
2022-02-25
a year crt.sh
*.3lift.com
Amazon
2021-06-12 -
2022-07-11
a year crt.sh

This page contains 11 frames:

Primary Page: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Frame ID: E53F93D23FE4510BF5B960B754D37BA3
Requests: 118 HTTP requests in this frame

Frame: https://site.yediot.co.il/web/generics/leads/YediotLead/
Frame ID: 64B38DDC81EBB30FB36FE9CA0A6322FA
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Frame ID: 44B7A977E4A19846837E4393B5051157
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Frame ID: C458ADB2C2DE10B3601630F72C719DDD
Requests: 11 HTTP requests in this frame

Frame: https://server.exposebox.com/dmp/iftags?c=17
Frame ID: 8FFCA7EFB438174FFEBE6701F1881A24
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=CDA1ADFD9208551789856535566&cicmp=1337627&cijs=1&dast=V7AO8CFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBugHHENiMBYkGok5GQxXq8VuOFxsNpPhYjdYDqZgsIXP6e5uQwaaTofPda_X_X535cvk9JvuGr9dafbLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwD4JkDoR2ez8Nn9_sDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GKIokW6GwwS2IKoYLWIEQAAAEC24vLx0aROqCyq_v___60ArgAAAvT8f-LGsm5OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCaEI5CT1rQw8yMGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAgMseJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SZiWW0cdl8a8FoY3GLJsvRWmEaTtaS3chlMk08poXFuBa9PqbfzObZDYd7fJDFbq7YDOeSwWauWC5XCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
Frame ID: FA167AC5340AB69BDA2C7D94C8298E19
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C3696562D6639939F85D5A4B2AB51720
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: C00F0E20E4313D25202A8EC45BEE8FBE
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: A2AF5A7B6CDCFDFB6DF290888B1DBC00
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: D486404B0F01AB7125E6700D5F1FB61E
Requests: 12 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ
Frame ID: 29E7F29A84443FA13039BF5029D3BCB1
Requests: 22 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

221
Requests

96 %
HTTPS

38 %
IPv6

50
Domains

81
Subdomains

50
IPs

11
Countries

6859 kB
Transfer

11735 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1024944910/?random=753664186&cv=9&fst=1627763207898&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&auid=1697189727.1627763208&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=B7IFYYCrONez3gOVx4WQCA&sscte=1&crd=&eitems=ChAI8OmTiAYQvpzo1NqOvoEJEh0AH2LqZiamf1Glu43m_3ms20kQ_5q9adzxaxVsaQ HTTP 302
  • https://www.google.com/pagead/1p-user-list/1024944910/?random=753664186&cv=9&fst=1627761600000&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&eitems=ChAI8OmTiAYQvpzo1NqOvoEJEh0AH2LqZhpS7Y6OHnSSTZoZAMYgNkOiUTI_2ZWHSQ&random=957366114&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/1024944910/?random=753664186&cv=9&fst=1627761600000&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&eitems=ChAI8OmTiAYQvpzo1NqOvoEJEh0AH2LqZhpS7Y6OHnSSTZoZAMYgNkOiUTI_2ZWHSQ&random=957366114&resp=GooglemKTybQhCsO&ipr=y
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=exposebox&google_hm=ajJ1cjFlMw HTTP 302
  • https://server.exposebox.com/dmp/adx
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
Request Chain 168
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=a20816be-f23d-11eb-80eb-1fd522ee0306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a208167c-f23d-11eb-80eb-1fd522ee0306&orig=video&us_privacy=1---gdpr=0&
Request Chain 169
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f4364659-9dc4-51d4-8c15-3a0ded108804&ssp=taboola&expires=30&user_group=1 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
Request Chain 170
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%26partner_url%3Dhttps%253A%252F%252Fsync.taboola.com%252Fsg%252Fcentrortb-network%252F1%252Frtb-h%252F%253Ftaboola_hm%253D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%2526orig%253Dvideo%2526us_privacy%253D1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
Request Chain 171
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
Request Chain 172
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D0%26&__user_check__=1&sync_id=a20cd1da-f23d-11eb-97e8-14e583300506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a20cd18b-f23d-11eb-97e8-14e583300506&orig=video&us_privacy=1---gdpr=0&
Request Chain 173
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4d537ca7-b8c0-4032-a46b-8079f89b52c3&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
Request Chain 174
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%26partner_url%3Dhttps%253A%252F%252Fsync.taboola.com%252Fsg%252Fcentrortb-network%252F1%252Frtb-h%252F%253Ftaboola_hm%253D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%2526orig%253Dvideo%2526us_privacy%253D1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
Request Chain 175
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 176
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 181
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1--- HTTP 302
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QPU-9-KQ7K&gdpr=0&us_privacy=1---
Request Chain 182
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1--- HTTP 302
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ&gdpr=0&us_privacy=1---
Request Chain 184
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOGQzZTk5ZTdhYzZmYmEyYzg0ZjkzNzEzODEyY2VlNmNmMjUwNQ&gdpr=0&us_privacy=1---
Request Chain 186
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ceb6105-b209-4a00-bae3-a73b36fca07a&gdpr=0&gdpr_consent=
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJtKRLPCi7UzTTJmDJvHzc0&google_cver=1
Request Chain 188
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1---&_test=YQWyCQADRzEP-QAC HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQWyCQADRzEP-QAC&gdpr=0&us_privacy=1---&_test=YQWyCQADRzEP-QAC
Request Chain 190
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRS86QPU-9-KQ7K&sigv=1&esig=2~31be7fec1093f9d2e2f95ed1313991d24ec40dc5&gdpr=0&us_privacy=1---
Request Chain 191
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jI7TJy6Gu2_c-_49Yy-y5A?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2329389270662274317
Request Chain 195
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ
Request Chain 196
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTE9Remr867Z&ev=1&orig=trc&pid=562107
Request Chain 198
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG76kHin9pgnpo6JNA1anRw&google_cver=1
Request Chain 200
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
Request Chain 201
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
Request Chain 202
  • https://ce.lijit.com/merge?pid=42&3pid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 206
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8ad9baff-7052-402b-a89a-c792212ae3e9
Request Chain 207
  • https://id5-sync.com/s/464/9.gif?puid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=ede65f61-ec6d-433f-b25f-174397178509&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/5/3.gif?puid=263e6c9d710c70a61f983bf3ff29f554&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/4/4.gif?puid=14e17ef1-840c-4667-ab0a-47166023180e&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/3/5.gif?puid=bb00f7a6-2250-468f-ba9b-a586ca48921c&gdpr=1&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&prevuid=03030003_6105b20b4b1cc&knw=0 HTTP 302
  • https://id5-sync.com/c/464/118/2/6.gif?puid=03030003_6105b20b4b1cc&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/146/1/7.gif?puid=1392a5af-8281-45ce-81da-7ef7e05dc292&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
Request Chain 208
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=CSKXbGrxDAOn_HncC7IFYQ
Request Chain 210
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=taboola&bsw_custom_parameter=45ac25c1-b485-41fd-9219-a6deb3071c83 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=taboola&expires=10&bsw_param=45ac25c1-b485-41fd-9219-a6deb3071c83 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
Request Chain 211
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6ce2ab6f-c2ec-4327-8f4f-0993a372ef42 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&tbid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788&query=taboola_hm%3D6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&isDirect=0
Request Chain 212
  • https://u.openx.net/w/1.0/sd?id=543998486&val=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=
Request Chain 213
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4364659-9dc4-51d4-8c15-3a0ded108804
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=cilFf-iRSzCQ8E9wFIQyjA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787%26ui%3DcilFf-iRSzCQ8E9wFIQyjA HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&ui=cilFf-iRSzCQ8E9wFIQyjA
Request Chain 216
  • https://eb2.3lift.com/xuid?mid=7772&xuid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

221 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 0,7340,L-4870481,00.html
www.yediot.co.il/articles/
316 KB
96 KB
Document
General
Full URL
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
522210b503559a7bf066532dea5718fc853bc754eb01ac42715cc9315261b470

Request headers

Host
www.yediot.co.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-V
V2
vg_id
1
Content-Type
text/html; charset=UTF-8
Last-Modified
Sat, 31 Jul 2021 20:22:41 GMT
Accept-Ranges
bytes
VX-Cache
MISS
WAI
01
V-TTL
0
backend-cache-control
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
98047
Date
Sat, 31 Jul 2021 20:26:46 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
paywall.js
www.yediot.co.il/Common/Api/Scripts/
23 KB
7 KB
Script
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/paywall.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
381bdcc476c67309e57b14a17e742ad68413948ac41261f9ed57fabfd6036d09

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 08:06:35 GMT
ETag
"2c352fbe6dbd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6642
promise-7.0.4.min.js
www.promisejs.org/polyfills/
5 KB
3 KB
Script
General
Full URL
https://www.promisejs.org/polyfills/promise-7.0.4.min.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:933a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
302dafde82b53880f321f730fa7b0287e9133077e4f1f682f21a05812af30ec3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
143040
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
189DDAWFS57AXE6E
x-amz-id-2
Xc12JwjV7eGBolFiebNH5IT7CLYALzP8vCeKswg9qMG7N+rzjgYoPCrw0+6Wp/Djvzarn4D3bcM=
last-modified
Wed, 22 Aug 2018 16:12:33 GMT
server
cloudflare
etag
W/"d9ba685d045bdb65d8d2cfa53d99294b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVwdj4FQwuS2X3nsvOMwVxYzIMmJ%2BYI2QSHJ440ptEIWgSVojChyGAuJlYnZc1JORTS%2BJaFhdPjaZY83sO1ve4KpnmdjMKqR%2BevtMbiVA75%2ForS%2BJ%2F8X9%2F4%2FPg0GFKAZfhdzJDSJ0zVtlFDrVfVhuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
6779904b9e88dfeb-FRA
jquery-1.4.2.min.js
www.yediot.co.il/Common/Api/Scripts/
70 KB
27 KB
Script
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/jquery-1.4.2.min.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 13:27:05 GMT
ETag
"0a3ececb4f2cf1:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26834
0,12803,,00.js
www.yediot.co.il/dc/dcLoadAds/
16 B
348 B
Script
General
Full URL
https://www.yediot.co.il/dc/dcLoadAds/0,12803,,00.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1af5926ba879449b1c351bea0df6b2234bd622ac7550333810951548bf570236

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Last-Modified
Wed, 28 Jul 2021 23:04:49 GMT
X-V
V2
Access-Control-Allow-Origin
*
VX-Cache
MISS
Content-Length
16
WAI
02
vg_id
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=UTF-8
V-TTL
0
gpt_script_ynet.js
totalmedia2.ynet.co.il/gpt/
20 KB
6 KB
Script
General
Full URL
https://totalmedia2.ynet.co.il/gpt/gpt_script_ynet.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
65f847fec196b031096f75b43f76d66c466e5f5ed2419d4bd9008600a55bb913

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jan 2020 11:40:23 GMT
Server
AkamaiNetStorage
ETag
"624b940e63d882477cd246d23720a0e6:1579088423"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
5213
gpt_templates.js
totalmedia2.ynet.co.il/gpt/
87 KB
39 KB
Script
General
Full URL
https://totalmedia2.ynet.co.il/gpt/gpt_templates.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4df5b681974872f8b318172a396d06c87c582f15f5fd8518f0eb5fa337de60dd

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Jan 2021 13:30:54 GMT
Server
AkamaiNetStorage
ETag
"a0358895da9516d7776a214a9e84f095:1609940480.665029"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
39436
dmp.js
server.exposebox.com/
1 KB
955 B
Script
General
Full URL
https://server.exposebox.com/dmp.js?c=17
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.85.201.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
e19027d8543b2a8dc5cfa508102b45a9a03de86396c489323ed0d230692ec1fd

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
access-control-allow-headers
X-Requested-With
x-powered-by
Express
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age:0
access-control-allow-credentials
true
content-type
application/javascript
alt-svc
clear
via
1.1 google
categories
server.exposebox.com/dmp/
65 B
156 B
Script
General
Full URL
https://server.exposebox.com/dmp/categories?c=17
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.85.201.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
48d860bcad995858eae2dba96b5866d5d4e85c63e416279918142f30b9031b96

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
via
1.1 google
access-control-allow-headers
X-Requested-With
x-powered-by
Express
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
max-age:0
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
alt-svc
clear
0,14179,sprites-homepage-css-v39,00.css
www.yediot.co.il/novgnpre/Common/Api/StaticFile/CmmApiStaticFileInclude/
25 KB
3 KB
Stylesheet
General
Full URL
https://www.yediot.co.il/novgnpre/Common/Api/StaticFile/CmmApiStaticFileInclude/0,14179,sprites-homepage-css-v39,00.css
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07fd7d9ac0fc0d61e032f4f26a7b7b666cc319efa6eea422f0ef726f5e3f4f3f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 18:17:12 GMT
Vary
Accept-Encoding
X-V
V2
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
vg_id
1
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
Content-Length
2342
api_static.js
dy2.ynet.co.il/scripts/8765235/
0
0
Script
General
Full URL
https://dy2.ynet.co.il/scripts/8765235/api_static.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.80.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-80-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

api_dynamic.js
dy2.ynet.co.il/scripts/8765235/
0
0
Script
General
Full URL
https://dy2.ynet.co.il/scripts/8765235/api_dynamic.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.80.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-80-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

api.js
www.google.com/recaptcha/
850 B
646 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=iw
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3951ea385240a46935538cafc149fc59435712d1fabd8a5b9fb7cfe2cd88bc6f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Sat, 31 Jul 2021 20:26:46 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.yediot.co.il
Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
8606168
cdn-cachedat
2021-04-23 07:08:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5168aebf427a1c9dcc049c2769d9fcf1
cf-ray
6779904b9926e00b-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
youtube.css
www.yediot.co.il/Common/Api/Scripts/youtube/
21 KB
5 KB
Stylesheet
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/youtube/youtube.css?v=9.86
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 15:35:27 GMT
ETag
"3edfd0279666d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4519
youtube.js
www.yediot.co.il/Common/Api/Scripts/youtube/
10 KB
3 KB
Script
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/youtube/youtube.js?v=9.86
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
749886f0c7b06a4df622b00a061a33b7b7343bc1987941c26f8b455e6a63a54c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 06:56:50 GMT
ETag
"88766456ed21d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2572
YitVideo.js
www.yediot.co.il/Common/Api/Scripts/
67 KB
15 KB
Script
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/YitVideo.js?v=9.86
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b5c5ba62f3273a3176c0d737a99b71456ec42a46f3f6edbc055dcc1f5cba677

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 09:45:18 GMT
ETag
"5e98ceee752d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
HIT
V-TTL
3077
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15296
yedioth_icon.png
www.yediot.co.il/images/
2 KB
2 KB
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_icon.png
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8eff9f55582f613ed0ebd8e4c67c09c9637659fd9d28ca8f83b025381689e48

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Last-Modified
Wed, 28 Jul 2021 03:38:55 GMT
ETag
"80e58ccb2173d31:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
03
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1886
top-logo.svg
www.yediot.co.il/images/yedioth_ahronoth/
4 KB
2 KB
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/top-logo.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f682195834570225e7bb9d718521bc8bc3b3581d99df21e873fd0fff83a12c8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 18:17:12 GMT
ETag
"0acda64ee5d31:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1369
ynet-logo.svg
www.yediot.co.il/images/yedioth_ahronoth/
2 KB
1 KB
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/ynet-logo.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
daec6e9e6ab3eee943bd7f41fe64b93bb480a6b7476f673f845a6b7cb1838254

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 13:27:09 GMT
ETag
"0931b2df29ad11:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
734
300X250-03_new.jpg
images1.ynet.co.il/PicServer5/2020/07/01/10069655/
107 KB
107 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer5/2020/07/01/10069655/300X250-03_new.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f3f5e4a2e07d54a282e20ffeca279aa616c483d0c8012388e8c006e698ab7e50

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 01 Jul 2020 11:05:05 GMT
server
Microsoft-IIS/10.0
etag
"ee659e79974fd61:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1335190
accept-ranges
bytes
access-control-allow-headers
*
content-length
109307
expires
Mon, 16 Aug 2021 07:19:57 GMT
8457975_8503110_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343286/
487 KB
489 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343286/8457975_8503110_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
194c7fc88e7baefa0071440848b011d8723296bbda7781e892ac828521d84c8d

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:02 GMT
server
Microsoft-IIS/10.0
etag
"09fa78c6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207760
accept-ranges
bytes
access-control-allow-headers
*
content-length
498987
expires
Thu, 26 Aug 2021 09:42:47 GMT
jquery-1.10.2.min.js
www.yediot.co.il/images/articlepiclightbox/
91 KB
35 KB
Script
General
Full URL
https://www.yediot.co.il/images/articlepiclightbox/jquery-1.10.2.min.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jul 2021 20:30:33 GMT
ETag
"80de79b2cfcdd01:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
03
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35744
jquery.colorbox.js
www.yediot.co.il/images/articlepiclightbox/
29 KB
11 KB
Script
General
Full URL
https://www.yediot.co.il/images/articlepiclightbox/jquery.colorbox.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d460b778ec7eabdcad1892c3bc936f54de25f3bde81e5f9c473ff124e9aebcf7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 04:16:23 GMT
ETag
"03fd0221b34d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10934
colorbox.css
www.yediot.co.il/images/articlepiclightbox/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.yediot.co.il/images/articlepiclightbox/colorbox.css
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad91a71d5f7c70d4f43c0e45b43a0a751b2b8fb63e95cfd0138ff6f51a443c67

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 22:56:36 GMT
ETag
"0204d99a689d11:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1394
8457975_8462360_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343287/
369 KB
370 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343287/8457975_8462360_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
5b30e6726f7f2445eb19873996af07e92123ba62f81c370145938d644e022592

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:02 GMT
server
Microsoft-IIS/10.0
etag
"09fa78c6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207734
accept-ranges
bytes
access-control-allow-headers
*
content-length
377580
expires
Thu, 26 Aug 2021 09:42:21 GMT
8457975_8468864_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343288/
669 KB
671 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343288/8457975_8468864_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dc931ea34d0ad551a25406f3434faceffedd3f1790cce27ce044aa331a743c8b

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:02 GMT
server
Microsoft-IIS/10.0
etag
"09fa78c6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207751
accept-ranges
bytes
access-control-allow-headers
*
content-length
684598
expires
Thu, 26 Aug 2021 09:42:38 GMT
8457975_8461580_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343289/
161 KB
161 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343289/8457975_8461580_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b9bf3e5d7bd6b67899f7406dd575f71a8d61c0f53fca4a9a4ae68b571deaab55

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:02 GMT
server
Microsoft-IIS/10.0
etag
"09fa78c6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207707
accept-ranges
bytes
access-control-allow-headers
*
content-length
164467
expires
Thu, 26 Aug 2021 09:41:54 GMT
8457975_8444835_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343290/
361 KB
362 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343290/8457975_8444835_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
87c7d859b413becc7a5462792641cd40bac6f3b200bc4c1d4f3a2a507853a428

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:03 GMT
server
Microsoft-IIS/10.0
etag
"8035408d6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207758
accept-ranges
bytes
access-control-allow-headers
*
content-length
369214
expires
Thu, 26 Aug 2021 09:42:45 GMT
8457975_8444838_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343291/
80 KB
81 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343291/8457975_8444838_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7238da1c9ff33e82913c05ab192330134b1d065dc09cafc33d264bcc12184347

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:03 GMT
server
Microsoft-IIS/10.0
etag
"8035408d6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207822
accept-ranges
bytes
access-control-allow-headers
*
content-length
82381
expires
Thu, 26 Aug 2021 09:43:49 GMT
8457975_8441355_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343292/
150 KB
150 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343292/8457975_8441355_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
71e4efce19eabf9c5a066ed7a8f8c39032a7bbf9342b14e212f0f770e13040a7

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:03 GMT
server
Microsoft-IIS/10.0
etag
"8035408d6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2519905
accept-ranges
bytes
access-control-allow-headers
*
content-length
153457
expires
Mon, 30 Aug 2021 00:25:12 GMT
8457975_8444843_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343293/
243 KB
244 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343293/8457975_8444843_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
de738aae85066f146a6e60870f51ca98784bbf16542a7af7fd80618bf9f4ecc5

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:03 GMT
server
Microsoft-IIS/10.0
etag
"8035408d6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207854
accept-ranges
bytes
access-control-allow-headers
*
content-length
248461
expires
Thu, 26 Aug 2021 09:44:21 GMT
8457975_8444847_rumble.jpg
images1.ynet.co.il/PicServer4/2016/10/26/7343294/
60 KB
60 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer4/2016/10/26/7343294/8457975_8444847_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
95f321711eeab0d24c69e107b690e78f73c7c22c492fbb378a340fedb1d73cef

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 26 Oct 2016 09:23:03 GMT
server
Microsoft-IIS/10.0
etag
"8035408d6a2fd21:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2207863
accept-ranges
bytes
access-control-allow-headers
*
content-length
61047
expires
Thu, 26 Aug 2021 09:44:30 GMT
600X100-03_new.jpg
images1.ynet.co.il/PicServer5/2020/07/01/10069656/
75 KB
75 KB
Image
General
Full URL
https://images1.ynet.co.il/PicServer5/2020/07/01/10069656/600X100-03_new.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3cd7b981f1444024f90cf72ca3b98490dcd68b0abd8e47d410b2bbddd53d6032

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 01 Jul 2020 11:05:05 GMT
server
Microsoft-IIS/10.0
etag
"1edb9e79974fd61:0"
access-control-allow-methods
GET,POST
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1335053
accept-ranges
bytes
access-control-allow-headers
*
content-length
76351
expires
Mon, 16 Aug 2021 07:17:40 GMT
css
fonts.googleapis.com/
2 KB
589 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rubik
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5dc3e0c4d1a1295bc10626e93066afc50910175182d11181ceedbb853c64beb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 31 Jul 2021 19:41:49 GMT
server
ESF
date
Sat, 31 Jul 2021 20:26:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 31 Jul 2021 20:26:47 GMT
footer.svg
www.yediot.co.il/images/yedioth_ahronoth/
12 KB
4 KB
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/footer.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
176f1e128bae65a6ea90eaba0c9bed61a48f92a67904ed3358ec1a153ecb3a8d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 07:28:53 GMT
ETag
"80ca3fddf79ad11:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
VX-Cache
HIT
V-TTL
194
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3756
id.js
d1clufhfw8sswh.cloudfront.net/
0
0

back_to.png
www.yediot.co.il/images/
2 KB
2 KB
Image
General
Full URL
https://www.yediot.co.il/images/back_to.png
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
be6a51e68a2663c335ecc20d0089a129add9fb54e82005f33367a93b4fbcdfdd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Last-Modified
Thu, 29 Jul 2021 11:05:43 GMT
ETag
"80a5ac20293ad01:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1656
cookieconsent.min.css
www.yediot.co.il/Common/Api/Scripts/gdpr/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/gdpr/cookieconsent.min.css
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d69d4c19edbadc15c9af15b7fd83b17db01a37c7b195dc4f476d44c3aeab64a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 13:22:29 GMT
ETag
"0fcd6f03a44d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1446
cookieconsento.min.css
www.yediot.co.il/Common/Api/Scripts/gdpr/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/gdpr/cookieconsento.min.css
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1d69cdb69f052adf340cbaab49a9c161a5fadbb49480c3e0eee7677ece1b2845

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 23:57:34 GMT
ETag
"f033c8e7fb86d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1567
cookieconsent.min.js
www.yediot.co.il/Common/Api/Scripts/gdpr/
20 KB
8 KB
Script
General
Full URL
https://www.yediot.co.il/Common/Api/Scripts/gdpr/cookieconsent.min.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31337b39aa78a20fcc4deaf30bc116c59e8084215571ac735c8142c0c23058ab

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 11:05:43 GMT
ETag
"80a33beb8176d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
01
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7864
advertising.js
www.npttech.com/
7 KB
3 KB
Script
General
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/Common/Api/Scripts/paywall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3c3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5755
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
MY9S0PJDNWKA0N4N
x-amz-id-2
u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Fe4jPwQXzLF4mFMyKdvRxMQ9wn0Y%2BvByzZIkOHEBSdWiGuF86FB0oXghnwXiSlK96OGpzW5Ry%2FH6Lj5LcH4sO5ygLiAJ4XDz7raF5xqA0JBKum%2FpLmWtNlivOIX6eGVaC%2FdsI9FFCDYIEPdFEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6779904ddac44e97-FRA
load
experience.tinypass.com/xbuilder/experience/
4 KB
2 KB
Script
General
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=scyIGFmBpu
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/Common/Api/Scripts/paywall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a7eca3af79b28faa3e9a98d378286a34c467ff72a0d3e1dcd49ef2426dd44ed
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
21
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
C24m4xqFuP9
wn
prod-exp-10-200-130-38
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6779904ddcb64a80-FRA
expires
Sat, 31 Jul 2021 20:56:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
70 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
db4523282c95848ac9d018f7f99b3d76fa30e5c25b0c3633ead6dbedb71e32cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"945 / 373 of 1000 / last-modified: 1627683221"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24675
x-xss-protection
0
expires
Sat, 31 Jul 2021 20:26:47 GMT
loader.js
cdn.taboola.com/libtrc/ynet-yediot/
421 KB
36 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/ynet-yediot/loader.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
731d940e21687be48d0ff8fff06cfd0eab9a4470805a988458a81639e93b3788

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
WQXR3tAsDYPsTKpqB8MTgrhuFtHJKX0R
content-encoding
gzip
etag
"1505e59ba2290a449a45fb306762d7aa"
age
0
x-cache
HIT
content-length
36546
x-amz-id-2
OUdqEzR81RgZREXk/6/DaMYvLmDI9io6TEY+gCDCTFX/HAmbhI77wWuFdqCVKImHR1L6zklRl9w=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 29 Jul 2021 08:51:57 GMT
server
AmazonS3
x-timer
S1627763207.401223,VS0,VE191
date
Sat, 31 Jul 2021 20:26:47 GMT
vary
Accept-Encoding
x-amz-request-id
M76ECERKJA0BDB04
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
82
x-cache-hits
1
api_dynamic.js
dy2.ynet.co.il/scripts/8765235/
0
0
Script
General
Full URL
https://dy2.ynet.co.il/scripts/8765235/api_dynamic.js
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.80.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-80-80.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

recaptcha__iw.js
www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/
368 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=iw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c785eca38b7d13bfc54bf31688878151b55bcc103df1849b0d8918a31b0d559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.yediot.co.il
Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 19:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
435793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138791
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 00:05:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Jul 2022 19:23:34 GMT
gtm.js
www.googletagmanager.com/
118 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WD5MMM
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22c17a8e793020e7ec887cf459e6ccf14e3bc459198b6002f95c40550cc94df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44659
x-xss-protection
0
last-modified
Sat, 31 Jul 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Jul 2021 20:26:47 GMT
face-off.svg
www.yediot.co.il/images/yedioth_ahronoth/
475 B
790 B
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/face-off.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e27717dfcb2d1832c902c188ccd8026c618367c308c1871bb9c8da4e984e7653

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Last-Modified
Wed, 28 Jul 2021 19:26:10 GMT
ETag
"0e1fd7adf7d11:0"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
475
twit-off.svg
www.yediot.co.il/images/yedioth_ahronoth/
769 B
1 KB
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/twit-off.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d72d0a04250f368e269f95bc50f9ecddd62cb268fd1e0ebe195450d747c090d6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Last-Modified
Wed, 28 Jul 2021 01:39:17 GMT
ETag
"0e1fd7adf7d11:0"
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
769
insta-off.svg
www.yediot.co.il/images/yedioth_ahronoth/
1 KB
1 KB
Image
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/insta-off.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
26d140bcf8c0c6889428085ce0b6f2c09c957985d85a9bc7a3e90651ff05d8de

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 20:54:39 GMT
ETag
"0e1fd7adf7d11:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
03
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
676
almoni-tzar-aaa-400.woff
www.yediot.co.il/images/yedioth_ahronoth/font_files/
14 KB
15 KB
Font
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/font_files/almoni-tzar-aaa-400.woff
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e007a6b5c104124d361568da746865c36e9bc9150f7cfd6978446811aa7efa2d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.yediot.co.il
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Origin
https://www.yediot.co.il
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jul 2021 13:43:18 GMT
ETag
"048aefd5e81cf1:0"
Vary
Accept-Encoding
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14810
almoni-tzar-aaa-300.woff
www.yediot.co.il/images/yedioth_ahronoth/font_files/
14 KB
14 KB
Font
General
Full URL
https://www.yediot.co.il/images/yedioth_ahronoth/font_files/almoni-tzar-aaa-300.woff
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3aa1e9b8f3eaa3781725818b9550ec81202316d4c297b7edc8b8d4bd4b8d196f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.yediot.co.il
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Origin
https://www.yediot.co.il
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Jul 2021 02:05:01 GMT
ETag
"0db31b05e81cf1:0"
Vary
Accept-Encoding
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
VX-Cache
HIT
V-TTL
4528
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14080
Alef-Regular.woff
www.yediot.co.il/images/fonts/Alef-Webfont/
45 KB
45 KB
Font
General
Full URL
https://www.yediot.co.il/images/fonts/Alef-Webfont/Alef-Regular.woff
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c81d3d7e8a4c0c965e1cb88432fbda45813f8ec6e53e634ec7ffa08a8f403c7e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://www.yediot.co.il
Accept-Encoding
gzip, deflate, br
Host
www.yediot.co.il
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Connection
keep-alive
Origin
https://www.yediot.co.il
Referer
https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

backend-cache-control
Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 10:15:12 GMT
ETag
"05ebf385025ce1:0"
Vary
Accept-Encoding
Content-Type
font/x-woff
Access-Control-Allow-Origin
*
VX-Cache
MISS
V-TTL
0
WAI
02
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46134
homepage_v39.png
www.ynet.co.il/PicServer5/2017/08/09/sprites/
350 KB
351 KB
Image
General
Full URL
https://www.ynet.co.il/PicServer5/2017/08/09/sprites/homepage_v39.png
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/novgnpre/Common/Api/StaticFile/CmmApiStaticFileInclude/0,14179,sprites-homepage-css-v39,00.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:282::30bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ceec784dd71e2af9f899ebf6f729552c2b313d103d3bf43ead34962703ceba7

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Wed, 09 Aug 2017 12:41:40 GMT
etag
"05ae4d8c11d31:0"
content-type
image/png
cache-control
private, max-age=2545709
accept-ranges
bytes
content-length
358178
expires
Mon, 30 Aug 2021 07:35:16 GMT
twit.png
images1.ynet.co.il/static/images/
2 KB
2 KB
Image
General
Full URL
https://images1.ynet.co.il/static/images/twit.png
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
b71acad0dfb12aea811ad43eb6ffc6bbc6f0608a4b800dfccd91578b635b0a62

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Sun, 15 Oct 2017 13:04:48 GMT
server
Microsoft-IIS/10.0
etag
"098e12db645d31:0"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1547791
accept-ranges
bytes
access-control-allow-headers
*
content-length
1543
expires
Wed, 18 Aug 2021 18:23:18 GMT
fb.png
images1.ynet.co.il/static/images/
1 KB
2 KB
Image
General
Full URL
https://images1.ynet.co.il/static/images/fb.png
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
0bc18f63f01eb720a40417ecb71668194eede9c286f6df56a33362477d7cde81

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Sun, 15 Oct 2017 13:05:55 GMT
server
Microsoft-IIS/10.0
etag
"80fbd055b645d31:0"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1180636
accept-ranges
bytes
access-control-allow-headers
*
content-length
1391
expires
Sat, 14 Aug 2021 12:24:03 GMT
outbrain.js
widgets.outbrain.com/
0
0

/
site.yediot.co.il/web/generics/leads/YediotLead/ Frame 64B3
3 KB
2 KB
Document
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
97995d1abe70dabbf67556a12a1f503135354400111661e9963e66f27b1fcf08

Request headers

:method
GET
:authority
site.yediot.co.il
:scheme
https
:path
/web/generics/leads/YediotLead/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yediot.co.il/

Response headers

content-type
text/html
last-modified
Sun, 11 Oct 2020 12:03:29 GMT
accept-ranges
bytes
etag
"b878588c69fd61:0"
vary
Accept-Encoding
content-encoding
gzip
date
Sat, 31 Jul 2021 20:26:47 GMT
content-length
1633
fql
graph.facebook.com/
217 B
677 B
Script
General
Full URL
https://graph.facebook.com/fql?q=SELECT%20url,%20like_count,%20total_count%20FROM%20link_stat%20WHERE%20url%20in%20(%27http://www.ynet.co.il/news/article/sypbdpwyy%27,%20%27http://www.ynet.co.il/news/article/hjqnbvaao%27,%20%27http://www.ynet.co.il/sport/article/hjyzhfmjt%27,%20%27http://www.ynet.co.il/sport/article/skddi5fkk%27,%20%27http://www.ynet.co.il/news/article/hydbntgyk%27,%20%27http://www.ynet.co.il/sport/article/rjylnozyy%27,%20%27http://www.ynet.co.il/news/article/ryzfidzjf%27,%20%27http://www.ynet.co.il/news/article/h1pd11nxkf%27,%20%27http://www.ynet.co.il/news/article/bkza2z71y%27)&callback=jsonp1627763207036&_=1627763207357
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/Common/Api/Scripts/jquery-1.4.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:110:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0ec791e5d01203ed583fc07db9b1de3474a4a4bc104236bb926ec094bd4ac5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#12) fql is deprecated for versions v2.1 and higher"
x-fb-rev
1004189198
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
217
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
tKWxuSJWgPTZsBQPwjx+AQ0LNKEXff2eGDJOWNabAHjiGot1xcQU+wqO/9VRmzPwV15fjc69u8rlEK4RFNI04g==
x-fb-trace-id
Bv9gAj+iBFQ
date
Sat, 31 Jul 2021 20:26:47 GMT
vary
Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
AUdOX6PQMODo-np7qbu_keH
cache-control
no-store
facebook-api-version
v3.3
expires
Sat, 01 Jan 2000 00:00:00 GMT
exposebox-jquery.js
sf.exposebox.com/widget/
93 KB
34 KB
Script
General
Full URL
https://sf.exposebox.com/widget/exposebox-jquery.js?v=1.00
Requested by
Host: server.exposebox.com
URL: https://server.exposebox.com/dmp.js?c=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.243.63 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
63.243.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
28749c9acef6005f42e896c0bb250e67e74ffad80054d5dc462f2b3c8a85f9bf

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:18:24 GMT
content-encoding
gzip
age
503
x-guploader-uploadid
ADPycdsa6n7xe1pzOptVAnhanohbfT-vTAiKf4B7eaWhxf93Ww4cHfeaIQq-yIhzsNXdJwOF5nySAr92Fh7iQGg1ibc
x-goog-storage-class
STANDARD
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
clear
access-control-allow-origin
*
last-modified
Wed, 20 May 2015 08:25:20 GMT
server
UploadServer
etag
"1b9cc00eee480e6e1aecd300fd677c70"
vary
Accept-Encoding
x-goog-hash
crc32c=Clg4CQ==, md5=G5zADu5IDm4a7NMA/Wd8cA==
x-goog-generation
1432110320493000
via
1.1 google
access-control-expose-headers
Content-Type
cache-control
public,max-age=25920000
x-goog-stored-content-length
94958
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 27 May 2022 20:18:24 GMT
tinypass.min.js
cdn.tinypass.com/api/
411 KB
136 KB
Script
General
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=scyIGFmBpu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
626c6ae5e40fd5dd049f56ca648f59a0938d4ba144249064fc0e0316e267b0a5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
wn
prod-dash-10-200-143-145
last-modified
Wed, 28 Jul 2021 16:45:44 GMT
server
cloudflare
etag
W/"420637-1627490744000"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.000
cache-control
public, max-age=300
cf-ray
6779904e2d674a80-FRA
expires
Sat, 31 Jul 2021 20:31:47 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD5MMM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4386
date
Sat, 31 Jul 2021 19:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sat, 31 Jul 2021 21:13:41 GMT
pubads_impl_2021072801.js
securepubads.g.doubleclick.net/gpt/
325 KB
113 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Jul 2021 08:38:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115904
x-xss-protection
0
expires
Sat, 31 Jul 2021 20:26:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
89 B
107 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.yediot.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
054996c129a1f9d5a629805490c1050f21b800d34e21214eb1d99bd2abd38ab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82
x-xss-protection
0
expires
Sat, 31 Jul 2021 20:26:47 GMT
cx.cce.js
cdn.cxense.com/
22 KB
6 KB
Script
General
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 14:49:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5864
Expires
Sat, 31 Jul 2021 21:26:47 GMT
execute
experience.tinypass.com/xbuilder/experience/
45 KB
7 KB
XHR
General
Full URL
https://experience.tinypass.com/xbuilder/experience/execute?aid=scyIGFmBpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb480587a1e0c82f3091acc62eaa035ec07e83d528755c4073fcf202e4ffc82
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
Cn4m4xqkpJV
pragma
no-cache
wn
prod-exp-10-0-135-147
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.yediot.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6779904fdac14a5c-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/
153 B
278 B
Script
General
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=scyIGFmBpu
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d394d083e0465f855f46886c2a761ada005c8360850e421248f4394b148bdf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
54
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-request-id
C53m4xqPP2D
pragma
wn
prod-dash-10-0-84-234
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.001
cache-control
public, max-age=1200
cf-ray
6779904fc9034a80-FRA
expires
Sat, 31 Jul 2021 20:46:47 GMT
collect
stats.g.doubleclick.net/j/
1 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-64489464-3&cid=1156964911.1627763208&jid=922942234&gjid=816517696&_gid=585214275.1627763208&_u=YGBAgEABAAAAAE~&z=1433327269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 31 Jul 2021 20:26:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.yediot.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=407983868&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yediot.co.il%2Farticles%2F0%2C7340%2CL-4870481%2C00.html&dp=%2Farticles%2F0%2C7340%2CL-4870481%2C00.html%3Fprof%3D3630.Alma-11634.7-days&ul=en-us&de=UTF-8&dt=%D7%91%D7%A9%D7%99%D7%A8%D7%95%D7%AA%20%D7%90%D7%9E%D7%90%20%D7%A8%D7%95%D7%A1%D7%99%D7%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=922942234&gjid=816517696&cid=1156964911.1627763208&tid=UA-64489464-3&_gid=585214275.1627763208&gtm=2wg7s0WD5MMM&z=1574322030
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 05:14:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
54765
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
impl.20210729-2-RELEASE.js
cdn.taboola.com/libtrc/
530 KB
118 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-yediot/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
59cb71b9e76b9047bb3d25ff19b6fd4edd00341332c326e9b3c464bc24c5369f

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3ZZCVb_yWNxeLgC1c2_aII0RM8QQYvue
content-encoding
br
etag
"26b9456a5c2cd0e3722c76868e1953d8"
age
13585
x-cache
HIT
content-length
120503
x-amz-id-2
cvpXV+OYxr1qkvjVFHw6LP+2pTIRwV6RQeyy8LZciYb1V5BbzuJ1O4cUiI7iXa1NzlZNTpXCVCs=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 29 Jul 2021 08:34:42 GMT
server
AmazonS3-br
x-timer
S1627763208.719615,VS0,VE0
date
Sat, 31 Jul 2021 20:26:47 GMT
vary
Accept-Encoding
x-amz-request-id
E30099QD49D0AXN6
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
60
x-cache-hits
38506
js
www.googletagmanager.com/gtag/ Frame 64B3
95 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1024944910
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28097da891cb86c5bebe47c64b978b261633fa0d0bc212da6f1b950c538dcd2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38713
x-xss-protection
0
last-modified
Sat, 31 Jul 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Jul 2021 20:26:47 GMT
main.d7c205ad.chunk.css
site.yediot.co.il/web/generics/leads/YediotLead/static/css/ Frame 64B3
12 KB
3 KB
Stylesheet
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35c194707e3772785ce37f9c9efb3c752ae2a089c48c53f91c0d4b9436dea7e5

Request headers

Referer
https://site.yediot.co.il/web/generics/leads/YediotLead/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
last-modified
Sun, 11 Oct 2020 12:03:29 GMT
etag
"b878588c69fd61:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3119
2.2ec07efa.chunk.js
site.yediot.co.il/web/generics/leads/YediotLead/static/js/ Frame 64B3
133 KB
46 KB
Script
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/static/js/2.2ec07efa.chunk.js
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ee6e29a09ff944459efb0aca9ba67a7060524b574bd5ebdb216e2e16271375d6

Request headers

Referer
https://site.yediot.co.il/web/generics/leads/YediotLead/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
last-modified
Sun, 11 Oct 2020 12:03:29 GMT
etag
"92cf8688c69fd61:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
46655
main.c18bd3f8.chunk.js
site.yediot.co.il/web/generics/leads/YediotLead/static/js/ Frame 64B3
7 KB
7 KB
Script
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/static/js/main.c18bd3f8.chunk.js
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15c2e0bfafdda021470c289cf0b2060ffd2ce4945571e7db032bc4e2545c2706

Request headers

Referer
https://site.yediot.co.il/web/generics/leads/YediotLead/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Sun, 11 Oct 2020 12:03:29 GMT
accept-ranges
bytes
etag
"b878588c69fd61:0"
content-length
7199
content-type
application/javascript
gtm.js
www.googletagmanager.com/ Frame 64B3
118 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WD5MMM
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
22c17a8e793020e7ec887cf459e6ccf14e3bc459198b6002f95c40550cc94df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44659
x-xss-protection
0
last-modified
Sat, 31 Jul 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Jul 2021 20:26:47 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 64B3
98 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25944
x-xss-protection
0
pragma
public
x-fb-debug
7Dou6mPzbY70XpcSIr/sDYq6V1nyWV4cKFWOpI0bTRPansas3CfWgB3HYq5Gx031azEiUevOfWFd0FP9Y/sAJg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Sat, 31 Jul 2021 20:26:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
cx.js
cdn.cxense.com/
115 KB
27 KB
Script
General
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a7::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
489031b4b49cd663c247a5f37663db2cf4e30eb88d605c03d18a022cf9c06f8c

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 30 Jul 2021 08:31:30 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27719
Expires
Sat, 31 Jul 2021 21:26:47 GMT
1417929278318588
connect.facebook.net/signals/config/ Frame 64B3
249 KB
71 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1417929278318588?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8d6fe14f6fbe2254c7a921ad93c369f0e8987b3becad3765ec2097784c470016
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
HK1JKQTbj9ib0dDcww+/d06RiYT1jX/NXiAj0uJqiz2623ltoOa9Pzp9F7w/UVNUXdifrTGHsDUwrtZ3EUjSoA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 31 Jul 2021 20:26:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
man-sitting.59458c6e.png
site.yediot.co.il/web/generics/leads/YediotLead/static/media/ Frame 64B3
37 KB
37 KB
Image
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/static/media/man-sitting.59458c6e.png
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c440345525c8f9e01bcc0eecbed2c222c0197aec70d698e0b11a95bd01bb7fd3

Request headers

Referer
https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
last-modified
Sun, 11 Oct 2020 12:03:29 GMT
accept-ranges
bytes
etag
"427a8288c69fd61:0"
content-length
37680
content-type
image/png
AlmoniTzarAAA_4.fa91a311.woff2
site.yediot.co.il/web/generics/leads/YediotLead/static/media/ Frame 64B3
0
0
Font
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/static/media/AlmoniTzarAAA_4.fa91a311.woff2
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Origin
https://site.yediot.co.il
Referer
https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-length
1245
content-type
text/html
api.js
www.google.com/recaptcha/ Frame 64B3
850 B
574 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/static/js/main.c18bd3f8.chunk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b91bca177cd45dfc501b5e808b9c46c643596282dd69202f192d3a515678e9e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Sat, 31 Jul 2021 20:26:47 GMT
json
trc.taboola.com/ynet-yediot/trc/3/
38 KB
14 KB
XHR
General
Full URL
https://trc.taboola.com/ynet-yediot/trc/3/json?tim=22%3A26%3A47.808&lti=deflated&data=%7B%22id%22%3A416%2C%22ii%22%3A%22%2Farticles%2F0%2C7340%2Cl-4870481%2C00.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22lbt%22%3A1627548712033%2C%22vi%22%3A1627763207806%2C%22cv%22%3A%2220210729-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.yediot.co.il%2Farticles%2F0%2C7340%2CL-4870481%2C00.html%22%2C%22usrtyp%22%3A%22Other%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2516%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2429%2C%22mw%22%3A660%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
554c515f6e577ab3eeb2ec3556b716d7bef884edf80c7981a8bbc11d668dac8a

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
578
date
Sat, 31 Jul 2021 20:26:48 GMT
content-encoding
gzip
server
nginx
x-timer
S1627763208.819184,VS0,VE578
x-served-by
cache-fra19134-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.yediot.co.il
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
AlmoniTzarAAA_4.bdd1b345.woff
site.yediot.co.il/web/generics/leads/YediotLead/static/media/ Frame 64B3
29 KB
30 KB
Font
General
Full URL
https://site.yediot.co.il/web/generics/leads/YediotLead/static/media/AlmoniTzarAAA_4.bdd1b345.woff
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
85a722e8834094b21fbe67cbed679557d7994551a6aba5933ffe59aebb73354d

Request headers

Origin
https://site.yediot.co.il
Referer
https://site.yediot.co.il/web/generics/leads/YediotLead/static/css/main.d7c205ad.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
last-modified
Sun, 11 Oct 2020 12:03:29 GMT
etag
"eb118588c69fd61:0"
vary
Accept-Encoding
content-type
font/x-woff
accept-ranges
bytes
content-length
30192
analytics.js
www.google-analytics.com/ Frame 64B3
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD5MMM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4386
date
Sat, 31 Jul 2021 19:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sat, 31 Jul 2021 21:13:41 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 64B3
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WD5MMM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6d2b2652cd4f5b0c8ce1b586871e24d54cc134737f50f8ba6a16c469ad9cf5fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13913
x-xss-protection
0
server
cafe
etag
9921229738351535883
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 31 Jul 2021 20:26:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/ Frame 64B3
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
654a6d6808dfc4e817d8d70eebebd98f0add214485983e60a53111de95db8bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://site.yediot.co.il
Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 11:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136251
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 00:05:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 11:07:36 GMT
rep.gif
comcluster.cxense.com/Repo/
43 B
468 B
Image
General
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=1&typ=pgv&rnd=krs86pc4b2scr0eq&sid=1141964880015811425&loc=https%3A%2F%2Fwww.yediot.co.il%2Farticles%2F0%2C7340%2CL-4870481%2C00.html&new=0&arf=0&ltm=1627763207811&ref=&tzo=-120&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=krs86pj0h6tnz21q&ckp=krs86pcb5nuqc4ms&glb=&wsz=1600x1200&cp_userState=anon&cp_ver=2.44&cp_testGroup=95
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.13.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
de717.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:47 GMT
Server
Jetty(9.4.28.v20200408)
P3P
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/j/ Frame 64B3
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=965063475&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&dr=https%3A%2F%2Fwww.yediot.co.il%2F&ul=en-us&de=UTF-8&dt=Yediot%20Article%20Block&sd=24-bit&sr=1600x1200&vp=660x860&je=0&ec=Lead%20Form&ea=Form%20Displayed&_u=QACAAEABAAAAAC~&jid=1510837517&gjid=1292893788&cid=1156964911.1627763208&tid=UA-64489464-3&_gid=585214275.1627763208&_r=1&gtm=2wg7s0WD5MMM&z=1904315606
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://site.yediot.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1024944910/ Frame 64B3
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1024944910/?random=1627763207894&cv=9&fst=1627763207894&num=1&label=BtI4CPWO_qYBEI7W3egD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f76a83a16fbdce518918d677f6c59d67357f43059edfcfb30dd8f9dbba62d4ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1085
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/1024944910/ Frame 64B3
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/1024944910/?random=1627763207898&cv=9&fst=1627763207898&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&auid=1697189727.1627763208&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
0f73b83f93030cb1ab7faa606edc7033420a85a176ec873ede1d7bd1d76c5504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1242
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/privacysandbox/conversion/1024944910/ Frame 64B3
0
0
Image
General
Full URL
https://www.google.com/pagead/privacysandbox/conversion/1024944910/?random=1627763207898&cv=9&fst=1627763207898&num=1&fmt=3&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&auid=1697189727.1627763208&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1024944910/ Frame 64B3
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1024944910/?random=1627763207904&cv=9&fst=1627763207904&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad82da358e099f6ab434539b36c717cbaff001a72ae934b55a905e8e650d54bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1031
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 64B3
1 B
22 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-64489464-3&cid=1156964911.1627763208&jid=1510837517&gjid=1292893788&_gid=585214275.1627763208&_u=QACAAEAAAAAAAC~&z=240638259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 31 Jul 2021 20:26:47 GMT
content-type
text/plain
access-control-allow-origin
https://site.yediot.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1499644016955673
connect.facebook.net/signals/config/ Frame 64B3
253 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1499644016955673?v=2.9.44&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c618bd05939f6370283794c4ab5db246f285e280d0149f9769878686536ed9e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
2RLbebk9W/W3bt1I7QtkIeKe0f+cDoSba30Dr1Be0w/ls66L3x7hAfvEF6HnzDBN5O65OEARPymM98lQaVGpkA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 31 Jul 2021 20:26:48 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 44B7
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b2013fe8cc0a10803df0a906d84209b4952d5d567c5d35df6941d955f1dfc661
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-er5ocLPnW/rd2oew0NUQZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://site.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://site.yediot.co.il/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 31 Jul 2021 20:26:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-er5ocLPnW/rd2oew0NUQZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20565
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.google.com/pagead/1p-user-list/1024944910/ Frame 64B3
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1024944910/?random=1627763207894&cv=9&fst=1627761600000&num=1&label=BtI4CPWO_qYBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&is_vtc=1&random=2468775342&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1024944910/ Frame 64B3
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1024944910/?random=1627763207894&cv=9&fst=1627761600000&num=1&label=BtI4CPWO_qYBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&is_vtc=1&random=2468775342&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1024944910/ Frame 64B3
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1024944910/?random=1627763207904&cv=9&fst=1627761600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&is_vtc=1&random=390020961&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1024944910/ Frame 64B3
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1024944910/?random=1627763207904&cv=9&fst=1627761600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&is_vtc=1&random=390020961&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1024944910/ Frame 64B3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1024944910/?random=753664186&cv=9&fst=1627763207898&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&resp=GooglemK...
  • https://www.google.com/pagead/1p-user-list/1024944910/?random=753664186&cv=9&fst=1627761600000&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
  • https://www.google.de/pagead/1p-user-list/1024944910/?random=753664186&cv=9&fst=1627761600000&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=160...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1024944910/?random=753664186&cv=9&fst=1627761600000&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&eitems=ChAI8OmTiAYQvpzo1NqOvoEJEh0AH2LqZhpS7Y6OHnSSTZoZAMYgNkOiUTI_2ZWHSQ&random=957366114&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1024944910/?random=753664186&cv=9&fst=1627761600000&num=1&value=1&currency_code=ILS&label=nyoGCICN-9MBEI7W3egD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7s0&sendb=1&frm=2&url=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&ref=https%3A%2F%2Fwww.yediot.co.il%2F&tiba=Yediot%20Article%20Block&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=&is_vtc=1&eitems=ChAI8OmTiAYQvpzo1NqOvoEJEh0AH2LqZhpS7Y6OHnSSTZoZAMYgNkOiUTI_2ZWHSQ&random=957366114&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/ Frame 44B7
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 12:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 00:05:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 12:12:23 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/ Frame 44B7
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
654a6d6808dfc4e817d8d70eebebd98f0add214485983e60a53111de95db8bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 11:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136251
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 00:05:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 11:07:36 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 44B7
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 23:34:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
420763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Mon, 02 Aug 2021 23:34:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 44B7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
428367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 44B7
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:26:18 GMT
x-content-type-options
nosniff
age
367230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 14:26:18 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 44B7
102 B
130 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
849ad50d8f39d01c26fb4a2441e1d8a36d4bb3798c5025a457d1a21fec0c1185
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&co=aHR0cHM6Ly9zaXRlLnllZGlvdC5jby5pbDo0NDM.&hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&size=invisible&cb=4gpqrulyxaw3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sat, 31 Jul 2021 20:26:48 GMT
/
www.facebook.com/tr/ Frame 64B3
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1417929278318588&ev=PageView&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&rl=https%3A%2F%2Fwww.yediot.co.il%2F&if=true&ts=1627763208170&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&it=1627763207751&coo=false&rqm=GET
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 31 Jul 2021 20:26:48 GMT
/
www.facebook.com/tr/ Frame 64B3
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1499644016955673&ev=PageView&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&rl=https%3A%2F%2Fwww.yediot.co.il%2F&if=true&ts=1627763208174&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.2.1627763208172.980726741&it=1627763207751&coo=false&rqm=GET
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 31 Jul 2021 20:26:48 GMT
/
www.facebook.com/tr/ Frame 64B3
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1417929278318588&ev=Lead-Popup%20Articles&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&rl=https%3A%2F%2Fwww.yediot.co.il%2F&if=true&ts=1627763208174&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&it=1627763207751&coo=false&rqm=GET
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 31 Jul 2021 20:26:48 GMT
/
www.facebook.com/tr/ Frame 64B3
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1499644016955673&ev=Lead-Popup%20Articles&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&rl=https%3A%2F%2Fwww.yediot.co.il%2F&if=true&ts=1627763208175&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.2.1627763208172.980726741&it=1627763207751&coo=false&rqm=GET
Requested by
Host: site.yediot.co.il
URL: https://site.yediot.co.il/web/generics/leads/YediotLead/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 31 Jul 2021 20:26:48 GMT
bframe
www.google.com/recaptcha/api2/ Frame C458
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09241ff41930c47b4c8b95391523ebce70b194aa3d94a609bb73d757fcf4bbab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4sB1FsQapsvbNg9BRzKbQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://site.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://site.yediot.co.il/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 31 Jul 2021 20:26:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-4sB1FsQapsvbNg9BRzKbQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/ Frame C458
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 12:12:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 00:05:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 12:12:23 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/ Frame C458
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
654a6d6808dfc4e817d8d70eebebd98f0add214485983e60a53111de95db8bdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 11:07:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136251
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 00:05:58 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Jul 2022 11:07:36 GMT
iftags
server.exposebox.com/dmp/ Frame 8FFC
299 B
565 B
Document
General
Full URL
https://server.exposebox.com/dmp/iftags?c=17
Requested by
Host: sf.exposebox.com
URL: https://sf.exposebox.com/widget/exposebox-jquery.js?v=1.00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.85.201.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
463b6bf17533b9c9c3f404b8cfc2f389fcc19cd32b3484fc9c9febd019977413

Request headers

:method
GET
:authority
server.exposebox.com
:scheme
https
:path
/dmp/iftags?c=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__etn=41531446731
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yediot.co.il/

Response headers

x-powered-by
Express
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age:0
set-cookie
_ahph=eJyLjgUAARUAuQ%3D%3D; Domain=.exposebox.com; Path=/; Expires=Sat, 07 Aug 2021 20:26:48 GMT; Secure; SameSite=None _am=1; Domain=.exposebox.com; Path=/; Expires=Sat, 14 Aug 2021 20:26:48 GMT; Secure; SameSite=None _etc_=1; Domain=.exposebox.com; Path=/; Expires=Mon, 30 Aug 2021 20:26:48 GMT; Secure; SameSite=None
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 google
alt-svc
clear
reload
www.google.com/recaptcha/api2/ Frame C458
35 KB
21 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2b20fa7b9792811b85f7a46e1f1e657fd13180c5f222529b14a0c04f30d3d08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21469
x-xss-protection
1; mode=block
expires
Sat, 31 Jul 2021 20:26:48 GMT
adx
server.exposebox.com/dmp/ Frame 8FFC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exposebox&google_hm=ajJ1cjFlMw
  • https://server.exposebox.com/dmp/adx
0
55 B
Image
General
Full URL
https://server.exposebox.com/dmp/adx
Requested by
Host: server.exposebox.com
URL: https://server.exposebox.com/dmp/iftags?c=17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.85.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.85.201.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://server.exposebox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 google
x-powered-by
Express
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
max-age:0
content-type
image/png
alt-svc
clear
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://server.exposebox.com/dmp/adx
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtb-h
sync.taboola.com/sg/exposebox-network/1/ Frame 8FFC
0
248 B
Image
General
Full URL
https://sync.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=j2ur1e3
Requested by
Host: server.exposebox.com
URL: https://server.exposebox.com/dmp/iftags?c=17
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://server.exposebox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Sat, 31 Jul 2021 20:26:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15629
player_api
www.youtube.com/
980 B
914 B
Script
General
Full URL
https://www.youtube.com/player_api
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51d8d0c12e399495963bccc9e89aeb4555c568f46d358d6ea3b8928ca535d799
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sat, 31 Jul 2021 20:26:48 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame C458
600 B
622 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 08:57:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
386935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
expires
Tue, 03 Aug 2021 08:57:53 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame C458
530 B
552 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 13:51:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
369312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
expires
Tue, 03 Aug 2021 13:51:36 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame C458
665 B
687 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/ecapuzyywmdXQ5gJHS3JQiXe/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 03:00:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
408383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
expires
Tue, 03 Aug 2021 03:00:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C458
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 21:27:21 GMT
x-content-type-options
nosniff
age
428367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Jul 2022 21:27:21 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C458
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:26:18 GMT
x-content-type-options
nosniff
age
367230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 14:26:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C458
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Jul 2021 14:26:18 GMT
x-content-type-options
nosniff
age
367230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Jul 2022 14:26:18 GMT
payload
www.google.com/recaptcha/api2/ Frame C458
28 KB
28 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq26KYhYZNnPExHByT2RI_WFdKIEMtoI9jzd-JCEBMZfFNy885sgcOLruuMk0cFvEzXmlMcdcjAcxOu7KjKUPgN3gcKyvvqOXkKf-mncOW7g1t68_E-_DjCEVk5vBd0F3tNEh9WS-Kq4gLhRJEqN_AwSpP3xIQDIv281kzry7cqaZZK2PlJWv-xalNiUpsFzJDr1GaOSqxlrRcP5ryalwd4UtJy8NVA&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fb2356ff8c04b5fd52805d9797ec4e9f61aa02529731ad3c6bc8147e7af75f0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=ecapuzyywmdXQ5gJHS3JQiXe&k=6LfoC3kUAAAAAPt8XZMzr6ljG2omdMJY7z8PPhpU&cb=yj5mu9bd6qyb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29078
x-xss-protection
1; mode=block
expires
Sat, 31 Jul 2021 20:26:48 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
19 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
23031
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by
cache-fra19134-FRA
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1627763208.448857,VS0,VE0
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
x-amz-request-id
KQE2YD0951MP799B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
94
x-cache-hits
159373
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
2 KB
970 B
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
15092
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by
cache-fra19134-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1627763208.448982,VS0,VE0
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
x-amz-request-id
H26RXF80K5Y33KYT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
94
x-cache-hits
71093
tfa-eid.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-yediot/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f7871d93d5c3d1704ff63df786e947d15254a0dc27af5b429b03a7090d07ff0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KIt47jUShIAEejR4_9LKbcUQxM1qfkyU
content-encoding
gzip
etag
"1420293eab19df25c2ca25d9d3552a23"
age
31
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5062
x-amz-id-2
Eb9VYvSNNZp/7tpiIvYlcUWCA159EDpemM7AJBFR6yae+ggwAy9epCPh8sYLIzu13Qj0nUmguQk=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 29 Jul 2021 12:45:46 GMT
server
AmazonS3
x-timer
S1627763208.451226,VS0,VE0
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
x-amz-request-id
4ABCGB3XPJ7A1XKH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
129
sha256.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-yediot/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fbfb42bb82ce3052352ce7cf22ae4e2b0dbeed1c324f2c490e8e0405d09b3d7

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zxaJkOHJyCvsP09HGr0yxlkmlSldsQYt
content-encoding
gzip
etag
"d2490b745585466574523b6bd4db0629"
age
94
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
zHb1egd2VQ09BdWYbJVnhPMEjJAgxL22Irs43pJ431Lp3CtqFn5X7tYyWoqZtQzccsq0orwX2Fc=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 29 Jul 2021 12:45:33 GMT
server
AmazonS3
x-timer
S1627763208.451274,VS0,VE0
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
x-amz-request-id
10DGCRSMYJWXAD6Z
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
375
tb
15.taboola.com/
37 KB
10 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=ynet-yediot&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.yediot.co.il%2Farticles%2F0%2C7340%2CL-4870481%2C00.html&encoded=1&uid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&variant=-100|4930&callback=TRC.videoTagCallbacks.videoCallback1&cb=1627763208445&tagid=&cntry=CH&platform=1&sesid=064bf50cdd77c462c1b2d6fd4aae49b8&itemid=/articles/0,7340,l-4870481,00.html&viewid=1627763207806&geolat=&geoing=&deviceifa=&appid=&sd=v2_064bf50cdd77c462c1b2d6fd4aae49b8_446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787_1627763207_1627763207_CNawjgYQ-a1BGP7c_fGvLyABKAEwKziy0A1Ay4gQSKec3QNQ____________AVgAYABosa_ptcr9986tAXAB&ri=9e41ec0caa204c2cef98c93c0b89acde&appname=&cdb=&gdprApplies=false&rid=&sii=-9181965328172027983&oee=true&tpubid=1070841&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TI&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=659&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b5b5da07e2129fa4bcadf9cf063c7e8fb0c46fe57ea73a094ac0d5c426fa65d0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
content-encoding
gzip
access-control-allow-origin
https://www.yediot.co.il
machineid
1417
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19134-FRA
pragma
no-cache
server
nginx
x-timer
S1627763208.456087,VS0,VE19
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-yediot/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81ac86866f450460ed3daebc32527ec54f64d78153929bd114c8f5fbfcd0f868

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GjDeGqkHxFnX8CKu7jelbrP7GNMckJd4
content-encoding
gzip
etag
"5db1f4600fde9bba62e72e55afbcdb86"
age
82
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
Dkmtal9L+rgN6Oz1JExDzJ4iAXe40M5qAG7ToVrAhsA+YcjNebx/ALHOP6jO02bkTtS6+3kYFkw=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 29 Jul 2021 12:45:35 GMT
server
AmazonS3
x-timer
S1627763208.455349,VS0,VE0
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
x-amz-request-id
KVY9M2RBJ6MT6KK7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
218
userx.20210729-2-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210729-2-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/ynet-yediot/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d3b5cfd747f2915e403e9f4d3310d859ef2b23032411d69ff8cde3e9252594d

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3FWNaQpY14nv9YfgTme19Tpuwt7PAx05
content-encoding
gzip
etag
"4567f38701a0018aa2456bb843567147"
age
68
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7949
x-amz-id-2
E4rgCevo+PIWHL9GH43jMgop4rQE2wLsZu+2z+Yuat6HMJBq7yf0KlUr5UqoVRP+6N/8EQTin8Q=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 29 Jul 2021 12:45:51 GMT
server
AmazonS3
x-timer
S1627763208.466919,VS0,VE0
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
x-amz-request-id
JZTEPA05A6D6NNTD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
94
x-cache-hits
41
debug
il-trc-events.taboola.com/ynet-yediot/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/ynet-yediot/log/2/debug?tim=22%3A26%3A48.451&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&id=5356&cv=20210729-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62196
debug
il-trc-events.taboola.com/ynet-yediot/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/ynet-yediot/log/2/debug?tim=22%3A26%3A48.452&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&id=1580&cv=20210729-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62196
e4f01268-c365-4547-9fe0-d96c8963c97f.svg
cdn.taboola.com/static/e4/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/e4/e4f01268-c365-4547-9fe0-d96c8963c97f.svg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4465ae1a9eeb81576867402063b1e75ee3d7b44463d56e69e6fe30412d6714f3

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
L.22P8JFZFCHkoWvwQgXvJ3ixGWu1uyk
content-encoding
gzip
etag
"b5a2e874ef122f2faed0d04277a62981"
age
102
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1710
x-amz-id-2
TAS+UPCvQ9mYOByj01nh9oD8G015mcB8LHlxfk6n5jD1v75M/drQy3ToFnctUHezLvhsH//dLbw=
x-served-by
cache-fra19134-FRA
last-modified
Wed, 27 Dec 2017 16:04:20 GMT
server
AmazonS3
x-timer
S1627763208.497268,VS0,VE1
date
Sat, 31 Jul 2021 20:26:48 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
Z44RDFY1P3THAHN9
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
94
x-cache-hits
1
www-widgetapi.js
www.youtube.com/s/player/3c3086a1/www-widgetapi.vflset/
125 KB
42 KB
Script
General
Full URL
https://www.youtube.com/s/player/3c3086a1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f85dfa211770e77ae74625ad98e4b1a114808bea92c6a361c25d0c889de9ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 17:38:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 29 Jul 2021 00:19:05 GMT
server
sffe
age
10127
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42813
x-xss-protection
0
expires
Sun, 31 Jul 2022 17:38:01 GMT
12416558_12417076_rumble.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/29/10854244/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/29/10854244/12416558_12417076_rumble.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9fee16bf70a2a59899db06f6f89fdf70a923225884fb0aea3114f35d678f47f5

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
129142
edge-cache-tag
583509989565676144092836283015073108556,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
656
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/29/10854244/12416558_12417076_rumble.jpg
content-length
23020
x-request-id
9f6fcdfead9f876f8f36fb3f6a575a59
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 29 Jul 2021 23:03:39 GMT
server
nginx
x-timer
S1627763209.535839,VS0,VE1
etag
"2252336f38e0e3a078151d5663d29741"
x-served-by
cache-wdc5541-WDC, cache-dca17752-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
tbp
15.taboola.com/
6 KB
3 KB
XHR
General
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
910294ed1a5d983b099565a12161d64485e4a6f3bd8a195dddccc3bc26e5f0d7

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
content-encoding
gzip
access-control-allow-origin
https://www.yediot.co.il
machineid
1451
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19134-FRA
pragma
no-cache
server
nginx
x-timer
S1627763209.532509,VS0,VE20
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
c4759e15bb293170a7c92714c517da18.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4759e15bb293170a7c92714c517da18.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75658cb3d112238f0963d305e1e35f584e25ed5109ee8e09cdfc6e0bafde8bed

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
1341929
edge-cache-tag
620830985012291442099614449101152130596,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
738
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4759e15bb293170a7c92714c517da18.jpeg
content-length
30268
x-request-id
7c6a485b701518280d82f8bb5e7627e0
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 15 Jul 2021 08:56:05 GMT
server
nginx
x-timer
S1627763209.536206,VS0,VE1
etag
"ba1918a6c728ec49cd391f72c4a64c0d"
x-served-by
cache-wdc5569-WDC, cache-dca17749-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a56a83c9961ca45c6a47949c0a64f09d9b3c328f3e272aa933fa5c1fb05960d4

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
2026141
edge-cache-tag
621293045940373875098618898656648785884,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
expiration
expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
content-length
8788
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 10 Jun 2021 05:36:52 GMT
server
nginx
x-timer
S1627763209.535844,VS0,VE1
etag
"a8df56de82ee75de43725999e2390952"
x-served-by
cache-wdc5545-WDC, cache-dca12926-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
S1e4X00VJ2d_0_0_1000_600_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2021/06/22/S1e4X00VJ2d/
11 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2021/06/22/S1e4X00VJ2d/S1e4X00VJ2d_0_0_1000_600_0_large.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2965c4ef9ba387a7820b3be5b70ebe07add62a0226c681f96af737b4b834228

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
3396657
edge-cache-tag
402860022693146812987250462866414392281,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
49
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2021/06/22/S1e4X00VJ2d/S1e4X00VJ2d_0_0_1000_600_0_large.jpg
content-length
11272
x-request-id
85b1ce0a56d8acfc4f8f02c071306e5a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 22 Jun 2021 12:34:12 GMT
server
nginx
x-timer
S1627763209.535807,VS0,VE1
etag
"b008ba56da97a480c144b48936bef239"
x-served-by
cache-wdc5547-WDC, cache-dca17754-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
950a632c185b9bda7566be69ebf20a5a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
60 KB
60 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/950a632c185b9bda7566be69ebf20a5a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1db0e492f6cb6d1774c12931defdd4be526d8002f4da8a52d479e66b11ff00e2

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
2516349
edge-cache-tag
326383743846339771833275813589991674638,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
671
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/950a632c185b9bda7566be69ebf20a5a.jpg
content-length
61072
x-request-id
98900473ccc55b67d6faa395f6a9fca8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 02 Jul 2021 09:37:44 GMT
server
nginx
x-timer
S1627763209.536142,VS0,VE1
etag
"e4f6f4538ae345ce5b6a34e8c3d3676d"
x-served-by
cache-wdc5540-WDC, cache-dca17720-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
945966ac829da03c96393184f034a377.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
10 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/945966ac829da03c96393184f034a377.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7029200375b9def0a59ed45120d8fcec86c6e6f420665fcf20fa16b322e427af

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
3999742
edge-cache-tag
573042033798922851517320630396827210876,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
55
expiration
expiry-date="Fri, 02 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/945966ac829da03c96393184f034a377.jpeg
content-length
9188
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 01 Jun 2021 05:09:47 GMT
server
nginx
x-timer
S1627763209.536130,VS0,VE0
etag
"d5360e4c8abc08a5531059b89a361c7a"
x-served-by
cache-wdc5535-WDC, cache-dca17753-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 11
12377006_12377028_rumble.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/26/10847709/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/26/10847709/12377006_12377028_rumble.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c624aca333a2577fa68413776cd0700cdb8ad55abaf6361e9f71c62dd7fea935

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
314676
edge-cache-tag
454307010579624753821528992208339078692,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
455
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/26/10847709/12377006_12377028_rumble.jpg
content-length
8686
x-request-id
eb8c46892c61e38f8f525194ed4c29d5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 26 Jul 2021 23:28:56 GMT
server
nginx
x-timer
S1627763209.563517,VS0,VE0
etag
"ab6ca914786efc2a95a18bf60c8186ef"
x-served-by
cache-wdc5556-WDC, cache-dca17781-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.8/
96 KB
28 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db5bf9a91b7e05388b953154183762971d47ef02aa365db3cf4187dddbb86080

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront), 1.1 varnish
age
235102
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28132
x-served-by
cache-fra19134-FRA
last-modified
Mon, 26 Jul 2021 09:53:28 GMT
server
AmazonS3
x-timer
S1627763209.540048,VS0,VE0
etag
"e8d2f43df8d5011ca2de7e55d7bcb3f8"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ztV3VBEmK06YpuN4okeXUcWDTYkhYGI_M3ecfuM-qCMlBAd0-WJSDA==
x-cache-hits
38499
debug
il-trc-events.taboola.com/ynet-yediot/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/ynet-yediot/log/2/debug?tim=22%3A26%3A48.559&type=warn&msg=TRC.TranslationsManager%20-%20language%20key%3A%20he%20not%20recognized%20for%20feature%20userx.&id=675&cv=20210729-2-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
62196
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/
4 KB
2 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
age
2907841
x-amz-meta-mtime
1580720676
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19134-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1627763209.583262,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
fAeHO52Fy78UbxheIVGwTQpabLzTVzA-RHX2HcKYyUH5P0SAs1-vKA==
x-cache-hits
208448
12416558_12417076_rumble.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/29/10854244/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/29/10854244/12416558_12417076_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9fee16bf70a2a59899db06f6f89fdf70a923225884fb0aea3114f35d678f47f5

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
129142
edge-cache-tag
583509989565676144092836283015073108556,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
656
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/29/10854244/12416558_12417076_rumble.jpg
content-length
23020
x-request-id
9f6fcdfead9f876f8f36fb3f6a575a59
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 29 Jul 2021 23:03:39 GMT
server
nginx
x-timer
S1627763209.583755,VS0,VE0
etag
"2252336f38e0e3a078151d5663d29741"
x-served-by
cache-wdc5541-WDC, cache-dca17752-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
c4759e15bb293170a7c92714c517da18.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4759e15bb293170a7c92714c517da18.jpeg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75658cb3d112238f0963d305e1e35f584e25ed5109ee8e09cdfc6e0bafde8bed

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
1341929
edge-cache-tag
620830985012291442099614449101152130596,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
738
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4759e15bb293170a7c92714c517da18.jpeg
content-length
30268
x-request-id
7c6a485b701518280d82f8bb5e7627e0
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 15 Jul 2021 08:56:05 GMT
server
nginx
x-timer
S1627763209.583996,VS0,VE0
etag
"ba1918a6c728ec49cd391f72c4a64c0d"
x-served-by
cache-wdc5569-WDC, cache-dca17749-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a56a83c9961ca45c6a47949c0a64f09d9b3c328f3e272aa933fa5c1fb05960d4

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
2026141
edge-cache-tag
621293045940373875098618898656648785884,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
40
expiration
expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
content-length
8788
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 10 Jun 2021 05:36:52 GMT
server
nginx
x-timer
S1627763209.584101,VS0,VE0
etag
"a8df56de82ee75de43725999e2390952"
x-served-by
cache-wdc5545-WDC, cache-dca12926-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
S1e4X00VJ2d_0_0_1000_600_0_large.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2021/06/22/S1e4X00VJ2d/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2021/06/22/S1e4X00VJ2d/S1e4X00VJ2d_0_0_1000_600_0_large.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2965c4ef9ba387a7820b3be5b70ebe07add62a0226c681f96af737b4b834228

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
3396657
edge-cache-tag
402860022693146812987250462866414392281,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
49
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//ynet-images1.yit.co.il/picserver5/crop_images/2021/06/22/S1e4X00VJ2d/S1e4X00VJ2d_0_0_1000_600_0_large.jpg
content-length
11272
x-request-id
85b1ce0a56d8acfc4f8f02c071306e5a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 22 Jun 2021 12:34:12 GMT
server
nginx
x-timer
S1627763209.584615,VS0,VE0
etag
"b008ba56da97a480c144b48936bef239"
x-served-by
cache-wdc5547-WDC, cache-dca17754-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
950a632c185b9bda7566be69ebf20a5a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
60 KB
60 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/950a632c185b9bda7566be69ebf20a5a.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1db0e492f6cb6d1774c12931defdd4be526d8002f4da8a52d479e66b11ff00e2

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
2516349
edge-cache-tag
326383743846339771833275813589991674638,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
671
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/950a632c185b9bda7566be69ebf20a5a.jpg
content-length
61072
x-request-id
98900473ccc55b67d6faa395f6a9fca8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Fri, 02 Jul 2021 09:37:44 GMT
server
nginx
x-timer
S1627763209.584600,VS0,VE0
etag
"e4f6f4538ae345ce5b6a34e8c3d3676d"
x-served-by
cache-wdc5540-WDC, cache-dca17720-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
945966ac829da03c96393184f034a377.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/945966ac829da03c96393184f034a377.jpeg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7029200375b9def0a59ed45120d8fcec86c6e6f420665fcf20fa16b322e427af

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
3999742
edge-cache-tag
573042033798922851517320630396827210876,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
55
expiration
expiry-date="Fri, 02 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/945966ac829da03c96393184f034a377.jpeg
content-length
9188
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 01 Jun 2021 05:09:47 GMT
server
nginx
x-timer
S1627763209.587042,VS0,VE0
etag
"d5360e4c8abc08a5531059b89a361c7a"
x-served-by
cache-wdc5535-WDC, cache-dca17753-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 12
12377006_12377028_rumble.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/26/10847709/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/26/10847709/12377006_12377028_rumble.jpg
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c624aca333a2577fa68413776cd0700cdb8ad55abaf6361e9f71c62dd7fea935

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
314676
edge-cache-tag
454307010579624753821528992208339078692,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
455
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.ynet.co.il/PicServer5/2021/07/26/10847709/12377006_12377028_rumble.jpg
content-length
8686
x-request-id
eb8c46892c61e38f8f525194ed4c29d5
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 26 Jul 2021 23:28:56 GMT
server
nginx
x-timer
S1627763209.607577,VS0,VE0
etag
"ab6ca914786efc2a95a18bf60c8186ef"
x-served-by
cache-wdc5556-WDC, cache-dca17781-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
st
imprammp.taboola.com/ Frame FA16
0
67 B
Document
General
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=CDA1ADFD9208551789856535566&cicmp=1337627&cijs=1&dast=V7AO8CFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBugHHENiMBYkGok5GQxXq8VuOFxsNpPhYjdYDqZgsIXP6e5uQwaaTofPda_X_X535cvk9JvuGr9dafbLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwD4JkDoR2ez8Nn9_sDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GKIokW6GwwS2IKoYLWIEQAAAEC24vLx0aROqCyq_v___60ArgAAAvT8f-LGsm5OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCaEI5CT1rQw8yMGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAgMseJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SZiWW0cdl8a8FoY3GLJsvRWmEaTtaS3chlMk08poXFuBa9PqbfzObZDYd7fJDFbq7YDOeSwWauWC5XCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=CDA1ADFD9208551789856535566&cicmp=1337627&cijs=1&dast=V7AO8CFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBugHHENiMBYkGok5GQxXq8VuOFxsNpPhYjdYDqZgsIXP6e5uQwaaTofPda_X_X535cvk9JvuGr9dafbLAQAAAOABgKglGmLHt6E9AgAAAECCZ-RagSKg4t9C4AIAAAAAA4BALFwD4JkDoR2ez8Nn9_sDAOChAAQAQACDBEAgsbAEwOFu8QQAAOCgTuZpm-X___8_BiDvvUkGgCJt48agB-DBB-BBCAAA4GKIokW6GwwS2IKoYLWIEQAAAEC24vLx0aROqCyq_v___60ArgAAAvT8f-LGsm5OilnDAAAAAMYW6GHx-80Ou8bvdtn_________v9n_GQCaEI5CT1rQw8yMGs_ItcLaLyAAANu7AQC8CcDFHIAdAAAAwN3___9_HgAAgMseJdtrNZ49ynqfwRY-p7u7fhO2GK0mk81yOFsuJoPhaDga7U8AlwOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4SZiWW0cdl8a8FoY3GLJsvRWmEaTtaS3chlMk08poXFuBa9PqbfzObZDYd7fJDFbq7YDOeSwWauWC5XCQAAAAAAAABgCVPmTQAAAABOg5jNJrvdihtv9kwQa7Va1gAAAADcupED!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yediot.co.il/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish
x-served-by
cache-fra19134-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1627763209.627272,VS0,VE9
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/28_3_10/infra/
727 KB
132 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish
age
1973077
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697428
x-amz-meta-mode
33188
content-encoding
br
content-length
135037
x-amz-id-2
5ZEK05RyjWXa97qptTPBSENaZ0pc6jcL83hmVOcr2fb6bBsVEaYB8SNmG5+2XhxOHKu5gLWx8+c=
x-served-by
cache-fra19134-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:50 GMT
server
AmazonS3-br
x-timer
S1627763209.626158,VS0,VE0
etag
"37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
Z5B1SHCEPKEDXX46
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
5107
cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/
44 KB
7 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish
age
1974651
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697397
x-amz-meta-mode
33188
content-encoding
br
content-length
6493
x-amz-id-2
2yWZZvT6gWp6l0uX9pHoFWIk2Hv8VbMXoRsq99K3IClzKkG/QKZ3jaeaCwqUOso5plrCYiz2g4g=
x-served-by
cache-fra19134-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:19 GMT
server
AmazonS3-br
x-timer
S1627763209.626108,VS0,VE0
etag
"083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
7VRTW61VG1AQ808K
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
21343
PMS.js
vidstat.taboola.com/PMS/2.2.1/
51 KB
16 KB
Script
General
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront), 1.1 varnish
age
1422586
x-amz-meta-mtime
1542789750
x-cache
Miss from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-fra19134-FRA
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1627763209.768507,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
oi7QB5C8BA-557rR6kkZ3x1Oul_9ZzX57MiZnxZZQZZUyJL57XdM5A==
x-cache-hits
76253
c4759e15bb293170a7c92714c517da18.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4759e15bb293170a7c92714c517da18.jpeg
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75658cb3d112238f0963d305e1e35f584e25ed5109ee8e09cdfc6e0bafde8bed

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish, 1.1 varnish
age
1341929
edge-cache-tag
620830985012291442099614449101152130596,584991238428522887003304374065006021953,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
738
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_400%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4759e15bb293170a7c92714c517da18.jpeg
content-length
30268
x-request-id
7c6a485b701518280d82f8bb5e7627e0
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 15 Jul 2021 08:56:05 GMT
server
nginx
x-timer
S1627763209.880370,VS0,VE0
etag
"ba1918a6c728ec49cd391f72c4a64c0d"
x-served-by
cache-wdc5569-WDC, cache-dca17749-DCA, cache-fra19134-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
31d9c3e1-b9df-4589-99e8-119ae38df24a
https://www.yediot.co.il/
1 KB
0
Media
General
Full URL
blob:https://www.yediot.co.il/31d9c3e1-b9df-4589-99e8-119ae38df24a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
d4248882-5391-4713-8cd7-76945de76d57
https://www.yediot.co.il/
1 KB
0
Media
General
Full URL
blob:https://www.yediot.co.il/d4248882-5391-4713-8cd7-76945de76d57
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
ongj2bhblm0ywnd2ie95.mp4
c3.taboola.com/libtrc/static/video/v1626365640/
991 KB
992 KB
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/v1626365640/ongj2bhblm0ywnd2ie95.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e16daa964f6e016783424fb8c7de4bb99299cbb0c92c7b5f25d1ec55420d419f

Request headers

Referer
https://www.yediot.co.il/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
paoUc0ekypMzWdmady8AL8j5dCzL2BLH
via
1.1 varnish
etag
"7fdc761f96e45da29d89360d735182df"
age
102
x-cache
HIT
Content-Range
bytes 0-1015007/1015008
x-amz-replication-status
COMPLETED
Content-Length
1015008
x-amz-id-2
1liFihZCR2LP7OSF+c5dZMun+vNwaF39bfKHApKs0bnWnJRyMPfYv7NCPIHHnTskEUCgPisvHvU=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 15 Jul 2021 16:14:43 GMT
server
AmazonS3
x-timer
S1627763209.894243,VS0,VE1
date
Sat, 31 Jul 2021 20:26:48 GMT
x-amz-request-id
XK8PS7BFQRFZNZ6S
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
94
x-cache-hits
0
st
imprammp.taboola.com/ Frame C369
1 KB
623 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa684e47fa05a9494a759983a5adfa13fab991989676835a7fe13d3f1980d247

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yediot.co.il/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 varnish
x-served-by
cache-fra19134-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1627763209.904335,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame C00F
1 KB
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
8d09db9f835f9edadcb739f10ab77c71ee91cca81d148d2b7ac94665df1b28a9

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.yediot.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.yediot.co.il/

Response headers

server
nginx
date
Sat, 31 Jul 2021 20:26:48 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3404
wf-generator.js
vidstat.taboola.com/wf-generator/1.1.5/
13 KB
6 KB
Script
General
Full URL
https://vidstat.taboola.com/wf-generator/1.1.5/wf-generator.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.8/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
253e207811811f532a96e83c8c05d4a1da5a5ead8751d2b5ae98ca6b463e5d17

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront), 1.1 varnish
age
559167
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
5504
x-served-by
cache-fra19134-FRA
last-modified
Mon, 14 Jun 2021 10:33:18 GMT
server
AmazonS3
x-timer
S1627763209.905659,VS0,VE0
etag
"0db1e60d5975c9daae20996e2dcf2ce0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
gbjnjPqPmiUVAhfhyLPytGgVcJHyh8FSjMrHZ6w4TelMroDzBySn1A==
x-cache-hits
328639
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=31589837&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1627763206757.5!ts:1627763208892&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:48 GMT
content-length
0
server
nginx
ongj2bhblm0ywnd2ie95.mp4
c3.taboola.com/libtrc/static/video/v1626365640/
64 KB
0
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/v1626365640/ongj2bhblm0ywnd2ie95.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.yediot.co.il/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
paoUc0ekypMzWdmady8AL8j5dCzL2BLH
via
1.1 varnish
etag
"7fdc761f96e45da29d89360d735182df"
age
102
x-cache
HIT
Content-Range
bytes 0-1015007/1015008
x-amz-replication-status
COMPLETED
Content-Length
1015008
x-amz-id-2
1liFihZCR2LP7OSF+c5dZMun+vNwaF39bfKHApKs0bnWnJRyMPfYv7NCPIHHnTskEUCgPisvHvU=
x-served-by
cache-fra19134-FRA
last-modified
Thu, 15 Jul 2021 16:14:43 GMT
server
AmazonS3
x-timer
S1627763209.909091,VS0,VE1
date
Sat, 31 Jul 2021 20:26:48 GMT
x-amz-request-id
XK8PS7BFQRFZNZ6S
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
94
x-cache-hits
0
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C00F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
0
216 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763209.122975,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C00F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a208167c-f23d-11eb-80eb-1fd522ee0306&orig=video&us_privacy=1---gdpr=0&
0
256 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a208167c-f23d-11eb-80eb-1fd522ee0306&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Sat, 31 Jul 2021 20:26:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15692

Redirect headers

Date
Sat, 31 Jul 2021 20:26:49 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a208167c-f23d-11eb-80eb-1fd522ee0306&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
80
Connection
keep-alive
Content-Length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame C00F
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f4364659-9dc4-51d4-8c15-3a0ded108804&ssp=taboola&expires=30&user_group=1
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
0
255 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Sat, 31 Jul 2021 20:26:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15698

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
date
Sat, 31 Jul 2021 20:26:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame C00F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26or...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network...
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
0
255 B
Image
General
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Sat, 31 Jul 2021 20:26:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15680

Redirect headers

location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C369
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
0
56 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763209.123149,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame C369
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a20cd18b-f23d-11eb-97e8-14e583300506&orig=video&us_privacy=1---gdpr=0&
0
256 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a20cd18b-f23d-11eb-97e8-14e583300506&orig=video&us_privacy=1---gdpr=0&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sat, 31 Jul 2021 20:26:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15692

Redirect headers

Date
Sat, 31 Jul 2021 20:26:49 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=a20cd18b-f23d-11eb-97e8-14e583300506&orig=video&us_privacy=1---gdpr=0&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame C369
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=4d537ca7-b8c0-4032-a46b-8079f89b52c3&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
0
256 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Sat, 31 Jul 2021 20:26:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15691

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
date
Sat, 31 Jul 2021 20:26:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
sync.taboola.com/sg/centrortb-network/1/rtb-h/ Frame C369
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26orig%3Dvideo...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=121&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BuserId%7D%26or...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network%2F1%2...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&partner_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcentrortb-network...
  • https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
0
256 B
Image
General
Full URL
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Sat, 31 Jul 2021 20:26:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15680

Redirect headers

location
https://sync.taboola.com/sg/centrortb-network/1/rtb-h/?taboola_hm=568dc7e7-d6b7-4499-8992-c075a5100a4c-6105b209-4348&orig=video&us_privacy=1---
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
usync.html
eus.rubiconproject.com/ Frame A2AF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=8090795&crid=4857115&dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&cmcv=&pix=undefined&cb=1627763208893&uv=2998&tms=1627763208893&abt=adh5c-1_vA!insc_vA!lf2_vA!mprdctdt0val_vB!nrlc_vA!rvf1_vB!skpdst1_vB!spa2_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=DAC5DBB09A2128450191092273734&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://imprammp.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Jul 2021 20:26:49 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date
Sat, 31 Jul 2021 20:26:49 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame D486
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V74-ACFgNtFvo6Z-4d_gRtFvo6Z-4d_gUAAAAGBvQHHcTgsEYUCmG5oCwmw9FqsFguBsvJZLfZbUZD4CAGhzWiUAjLBWUxGY5Wg8VwNBstl7PZbjGFD2O5TAa1QMIy-30HBeX09JhdBlHR9bbYHU6z5w06aDodPte9Xvf73ZUvk9Nvumv8dqXZr7Ccnh6zy_MXjHWb0WAsZouGu8FouBgLBnOh6W22AwAAAMADgFLHBsQPIABABAAAAIAEAAAAAEVAxb-FwAUAAAAABoBB1YQGwDMHQjs8n4fP7vcHAMBDAQgAgAAGCcAA8HUJAEX45gkAAAAAAAAAAMv___9_DMAe3aoMAIb9XA_Agw_AA1FBYhEjAAAAgGzF5eOjSZ1QWVQBABCkWwFcAQAE6Pn_xDGEAQAACIwt0MPi95sddo3f7TIAAAAAAAAAALP_s380IRyFnrSgh5kZtV9AAIC1X0AAADZ1AwB4E4ALOoJWDAarI6DlZjA7AAAAgLv___9_PRCYjSY212BjMvl2G9NssnFMLCPbzGRaOFym5cS4Pc-5wUgwRU6LvhBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmN-ELUaryWSzHM6Wi8lgOBqORvsTwOUAJ2KwXE4mi8luNVqNNsPdaDZYoEAMJkjRosFkNRpNFpPhajRZzZaL3W6DFK1azUabwXA1m8x2u9VwMFyORjhhi9FqMtksh7PlYjIYjoaj0RBhZmIZbVw231ow2ljcoslytFaYhpO1ZDdymUwTj2lhMa5Fr4_pN7N5dsPhFgUDcPYiuEgnyrvL9Fa-TE6_6SKWaE4W6UR22Rdmo4nNNdiYTL7dxjSbbBwTy8g2M5kWDpdpOTHuS6PZymZbrtYyw263Fu1mu7XCMXKsVSuPazbzbAaT3WAten1Mv5nNsxvu9o3ZZLebbSaD3b4xm-x2s81ksNt36Azf1edstBWOCY_Q2_hrPtqZ-aBwGSzel_p0HhaMBfO0c3S6LI9nUWf0-_1-v9_v9_v9foPWczAbFL7n4S-cPpbncjgbPYgNCkUsEZwu0onoZTxdxBLJ0yKdKFemxcpj2DgclsFoY9m4bM7hxrnZGCbG5cJjclnEEqXpIp3oFZbT02N2ef6CsW4zGozFbtFwNxgNF2PBYC40vc0W9R8fZLGbKzbDuWSwmSuWy1UCAAAAAAAAAFjClHkTAAAAgNNARqvlbrVcAAirfF1gEAAAAAAAgF3AyQ0XUa232OLGjxfy7jK9lS-T02-6MgCAwCTzZs8EsVarZQ0AACCADQAAEMCtm7cANUkO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Jul 2021 20:26:49 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date
Sat, 31 Jul 2021 20:26:49 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame D486
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c44e4d97a39ecb9812fdb7edee4f3913a3030a9bf47ad5d5b760b3bfd557aa0

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75472
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Sun, 01 Aug 2021 17:24:41 GMT
usync.js
eus.rubiconproject.com/ Frame A2AF
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c44e4d97a39ecb9812fdb7edee4f3913a3030a9bf47ad5d5b760b3bfd557aa0

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 20:26:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75472
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9358
Expires
Sun, 01 Aug 2021 17:24:41 GMT
khaos.jpg
token.rubiconproject.com/ Frame D486
284 B
965 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame A2AF
284 B
965 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/jpg
/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame D486
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QPU-9-KQ7K&gdpr=0&us_privacy=1---
0
59 B
Image
General
Full URL
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QPU-9-KQ7K&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763210.534395,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QPU-9-KQ7K&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame A2AF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---
  • https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ&gdpr=0&us_privacy=1---
0
55 B
Image
General
Full URL
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763210.539043,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
bulk
trc.taboola.com/ynet-yediot/log/3/
0
280 B
XHR
General
Full URL
https://trc.taboola.com/ynet-yediot/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
72
pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763210.513703,VS0,VE72
x-served-by
cache-fra19134-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.yediot.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D486
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOGQzZTk5ZTdhYzZmYmEyYzg0ZjkzNzEzODEyY2VlNmNmMjUwNQ&gdpr=0&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOGQzZTk5ZTdhYzZmYmEyYzg0ZjkzNzEzODEyY2VlNmNmMjUwNQ&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVkOGQzZTk5ZTdhYzZmYmEyYzg0ZjkzNzEzODEyY2VlNmNmMjUwNQ&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame D486
0
66 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame D486
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ceb6105-b209-4a00-bae3-a73b36fca07a&gdpr=0&gdpr_consent=
42 B
722 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ceb6105-b209-4a00-bae3-a73b36fca07a&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Date
Sat, 31 Jul 2021 20:26:49 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x13
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7ceb6105-b209-4a00-bae3-a73b36fca07a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 31 Jul 2021 20:26:48 GMT
tap.php
pixel.rubiconproject.com/ Frame D486
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJtKRLPCi7UzTTJmDJvHzc0&google_cver=1
42 B
722 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJtKRLPCi7UzTTJmDJvHzc0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJtKRLPCi7UzTTJmDJvHzc0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame D486
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&gdpr=0&us_privacy=1---&_test=YQWyCQADRz...
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQWyCQADRzEP-QAC&gdpr=0&us_privacy=1---&_test=YQWyCQADRzEP-QAC
42 B
722 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQWyCQADRzEP-QAC&gdpr=0&us_privacy=1---&_test=YQWyCQADRzEP-QAC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1627763210.689242,VS0,VE0
x-served-by
cache-fra19148-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YQWyCQADRzEP-QAC&gdpr=0&us_privacy=1---&_test=YQWyCQADRzEP-QAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame D486
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame D486
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRS86QPU-9-KQ7K&sigv=1&esig=2~31be7fec1093f9d2e2f95ed1313991d24ec40dc5&gdpr=0&us_privacy=1---
0
443 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRS86QPU-9-KQ7K&sigv=1&esig=2~31be7fec1093f9d2e2f95ed1313991d24ec40dc5&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:49 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRS86QPU-9-KQ7K&sigv=1&esig=2~31be7fec1093f9d2e2f95ed1313991d24ec40dc5&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame D486
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/jI7TJy6Gu2_c-_49Yy-y5A?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2329389270662274317
42 B
722 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2329389270662274317
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

date
Sat, 31 Jul 2021 20:26:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=2329389270662274317
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
609 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.yediot.co.il
URL: https://www.yediot.co.il/articles/0,7340,L-4870481,00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
17352
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by
cache-fra19134-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1627763210.570100,VS0,VE0
date
Sat, 31 Jul 2021 20:26:49 GMT
x-amz-request-id
6P8Y14FA9N2SAAH6
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
94
x-cache-hits
8307
/
www.facebook.com/tr/ Frame 64B3
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1417929278318588&ev=Microdata&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&rl=https%3A%2F%2Fwww.yediot.co.il%2F&if=true&ts=1627763209720&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Yediot%20Article%20Block%22%2C%22meta%3Adescription%22%3A%22Web%20site%20created%20using%20create-react-app%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&it=1627763207751&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 31 Jul 2021 20:26:49 GMT
/
www.facebook.com/tr/ Frame 64B3
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1499644016955673&ev=Microdata&dl=https%3A%2F%2Fsite.yediot.co.il%2Fweb%2Fgenerics%2Fleads%2FYediotLead%2F&rl=https%3A%2F%2Fwww.yediot.co.il%2F&if=true&ts=1627763209722&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Yediot%20Article%20Block%22%2C%22meta%3Adescription%22%3A%22Web%20site%20created%20using%20create-react-app%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=2&o=30&fbp=fb.2.1627763208172.980726741&it=1627763207751&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://site.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 31 Jul 2021 20:26:49 GMT
/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame 29E7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ
0
188 B
Image
General
Full URL
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763210.480094,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-fra19134-FRA

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=KRS86QQ2-G-LAJZ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 29E7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTE9Remr867Z&ev=1&orig=trc&pid=562107
0
246 B
Image
General
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTE9Remr867Z&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20861

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dTE9Remr867Z&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-vlx2w
expires
-1
getuidnb
ib.adnxs.com/ Frame 29E7
43 B
681 B
Image
General
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 31 Jul 2021 20:26:50 GMT
X-Proxy-Origin
217.138.203.199; 217.138.203.199; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
17da2907-2704-4907-b9fb-bc6fe447d9f1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 29E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG76kHin9pgnpo6JNA1anRw&google_cver=1
0
60 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG76kHin9pgnpo6JNA1anRw&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763210.491348,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEG76kHin9pgnpo6JNA1anRw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 29E7
42 B
545 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:50 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:450
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 29E7
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788
tbl-x-upstream
10.41.12.133:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15699
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 29E7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
0
56 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763211.504316,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=9ae7a435-2e0c-496d-b15f-0b7e4afdf1d3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 29E7
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=42&3pid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 31 Jul 2021 20:26:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 31 Jul 2021 20:26:50 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 29E7
49 B
729 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-sw6mk
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 29E7
43 B
697 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 29E7
0
59 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d41&uid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:49 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 29E7
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8ad9baff-7052-402b-a89a-c792212ae3e9
0
256 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8ad9baff-7052-402b-a89a-c792212ae3e9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23440

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=8ad9baff-7052-402b-a89a-c792212ae3e9
cache-control
no-cache
date
Sat, 31 Jul 2021 20:26:49 GMT
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2983
content-type
text/html; charset=utf-8
content-length
222
expires
Sat, 31 Jul 2021 00:00:00 GMT
ibs:dpid=463291&dpuuid=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/ Frame 29E7
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=ede65f61-ec6d-433f-b25f-174397178509&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/5/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/5/3.gif?puid=263e6c9d710c70a61f983bf3ff29f554&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/4/4.gif?puid=14e17ef1-840c-4667-ab0a-47166023180e&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F3%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://id5-sync.com/c/464/108/3/5.gif?puid=bb00f7a6-2250-468f-ba9b-a586ca48921c&gdpr=1&gdpr_consent=
  • https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F118%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&prevuid=03030003_6...
  • https://id5-sync.com/c/464/118/2/6.gif?puid=03030003_6105b20b4b1cc&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F146%2F1%2F7.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/146/1/7.gif?puid=1392a5af-8281-45ce-81da-7ef7e05dc292&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
0
0

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 29E7
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=CSKXbGrxDAOn_HncC7IFYQ
0
247 B
Image
General
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=CSKXbGrxDAOn_HncC7IFYQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Sat, 31 Jul 2021 20:26:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20209

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=CSKXbGrxDAOn_HncC7IFYQ
date
Sat, 31 Jul 2021 20:26:51 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 29E7
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Sat, 31 Jul 2021 20:26:08 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 29E7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=taboola&bsw_custom_parameter=45ac25c1-b485-41fd-9219-a6deb3071c83
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=taboola&expires=10&bsw_param=45ac25c1-b485-41fd-9219-a6deb3071c83
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
0
256 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22465

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=45ac25c1-b485-41fd-9219-a6deb3071c83
date
Sat, 31 Jul 2021 20:26:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 29E7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6ce2ab6f-c2ec-4327-8f4f-0993a372ef42
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&tbid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788&query=taboola_hm%3D6ce2ab6f-c2ec-...
0
91 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&tbid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788&query=taboola_hm%3D6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 varnish
server
nginx
x-timer
S1627763211.786997,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19134-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&tbid=3b24cef7-04cb-4294-a482-27ded4bc4ab8-tuct7ff3788&query=taboola_hm%3D6ce2ab6f-c2ec-4327-8f4f-0993a372ef42&isDirect=0
tbl-x-upstream
10.40.0.195:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21605
sd
u.openx.net/w/1.0/ Frame 29E7
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=
43 B
180 B
Image
General
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&gdpr=0&gdpr_consent=
date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 google
server
OXGW/16.211.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 29E7
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4364659-9dc4-51d4-8c15-3a0ded108804
0
256 B
Image
General
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4364659-9dc4-51d4-8c15-3a0ded108804
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18113

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f4364659-9dc4-51d4-8c15-3a0ded108804
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 29E7
43 B
540 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.172.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-172-53.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:50 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 29E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=cilFf-iRSzCQ8E9wFIQyjA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&ui=cilFf-iRSzCQ8E9wFIQyjA
0
114 B
Image
General
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&ui=cilFf-iRSzCQ8E9wFIQyjA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Sat, 31 Jul 2021 20:26:50 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15792

Redirect headers

pragma
no-cache
date
Sat, 31 Jul 2021 20:26:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&ui=cilFf-iRSzCQ8E9wFIQyjA
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 29E7
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Sat, 31 Jul 2021 20:26:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
3229
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19134-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1627763210.459716,VS0,VE0
date
Sat, 31 Jul 2021 20:26:50 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
94
x-cache-hits
18373
/
pips.taboola.com/
64 B
241 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 31 Jul 2021 20:26:50 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19131-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.yediot.co.il
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=446ef695-f077-4767-a1d1-5ec56f330270-tuct7ff3787&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.yediot.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 31 Jul 2021 20:26:50 GMT
Cache-Control
no-store
Server
nginx
Connection
close

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1clufhfw8sswh.cloudfront.net
URL
https://d1clufhfw8sswh.cloudfront.net/id.js?accountId=7328841
Domain
widgets.outbrain.com
URL
http://widgets.outbrain.com/outbrain.js
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOLqNoTAn9i-Ngtg5FWPlAdwd44gnq2Yxtu7ZP-g&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F160%2F0%2F8.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| YitPaywall undefined| param function| IframeLightbox number| new_gpt number| old_gpt object| googletag string| gen_ban object| general_banners_divs string| gen_ban_size object| general_banners_divs_sizes function| loadScript2 object| _taboola function| $ function| jQuery function| yq function| SetCookie function| dc_before_maavaron function| dc_after_maavaron function| addBeforeMaavronEvent function| addAfterMaavronEvent boolean| page_800 string| newMedia string| dcPath string| ParentCategory string| dcCG string| dcBgColor object| dcTags string| dcGeo string| video string| dcSite string| dcContentID number| dcLoadAds number| Dc_refresh_all number| Dc_refresh_jumbo number| Dc_refresh_ozen object| data_version object| AdUnit_properties object| AdUnit_functions object| AdUnit_template_functions object| AdUnit_styles object| AdUnit_additional_styles object| AdUnit_data function| get_style_top function| video_off function| TalkHaedPassBack function| TalkHaedPassBackgo function| RefreshAll function| RefreshOzen undefined| stage object| TemplatesConsole object| Templates function| handlecss object| _pageRefresher function| pageRefreshDisable function| pageRefreshEnable number| playerType object| DY object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| dcRes object| apd_options string| contentPageType object| initialDataLayer object| dataLayer boolean| autoPlayFP_flag function| autoPlayFP function| ATFmnpltn object| YnetYoutube object| YitVideo function| bananasDataLayerRprt function| add_accessibility boolean| accessibility_init string| current_url function| PushOpeningPicture function| ShowMivzakon function| MSIE_VER function| openWin function| openInnewWindow function| hpbClickTrans object| YNET function| txt_link object| GeneralImageManager function| GeneralImage object| GeneralImageLightBox object| MostDiscussedArticlesManager function| MostDiscussedArticles function| GalleryTv function| ArticleHtmlTable object| ArticleVideoTv function| CdaAppArticleLiveTv_onClick function| CdaAppArticleLiveTv_playVideoInline function| CdaAppArticleLiveTv_playLightboxLiveVideo boolean| is_ie5 object| e boolean| badBrowser function| loadScript function| jsonp1627763207036 object| jQuery110208826789889627333 object| Exposebox object| jb object| s function| BlockAdBlock object| blockAdBlock object| tp object| cookieconsent object| adverIds object| recaptcha object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue number| pnInitPerformance function| ___tp object| localCookieStorage object| sessionCookieStorage string| __tpVersion object| jQuery112406570608594180072 object| SWG object| gaplugins object| gaGlobal object| gaData object| TRC object| _tblConsole undefined| msg function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| cX function| cxCCE_callQueueExecute object| cxTest function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| cx_callQueueExecute function| cx_pollActivity function| cx_pollActiveTime function| cx_pollFragmentMessage object| PianoESPConfig object| cXNative object| placementData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| _tfa object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| cmTag undefined| define function| startCMTagMain object| _cm_wfCounters

12 Cookies

Domain/Path Name / Value
.yediot.co.il/ Name: _gat_UA-64489464-3
Value: 1
.yediot.co.il/ Name: _fbp
Value: fb.2.1627763208172.980726741
.yediot.co.il/ Name: _ga
Value: GA1.3.1156964911.1627763208
.yediot.co.il/ Name: _gid
Value: GA1.3.585214275.1627763208
.yediot.co.il/ Name: cX_S
Value: krs86pj0h6tnz21q
.yediot.co.il/ Name: __pat
Value: 7200000
.yediot.co.il/ Name: __tbc
Value: %7Bjzx%7DSXItkKfNylL0t5-sKU2DUnG8MTjHmZDq0qLJEJ_3LaMQNoXGBvm5vD9zh2Z0Z0g34lD1zAaqLvGXrsCE0APThBIoCfk-w1cLOW1Slw9YsC4
.yediot.co.il/ Name: xbc
Value: %7Bjzx%7DFuRjoWwE_GtCJdAm-72Qcv_Dd2pLhqns4z-bOAR9AA6TI-_Woynptm4Kd29jztzYZjZgk35uJWU_oRDGfzaMHfyMDz2D-7X96WVzqRTT52Gyw_VjIlmpJ00zSgBxiXm91XjUvIVbAVNlhQNTt8UoVGUeZegioVZtKvCvPSp8tQ4vetrL11HDxVc2mE4bwnu4yuNtkt_jWTHv4pvVfWHY3DLTuVsqZlww_CARUtgzWNPTyISBH61XzoHrDW2bJMtqZk_c15w4re3FzCZhP1ptsGDVZKsB6dyc0m6W1H_jf-BKZ1jUg_zslCXBk0bgjFsn9WN-isn4kSAwoOIpS3tJea6l-fID_VqP6WdnDbN__AY
.yediot.co.il/ Name: _gcl_au
Value: 1.1.1697189727.1627763208
.yediot.co.il/ Name: __pvi
Value: %7B%22id%22%3A%22v-krs86pc4i0fdfkhe%22%2C%22domain%22%3A%22.yediot.co.il%22%2C%22time%22%3A1627763207859%7D
.yediot.co.il/ Name: _dc_gtm_UA-64489464-3
Value: 1
www.yediot.co.il/ Name: __adblocker
Value: false

6 Console Messages

Source Level URL
Text
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048(Line 6)
Message:
[GPT] Div ID passed to googletag.display() does not match any defined slots: ads.top.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 1417929278318588.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - You are sending a non-standard event 'Lead-Popup Articles'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - thumbs-feed-01
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210729-2-RELEASE.js(Line 3)
Message:
TRC.TranslationsManager - language key: he not recognized for feature userx.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.sportradarserving.com
ads.betweendigital.com
ads.yahoo.com
am-match.taboola.com
am-vid-events.taboola.com
bh.contextweb.com
bidswitch-eu.splicky.com
bttrack.com
buy.tinypass.com
c3.taboola.com
cdn.cxense.com
cdn.taboola.com
cdn.tinypass.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
comcluster.cxense.com
connect.facebook.net
d1clufhfw8sswh.cloudfront.net
dis.criteo.com
dpm.demdex.net
dy2.ynet.co.il
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
ib.adnxs.com
id.rlcdn.com
il-trc-events.taboola.com
images.taboola.com
images1.ynet.co.il
imprammp.taboola.com
jadserve.postrelease.com
loadm.exelator.com
match.adsrvr.org
match.taboola.com
pips.taboola.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
server.exposebox.com
sf.exposebox.com
simage2.pubmatic.com
site.yediot.co.il
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
token.rubiconproject.com
totalmedia2.ynet.co.il
trc.taboola.com
u.openx.net
vidstat.taboola.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.npttech.com
www.promisejs.org
www.yediot.co.il
www.ynet.co.il
www.youtube.com
x.bidswitch.net
d1clufhfw8sswh.cloudfront.net
dpm.demdex.net
widgets.outbrain.com
104.103.80.80
104.109.78.125
104.79.89.90
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.226
151.101.13.44
151.101.14.49
172.104.121.22
178.250.2.151
178.63.13.144
18.195.155.181
18.195.66.88
18.214.172.53
185.106.33.48
185.29.132.245
185.33.221.89
185.64.190.80
185.86.138.114
185.94.180.126
192.132.33.46
198.148.27.140
2.19.35.65
216.52.2.19
216.58.212.162
23.111.200.118
2606:4700:3035::ac43:933a
2606:4700:3037::6815:3c3f
2606:4700::6811:bab1
2606:4700::6812:acf
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9b
2a00:1450:400c:c06::9c
2a02:26f0:6c00:282::30bc
2a02:26f0:6c00:2a7::268b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:110:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::300
3.120.43.188
35.186.243.63
35.201.85.158
35.227.248.159
35.244.159.8
35.244.174.68
49.12.13.182
52.28.167.107
54.78.254.47
66.155.71.25
69.173.144.138
76.223.111.131
76.223.111.18
054996c129a1f9d5a629805490c1050f21b800d34e21214eb1d99bd2abd38ab5
07fd7d9ac0fc0d61e032f4f26a7b7b666cc319efa6eea422f0ef726f5e3f4f3f
09241ff41930c47b4c8b95391523ebce70b194aa3d94a609bb73d757fcf4bbab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc18f63f01eb720a40417ecb71668194eede9c286f6df56a33362477d7cde81
0c44e4d97a39ecb9812fdb7edee4f3913a3030a9bf47ad5d5b760b3bfd557aa0
0f73b83f93030cb1ab7faa606edc7033420a85a176ec873ede1d7bd1d76c5504
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15c2e0bfafdda021470c289cf0b2060ffd2ce4945571e7db032bc4e2545c2706
176f1e128bae65a6ea90eaba0c9bed61a48f92a67904ed3358ec1a153ecb3a8d
194c7fc88e7baefa0071440848b011d8723296bbda7781e892ac828521d84c8d
1a7eca3af79b28faa3e9a98d378286a34c467ff72a0d3e1dcd49ef2426dd44ed
1af5926ba879449b1c351bea0df6b2234bd622ac7550333810951548bf570236
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c785eca38b7d13bfc54bf31688878151b55bcc103df1849b0d8918a31b0d559
1d69cdb69f052adf340cbaab49a9c161a5fadbb49480c3e0eee7677ece1b2845
1db0e492f6cb6d1774c12931defdd4be526d8002f4da8a52d479e66b11ff00e2
1f682195834570225e7bb9d718521bc8bc3b3581d99df21e873fd0fff83a12c8
22c17a8e793020e7ec887cf459e6ccf14e3bc459198b6002f95c40550cc94df4
253e207811811f532a96e83c8c05d4a1da5a5ead8751d2b5ae98ca6b463e5d17
26d140bcf8c0c6889428085ce0b6f2c09c957985d85a9bc7a3e90651ff05d8de
28097da891cb86c5bebe47c64b978b261633fa0d0bc212da6f1b950c538dcd2c
28749c9acef6005f42e896c0bb250e67e74ffad80054d5dc462f2b3c8a85f9bf
302dafde82b53880f321f730fa7b0287e9133077e4f1f682f21a05812af30ec3
31337b39aa78a20fcc4deaf30bc116c59e8084215571ac735c8142c0c23058ab
35c194707e3772785ce37f9c9efb3c752ae2a089c48c53f91c0d4b9436dea7e5
381bdcc476c67309e57b14a17e742ad68413948ac41261f9ed57fabfd6036d09
3951ea385240a46935538cafc149fc59435712d1fabd8a5b9fb7cfe2cd88bc6f
3aa1e9b8f3eaa3781725818b9550ec81202316d4c297b7edc8b8d4bd4b8d196f
3cd7b981f1444024f90cf72ca3b98490dcd68b0abd8e47d410b2bbddd53d6032
3ceec784dd71e2af9f899ebf6f729552c2b313d103d3bf43ead34962703ceba7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f85dfa211770e77ae74625ad98e4b1a114808bea92c6a361c25d0c889de9ecd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4465ae1a9eeb81576867402063b1e75ee3d7b44463d56e69e6fe30412d6714f3
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
463b6bf17533b9c9c3f404b8cfc2f389fcc19cd32b3484fc9c9febd019977413
489031b4b49cd663c247a5f37663db2cf4e30eb88d605c03d18a022cf9c06f8c
48d860bcad995858eae2dba96b5866d5d4e85c63e416279918142f30b9031b96
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df5b681974872f8b318172a396d06c87c582f15f5fd8518f0eb5fa337de60dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
51d8d0c12e399495963bccc9e89aeb4555c568f46d358d6ea3b8928ca535d799
522210b503559a7bf066532dea5718fc853bc754eb01ac42715cc9315261b470
554c515f6e577ab3eeb2ec3556b716d7bef884edf80c7981a8bbc11d668dac8a
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
59cb71b9e76b9047bb3d25ff19b6fd4edd00341332c326e9b3c464bc24c5369f
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b30e6726f7f2445eb19873996af07e92123ba62f81c370145938d644e022592
5dc3e0c4d1a1295bc10626e93066afc50910175182d11181ceedbb853c64beb2
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
626c6ae5e40fd5dd049f56ca648f59a0938d4ba144249064fc0e0316e267b0a5
654a6d6808dfc4e817d8d70eebebd98f0add214485983e60a53111de95db8bdc
65f847fec196b031096f75b43f76d66c466e5f5ed2419d4bd9008600a55bb913
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c618bd05939f6370283794c4ab5db246f285e280d0149f9769878686536ed9e
6d2b2652cd4f5b0c8ce1b586871e24d54cc134737f50f8ba6a16c469ad9cf5fb
6d69d4c19edbadc15c9af15b7fd83b17db01a37c7b195dc4f476d44c3aeab64a
6f7871d93d5c3d1704ff63df786e947d15254a0dc27af5b429b03a7090d07ff0
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
7029200375b9def0a59ed45120d8fcec86c6e6f420665fcf20fa16b322e427af
71e4efce19eabf9c5a066ed7a8f8c39032a7bbf9342b14e212f0f770e13040a7
7238da1c9ff33e82913c05ab192330134b1d065dc09cafc33d264bcc12184347
731d940e21687be48d0ff8fff06cfd0eab9a4470805a988458a81639e93b3788
749886f0c7b06a4df622b00a061a33b7b7343bc1987941c26f8b455e6a63a54c
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
75658cb3d112238f0963d305e1e35f584e25ed5109ee8e09cdfc6e0bafde8bed
78b341647e8bf718869378550c0c14b87bfe33967b4944d7dac6a2a1f3290d4c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
81ac86866f450460ed3daebc32527ec54f64d78153929bd114c8f5fbfcd0f868
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849ad50d8f39d01c26fb4a2441e1d8a36d4bb3798c5025a457d1a21fec0c1185
85a722e8834094b21fbe67cbed679557d7994551a6aba5933ffe59aebb73354d
87c7d859b413becc7a5462792641cd40bac6f3b200bc4c1d4f3a2a507853a428
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d09db9f835f9edadcb739f10ab77c71ee91cca81d148d2b7ac94665df1b28a9
8d6fe14f6fbe2254c7a921ad93c369f0e8987b3becad3765ec2097784c470016
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fbfb42bb82ce3052352ce7cf22ae4e2b0dbeed1c324f2c490e8e0405d09b3d7
910294ed1a5d983b099565a12161d64485e4a6f3bd8a195dddccc3bc26e5f0d7
95f321711eeab0d24c69e107b690e78f73c7c22c492fbb378a340fedb1d73cef
97995d1abe70dabbf67556a12a1f503135354400111661e9963e66f27b1fcf08
9b5c5ba62f3273a3176c0d737a99b71456ec42a46f3f6edbc055dcc1f5cba677
9d3b5cfd747f2915e403e9f4d3310d859ef2b23032411d69ff8cde3e9252594d
9fee16bf70a2a59899db06f6f89fdf70a923225884fb0aea3114f35d678f47f5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a56a83c9961ca45c6a47949c0a64f09d9b3c328f3e272aa933fa5c1fb05960d4
a9770b62ec977db11581722ba2df755b2dfcc18a0871525664bcb71b2b15ca7e
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa684e47fa05a9494a759983a5adfa13fab991989676835a7fe13d3f1980d247
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
ad82da358e099f6ab434539b36c717cbaff001a72ae934b55a905e8e650d54bb
ad91a71d5f7c70d4f43c0e45b43a0a751b2b8fb63e95cfd0138ff6f51a443c67
b2013fe8cc0a10803df0a906d84209b4952d5d567c5d35df6941d955f1dfc661
b5b5da07e2129fa4bcadf9cf063c7e8fb0c46fe57ea73a094ac0d5c426fa65d0
b6d394d083e0465f855f46886c2a761ada005c8360850e421248f4394b148bdf
b71acad0dfb12aea811ad43eb6ffc6bbc6f0608a4b800dfccd91578b635b0a62
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b91bca177cd45dfc501b5e808b9c46c643596282dd69202f192d3a515678e9e3
b9bf3e5d7bd6b67899f7406dd575f71a8d61c0f53fca4a9a4ae68b571deaab55
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be6a51e68a2663c335ecc20d0089a129add9fb54e82005f33367a93b4fbcdfdd
c2965c4ef9ba387a7820b3be5b70ebe07add62a0226c681f96af737b4b834228
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c440345525c8f9e01bcc0eecbed2c222c0197aec70d698e0b11a95bd01bb7fd3
c624aca333a2577fa68413776cd0700cdb8ad55abaf6361e9f71c62dd7fea935
c81d3d7e8a4c0c965e1cb88432fbda45813f8ec6e53e634ec7ffa08a8f403c7e
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0ec791e5d01203ed583fc07db9b1de3474a4a4bc104236bb926ec094bd4ac5e
d460b778ec7eabdcad1892c3bc936f54de25f3bde81e5f9c473ff124e9aebcf7
d72d0a04250f368e269f95bc50f9ecddd62cb268fd1e0ebe195450d747c090d6
daec6e9e6ab3eee943bd7f41fe64b93bb480a6b7476f673f845a6b7cb1838254
db4523282c95848ac9d018f7f99b3d76fa30e5c25b0c3633ead6dbedb71e32cc
db5bf9a91b7e05388b953154183762971d47ef02aa365db3cf4187dddbb86080
dc931ea34d0ad551a25406f3434faceffedd3f1790cce27ce044aa331a743c8b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de738aae85066f146a6e60870f51ca98784bbf16542a7af7fd80618bf9f4ecc5
e007a6b5c104124d361568da746865c36e9bc9150f7cfd6978446811aa7efa2d
e16daa964f6e016783424fb8c7de4bb99299cbb0c92c7b5f25d1ec55420d419f
e19027d8543b2a8dc5cfa508102b45a9a03de86396c489323ed0d230692ec1fd
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e27717dfcb2d1832c902c188ccd8026c618367c308c1871bb9c8da4e984e7653
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8eff9f55582f613ed0ebd8e4c67c09c9637659fd9d28ca8f83b025381689e48
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
edb480587a1e0c82f3091acc62eaa035ec07e83d528755c4073fcf202e4ffc82
ee6e29a09ff944459efb0aca9ba67a7060524b574bd5ebdb216e2e16271375d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b20fa7b9792811b85f7a46e1f1e657fd13180c5f222529b14a0c04f30d3d08
f3f5e4a2e07d54a282e20ffeca279aa616c483d0c8012388e8c006e698ab7e50
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f76a83a16fbdce518918d677f6c59d67357f43059edfcfb30dd8f9dbba62d4ff
fb2356ff8c04b5fd52805d9797ec4e9f61aa02529731ad3c6bc8147e7af75f0f