urlscan.io logo urlscan.io
SecurityTrails logo

xnestrade.xnes.co.il Open in urlscan Pro
34.96.65.250  Public Scan

Go To Rescan Add Verdict Report
URL: https://xnestrade.xnes.co.il/
Submission: On July 29 via manual from IL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 12 domains to perform 46 HTTP transactions. The main IP is 34.96.65.250, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is xnestrade.xnes.co.il.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 29th 2024. Valid for: a year.
This is the only time xnestrade.xnes.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 34.96.65.250 396982 (GOOGLE-CL...)
1 18.173.187.36 16509 (AMAZON-02)
4 44.206.57.155 14618 (AMAZON-AES)
1 172.217.16.202 15169 (GOOGLE)
2 142.250.185.142 15169 (GOOGLE)
4 142.250.184.200 15169 (GOOGLE)
1 142.250.185.170 15169 (GOOGLE)
4 157.240.0.6 32934 (FACEBOOK)
1 18.239.94.35 16509 (AMAZON-02)
1 3 142.250.185.102 15169 (GOOGLE)
2 142.250.185.206 15169 (GOOGLE)
1 173.194.76.154 15169 (GOOGLE)
2 142.250.185.67 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
2 13.32.27.19 16509 (AMAZON-02)
6 157.240.253.35 32934 (FACEBOOK)
1 142.250.185.68 15169 (GOOGLE)
1 23.20.39.30 14618 (AMAZON-AES)
46 19
8    34.96.65.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.65.96.34.bc.googleusercontent.com
xnestrade.xnes.co.il
1    18.173.187.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-36.muc50.r.cloudfront.net
qp-sdk.cl-11.privacy-rating.com
4    44.206.57.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-57-155.compute-1.amazonaws.com
portal.allyable.com
1    172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f10.1e100.net
fonts.googleapis.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
4    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
1    142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net
ajax.googleapis.com
4    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    18.239.94.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-35.ams1.r.cloudfront.net
static.hotjar.com
3    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
4694204.fls.doubleclick.net
ad.doubleclick.net
2    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
analytics.google.com
1    173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net
stats.g.doubleclick.net
2    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
www.google.co.il
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads.g.doubleclick.net
2    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
6    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
1    142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net
www.google.com
1    23.20.39.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-39-30.compute-1.amazonaws.com
portal.allyable.com
Apex Domain
Subdomains		 Transfer
8 xnes.co.il
xnestrade.xnes.co.il
1 MB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
5 doubleclick.net
4694204.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
5 allyable.com
portal.allyable.com — Cisco Umbrella Rank: 207397
337 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
82 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
385 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
64 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
63 KB
2 google.co.il
www.google.co.il — Cisco Umbrella Rank: 18481
562 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 641
31 KB
1 privacy-rating.com
qp-sdk.cl-11.privacy-rating.com
20 KB
46 12
Domain Requested by
8 xnestrade.xnes.co.il xnestrade.xnes.co.il
6 www.facebook.com xnestrade.xnes.co.il
5 portal.allyable.com xnestrade.xnes.co.il
qp-sdk.cl-11.privacy-rating.com
4 connect.facebook.net qp-sdk.cl-11.privacy-rating.com
4 www.googletagmanager.com qp-sdk.cl-11.privacy-rating.com
2 script.hotjar.com qp-sdk.cl-11.privacy-rating.com
2 www.google.co.il xnestrade.xnes.co.il
2 analytics.google.com qp-sdk.cl-11.privacy-rating.com
2 4694204.fls.doubleclick.net 1 redirects qp-sdk.cl-11.privacy-rating.com
2 www.google-analytics.com qp-sdk.cl-11.privacy-rating.com
1 www.google.com xnestrade.xnes.co.il
1 googleads.g.doubleclick.net qp-sdk.cl-11.privacy-rating.com
1 stats.g.doubleclick.net qp-sdk.cl-11.privacy-rating.com
1 ad.doubleclick.net xnestrade.xnes.co.il
1 static.hotjar.com qp-sdk.cl-11.privacy-rating.com
1 ajax.googleapis.com qp-sdk.cl-11.privacy-rating.com
1 fonts.googleapis.com xnestrade.xnes.co.il
1 qp-sdk.cl-11.privacy-rating.com xnestrade.xnes.co.il
46 18

This site contains links to these domains. Also see Links.

Domain
allyable.com
www.xnes.co.il
www.youtube.com
t.me
www.facebook.com
Subject Issuer Validity Valid
*.xnes.co.il
GeoTrust RSA CA 2018		 2024-05-29 -
2025-06-02		 a year crt.sh
*.cl-11.privacy-rating.com
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
*.allyable.com
Go Daddy Secure Certificate Authority - G2		 2023-08-20 -
2024-09-20		 a year crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-07 -
2024-08-05		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google.co.il
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://xnestrade.xnes.co.il/
Frame ID: 4D9DAC07918729409441D4DA5628ABFD
Requests: 52 HTTP requests in this frame

Frame: https://4694204.fls.doubleclick.net/activityi;dc_pre=CN70t7SwzIcDFWppHgIdibItnQ;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9181662105z8566269za201zb566269;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fxnestrade.xnes.co.il%2F
Frame ID: 149580E1BA1985F3373C2067A4A5B055
Requests: 1 HTTP requests in this frame

Frame: https://portal.allyable.com/aweb/storage?license=c4283f081e984175b3c33bd7d616f939&runtime=3.40.8
Frame ID: FDA6134F9861D57AE930AA51B26D4B54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

פתיחת חשבון ניירות ערך

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

18
Subdomains

19
IPs

2
Countries

2185 kB
Transfer

7976 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://4694204.fls.doubleclick.net/activityi;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9181662105z8566269za201zb566269;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fxnestrade.xnes.co.il%2F HTTP 302
  • https://4694204.fls.doubleclick.net/activityi;dc_pre=CN70t7SwzIcDFWppHgIdibItnQ;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9181662105z8566269za201zb566269;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fxnestrade.xnes.co.il%2F

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xnestrade.xnes.co.il/ 		25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
ba510538bcc260ca0addab25d31d303bb1a6bc5519903745c9bf8d4d4a2d3cbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jul 2024 13:41:58 GMT
etag
W/"5b68d4fbcc9ada1:0"
last-modified
Tue, 30 Apr 2024 07:06:54 GMT
server
rhino-core-shield
strict-transport-security
max-age=31536000; includesubdomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-powered-by
ASP.NET
x-xss-protection
1; mode=block
bootstrap4.min.css
xnestrade.xnes.co.il/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/bootstrap4.min.css
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includesubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:33:29 GMT
via
1.1 google
age
509
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21388
x-xss-protection
1; mode=block
last-modified
Thu, 13 May 2021 08:50:28 GMT
server
rhino-core-shield
etag
W/"0e2b35d547d71:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=600, s-maxage=600
accept-ranges
bytes
websdk2.js
qp-sdk.cl-11.privacy-rating.com/websdk/ 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad8db215c7ef8270a295b17d0101208464505571de3a823124c122811a11f8ab

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:41:59 GMT
content-encoding
gzip
via
1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
last-modified
Mon, 29 Jul 2024 13:04:19 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
etag
W/"184f064834eba5268f5441c021b1c180"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JVjRTx7ctR1sco733g7E2BvtZzrwpzUD0zfR5VZaFPPTNnYG__r5gw==
aweb
portal.allyable.com/ 		643 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.allyable.com/aweb?license=c4283f081e984175b3c33bd7d616f939
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.57.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-57-155.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6c709c2a7d5a68aecdda35323e004a4cf5790eaea6de68727838ec2a3233c729
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:41:59 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
version_aweb
3.40.8
server
Microsoft-IIS/10.0
etag
FLzzHpT+ytVFFtAGReiuiw==
x-mks
E2-01
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
c3650cdf-216a-4ba2-80b0-9d6c540b105e58d2670b-ea0f-484e-b88c-0e2c1499ec9bd71e4b42-8570-44e3-89b6-845326fa43b6
xnestrade.xnes.co.il/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/c3650cdf-216a-4ba2-80b0-9d6c540b105e58d2670b-ea0f-484e-b88c-0e2c1499ec9bd71e4b42-8570-44e3-89b6-845326fa43b6
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
08eadd59afa0ffbb55a7283ea2edb39391768b1a6c4baab464aa9f4d5c21a7c1

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:41:58 GMT
content-encoding
gzip
via
1.1 google
server
rhino-core-shield
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript
cache-control
no-cache, private, no-transform, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 01 Jan 1970 00:01:48 GMT
main.a15acbc7.chunk.css
xnestrade.xnes.co.il/static/css/ 		2 MB
468 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/static/css/main.a15acbc7.chunk.css
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
f35acc99e621fe76d27d19848704d6b48428afc51f6931e3e38aca0fea2134dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includesubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:41:41 GMT
via
1.1 google
server
rhino-core-shield
last-modified
Tue, 30 Apr 2024 07:06:54 GMT
age
17
x-powered-by
ASP.NET
etag
W/"2c41cdfbcc9ada1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=600, s-maxage=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
2.ec7f221d.chunk.js
xnestrade.xnes.co.il/static/js/ 		1 MB
374 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/static/js/2.ec7f221d.chunk.js
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
9a924ee0084de30190eb637d68ab4a90fca9bdd54d3d4f464ce4d22a2dc56b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includesubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:39:41 GMT
via
1.1 google
age
137
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
last-modified
Tue, 30 Apr 2024 07:06:54 GMT
server
rhino-core-shield
etag
W/"69a3cffbcc9ada1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600, s-maxage=600
accept-ranges
bytes
main.961e5e8b.chunk.js
xnestrade.xnes.co.il/static/js/ 		534 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/static/js/main.961e5e8b.chunk.js
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
94bc0d6c5458bf7696f8bcb4830b33c499a170b18dd5b103bbad21ede061b6a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includesubdomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:39:41 GMT
via
1.1 google
age
137
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122758
x-xss-protection
1; mode=block
last-modified
Tue, 30 Apr 2024 07:06:54 GMT
server
rhino-core-shield
etag
W/"2c41cdfbcc9ada1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600, s-maxage=600
accept-ranges
bytes
55078c5c-3663-4b2b-8a47-5c2f5205dd50
https://xnestrade.xnes.co.il/ 		73 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://xnestrade.xnes.co.il/55078c5c-3663-4b2b-8a47-5c2f5205dd50
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3547ac4c5cdd20ee19f50be43cabb9fbed7b25998dc89ae1ee365150084164c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
73
Content-Type
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/static/css/main.a15acbc7.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f10.1e100.net
Software
ESF /
Resource Hash
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 29 Jul 2024 13:41:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 11:44:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Jul 2024 13:41:59 GMT
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
308183945da36824e85363dfc903131139a9d9023b443841a40dde0a35fe9b1e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
group.2538e016.png
xnestrade.xnes.co.il/static/media/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xnestrade.xnes.co.il/static/media/group.2538e016.png
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
01046cc1a45c69a08df36d4dba880f1194edf16a94e9c7a8b457ece56bde8ced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includesubdomains
via
1.1 google
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:39:42 GMT
last-modified
Tue, 30 Apr 2024 07:06:54 GMT
server
rhino-core-shield
age
137
x-powered-by
ASP.NET
etag
"2c41cdfbcc9ada1:0"
content-type
image/png
cache-control
public, max-age=600, s-maxage=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60605
x-xss-protection
1; mode=block
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b46031e4d236fcbae5d0f72a87ff1bf920dcf62e5e5f9b1eb37f4ddab09a840f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6357f4819d462124e881a0920f7c58f880fa6b49b982ce6e6b2b540efb7ef75

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31456e1c0ec3af6770376233760a8388753b403285d0d9d0acd0bc7e0e75919

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		758 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7313df0d64de073fe7b20c0ca14d8c830f940516b6323a127805bd3bbd27f0ee

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdc388b703dfaaee94b55bd89949acba43f61946d8119f5d4619ad9baa6f8758

Request headers

Referer
Origin
https://xnestrade.xnes.co.il
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
719f37cfd1d047f03b5b196c5667e337c458a5f3cb54302d64062454650d8ecc

Request headers

Referer
Origin
https://xnestrade.xnes.co.il
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		137 KB
137 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce090457f88ef84bb0f409bd4e3cc4521c3a4113eb1059dea6ac484053cc6b24

Request headers

Referer
Origin
https://xnestrade.xnes.co.il
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 12:53:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2917
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 29 Jul 2024 14:53:22 GMT
gtm.js
www.googletagmanager.com/ 		445 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-DSZK&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bd2ef14c0014e183f3f36b61f597e62122c3f376da65734e9e00ad283bd51676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:41:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128597
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jul 2024 13:41:59 GMT
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=328041584&t=event&ni=0&_s=1&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&ul=he-il&de=UTF-8&dt=%D7%A4%D7%AA%D7%99%D7%97%D7%AA%20%D7%97%D7%A9%D7%91%D7%95%D7%9F%20%D7%A0%D7%99%D7%99%D7%A8%D7%95%D7%AA%20%D7%A2%D7%A8%D7%9A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=securities_trading_account&ea=opening_page_loaded_100&el=&ev=0&_u=IEBAAEABAAAAACAAI~&jid=765866675&gjid=1995514513&cid=34292403.1722260520&tid=UA-3136411-1&_gid=657478699.1722260520&_r=1&_slc=1&z=2039031244
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
58f1b9b438e8942fbc348b06d6815d83a879f7836c4ea626138985e943d2a5a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:41:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xnestrade.xnes.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
514291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 14:50:29 GMT
js
www.googletagmanager.com/gtag/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jul 2024 13:42:00 GMT
document-policy
force-load-at-top
x-fb-server-load
56
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=12, mss=1380, tbw=2777, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
WFiY6QFFR+SP3kbuppsCjduEiSZRN8gKrQl6DYeb1VlhZJszcb2hQLgPQTKE6UyfPu6uUiBVhfCAGnv+3VZc5A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		286 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TX6SFL8YH7&l=dataLayer&cx=c
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ed950bc369f6ec7f8060989768300247a6d90fcfb411e4877c3dad9093085bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:42:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100312
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jul 2024 13:42:00 GMT
destination
www.googletagmanager.com/gtag/ 		239 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1004420011&l=dataLayer&cx=c
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
231466536535051edb849bf71d119cf52cea6fe13ba0b0bcf743a9b3f963915f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:42:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86525
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jul 2024 13:42:00 GMT
destination
www.googletagmanager.com/gtag/ 		213 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-4694204&l=dataLayer&cx=c
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6839a5a868e7c5c4908e04fe3fd777572bf181690eb2d8201a2eb7292e0fe5f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:42:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78338
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Jul 2024 13:42:00 GMT
hotjar-2800501.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2800501.js?sv=7
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-35.ams1.r.cloudfront.net
Software
/
Resource Hash
7bbdd6a0031cdb2bbaf58ba0eb998c43a422b6207be5c7622e8a5d53ad6fcfa4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:42:00 GMT
via
1.1 8ac1a27a8fede22f241f081ad0edec42.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
37
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/e37964efdf7e11f71b81a841038fbf0f
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
b81Lll9ZTMJXOLZI4Drj1RUERUq_wcsLHkVgm_xHnDnnJIPYeGO28g==
activityi;dc_pre=CN70t7SwzIcDFWppHgIdibItnQ;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;...
4694204.fls.doubleclick.net/ Frame 1495
Redirect Chain
  • https://4694204.fls.doubleclick.net/activityi;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
  • https://4694204.fls.doubleclick.net/activityi;dc_pre=CN70t7SwzIcDFWppHgIdibItnQ;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=114800028...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4694204.fls.doubleclick.net/activityi;dc_pre=CN70t7SwzIcDFWppHgIdibItnQ;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9181662105z8566269za201zb566269;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fxnestrade.xnes.co.il%2F
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
348
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jul 2024 13:42:00 GMT
expires
Mon, 29 Jul 2024 13:42:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jul 2024 13:42:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4694204.fls.doubleclick.net/activityi;dc_pre=CN70t7SwzIcDFWppHgIdibItnQ;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9181662105z8566269za201zb566269;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fxnestrade.xnes.co.il%2F
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;p...
ad.doubleclick.net/ 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=4694204;type=invmedia;cat=nfbe23ug;ord=1;num=7696724228268;npa=0;auiddc=1918600296.1722260520;ps=1;pcor=1148000286;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe47o0v9181662105z8566269za201zb566269;gcd=13l3l3l3l1;dma=0;tag_exp=95250752;epver=2;~oref=https%3A%2F%2Fxnestrade.xnes.co.il%2F
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:00 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"5060600561749059883"}],"aggregatable_trigger_data":[{"filters":[{"14":["2408265"]}],"key_piece":"0x3a4107b0450b0129","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc17dcb62be1a16ea","not_filters":{"14":["2408265"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"13432954012567562375","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5060600561749059883","filters":[{"14":["2408265"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5060600561749059883","filters":[{"14":["2408265"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5060600561749059883","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5060600561749059883","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4694204"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TX6SFL8YH7&gtm=45je47o0v9118777012z8566269za200zb566269&_p=1722260519355&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=34292403.1722260520&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722260520&sct=1&seg=0&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&dt=%D7%A4%D7%AA%D7%99%D7%97%D7%AA%20%D7%97%D7%A9%D7%91%D7%95%D7%9F%20%D7%A0%D7%99%D7%99%D7%A8%D7%95%D7%AA%20%D7%A2%D7%A8%D7%9A&en=page_view&_fv=1&_ss=1&tfd=2411
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xnestrade.xnes.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TX6SFL8YH7&cid=34292403.1722260520&gtm=45je47o0v9118777012z8566269za200zb566269&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xnestrade.xnes.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TX6SFL8YH7&cid=34292403.1722260520&gtm=45je47o0v9118777012z8566269za200zb566269&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=553605386
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004420011/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1004420011/?random=1722260520457&cv=11&fst=1722260520457&bg=ffffff&guid=ON&async=1&gtm=45be47o0v9177753932z8566269za201zb566269&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fxnestrade.xnes.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%A4%D7%AA%D7%99%D7%97%D7%AA%20%D7%97%D7%A9%D7%91%D7%95%D7%9F%20%D7%A0%D7%99%D7%99%D7%A8%D7%95%D7%AA%20%D7%A2%D7%A8%D7%9A&npa=0&pscdl=noapi&auid=1918600296.1722260520&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e280eb767c2b8bb611d515245714e125a37d7892f0f39040fa919ada348abc22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a-web.rules.js
portal.allyable.com/aweb/assets/ 		1 MB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.allyable.com/aweb/assets/a-web.rules.js?license=c4283f081e984175b3c33bd7d616f939&runtime=3.40.8
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.57.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-57-155.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d127458e4a7a736b71bd9e521236e6686fe5777efd7cf0b253378a2873f3d7ec
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:42:00 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
version_aweb
3.40.8
server
Microsoft-IIS/10.0
x-mks
E2-01
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=86400
modules.6c69b5997f314810cfe8.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6c69b5997f314810cfe8.js
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 09:41:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
532853
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56293
last-modified
Tue, 23 Jul 2024 09:40:30 GMT
etag
"30c513084f4759247a82ab90e6ffe4cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
1AGcWpONUFxcg5Y6hKnN49UHT-2yYTA7IvwaYtSkMHn9zTsyqh2C8w==
177007626168066
connect.facebook.net/signals/config/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/177007626168066?v=2.9.162&r=stable&domain=xnestrade.xnes.co.il&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
cde2568a1209c2df72c5399c7c4d720497a28222d7d1479b7ed2ba19daa5be3f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jul 2024 13:42:00 GMT
document-policy
force-load-at-top
x-fb-server-load
34
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=62, mss=1380, tbw=64222, tp=-1, tpl=-1, uplat=194, ullat=0
pragma
public
x-fb-debug
owZsDMpbmj+INiMNkDBVrXkAJwMx88nzUwUSMp8tIAm+nZ2DObt2kUr0FPNvqDTLYqnvJJsltQpLfyAs+umgqA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=177007626168066&ev=PageView&dl=https%3A%2F%2Fxnestrade.xnes.co.il&rl=&if=false&ts=1722260520966&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.2.1722260520957.998444980459383744&pm=1&hrl=2f7bef&ler=empty&cdl=API_unavailable&it=1722260520608&coo=false&cs_cc=1&cas=2502421119808949&rqm=GET
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=10, mss=1380, tbw=2854, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Jul 2024 13:42:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=177007626168066&ev=PageView&dl=https%3A%2F%2Fxnestrade.xnes.co.il&rl=&if=false&ts=1722260520966&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.2.1722260520957.998444980459383744&pm=1&hrl=2f7bef&ler=empty&cdl=API_unavailable&it=1722260520608&coo=false&cs_cc=1&cas=2502421119808949&rqm=FGET
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 29 Jul 2024 13:42:01 GMT
document-policy
force-load-at-top
x-fb-server-load
52
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397052612926886342", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=16, mss=1380, tbw=7657, tp=-1, tpl=-1, uplat=308, ullat=0
pragma
no-cache
x-fb-debug
2viQI7pLZ0xrDCaaborrnbxIQ0Ln+zVY8Qn0z4LEt+EXp3EZxCzmeIrDteMQ3AFl6t3RYWlih/bDyVIgmqMpbw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397052612926886342"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
721023055173345
connect.facebook.net/signals/config/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/721023055173345?v=2.9.162&r=stable&domain=xnestrade.xnes.co.il&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C155%2C185%2C187%2C116%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C139%2C164%2C151%2C112%2C223%2C157%2C113%2C129%2C117%2C146
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
1aa882950670b4af0a4e6ca948d1882abd9de0caa5d34bef7bd422daf4f41620
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jul 2024 13:42:01 GMT
document-policy
force-load-at-top
x-fb-server-load
42
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=108, rtx=0, c=23, mss=1232, tbw=4326, tp=9, tpl=0, uplat=70, ullat=0
pragma
public
x-fb-debug
M45TH63uVTZ+lJ98HFSpd8Tg2KaTEbu2wvKlnaph2XQHRiX6Fht40Mg86ztHhQwxNR2GuDaBTS2CRhAx5vbSTQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1004420011/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1004420011/?random=1722260520457&cv=11&fst=1722258000000&bg=ffffff&guid=ON&async=1&gtm=45be47o0v9177753932z8566269za201zb566269&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fxnestrade.xnes.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%A4%D7%AA%D7%99%D7%97%D7%AA%20%D7%97%D7%A9%D7%91%D7%95%D7%9F%20%D7%A0%D7%99%D7%99%D7%A8%D7%95%D7%AA%20%D7%A2%D7%A8%D7%9A&npa=0&pscdl=noapi&auid=1918600296.1722260520&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkb-e5N-YGoMbaas8XQcZpBqBYnNLYw&random=84070749&rmt_tld=0&ipr=y
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.il/pagead/1p-user-list/1004420011/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/pagead/1p-user-list/1004420011/?random=1722260520457&cv=11&fst=1722258000000&bg=ffffff&guid=ON&async=1&gtm=45be47o0v9177753932z8566269za201zb566269&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fxnestrade.xnes.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%A4%D7%AA%D7%99%D7%97%D7%AA%20%D7%97%D7%A9%D7%91%D7%95%D7%9F%20%D7%A0%D7%99%D7%99%D7%A8%D7%95%D7%AA%20%D7%A2%D7%A8%D7%9A&npa=0&pscdl=noapi&auid=1918600296.1722260520&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLkb-e5N-YGoMbaas8XQcZpBqBYnNLYw&random=84070749&rmt_tld=1&ipr=y
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ms-sprite.png
portal.allyable.com/aweb/assets/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.allyable.com/aweb/assets/ms-sprite.png?license=c4283f081e984175b3c33bd7d616f939&runtime=3.40.8
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.57.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-57-155.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
558942d6d96ab853763f6bb208887a7e876cadd1659690ddb58edf022f13ee65
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:42:01 GMT
strict-transport-security
max-age=2592000
version_aweb
3.40.8
server
Microsoft-IIS/10.0
x-mks
E2-01
vary
Accept-Encoding
content-type
image/png
cache-control
public,max-age=86400
content-length
51047
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
16153794
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
wUSpNtzHIlxoafODSn2H7aNcdW2GA296ATFeNKLrzxwxR41mpHCjGw==
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=721023055173345&ev=PageView&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&rl=&if=false&ts=1722260521199&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722260520957.998444980459383744&ler=empty&cdl=API_unavailable&it=1722260520608&coo=false&rqm=GET
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=10, mss=1380, tbw=3136, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Jul 2024 13:42:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=721023055173345&ev=PageView&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&rl=&if=false&ts=1722260521199&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722260520957.998444980459383744&ler=empty&cdl=API_unavailable&it=1722260520608&coo=false&rqm=FGET
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 29 Jul 2024 13:42:01 GMT
document-policy
force-load-at-top
x-fb-server-load
40
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397052613521106722", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=16, mss=1380, tbw=3499, tp=-1, tpl=-1, uplat=216, ullat=0
pragma
no-cache
x-fb-debug
/EBoLcF5PegC1yGhh9aQC/D3cihlYIEftye2jPUwBVxeMGxJW6uzM2jebaOUpc+6BYtIEEEj8aVZ3MZLOh+Tqw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397052613521106722"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
684384970044107
connect.facebook.net/signals/config/ 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/684384970044107?v=2.9.162&r=stable&domain=xnestrade.xnes.co.il&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C155%2C185%2C187%2C116%2C138%2C143%2C180%2C122%2C222%2C109%2C121%2C139%2C164%2C151%2C112%2C223%2C157%2C113%2C129%2C117%2C146%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C149
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
878b0fa0dd305b3755b5d98df8bef9cda01fde0f4cf544c816d1ec121406ab02
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 29 Jul 2024 13:42:01 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=108, rtx=0, c=30, mss=1232, tbw=12966, tp=19, tpl=0, uplat=69, ullat=0
pragma
public
x-fb-debug
kQc9SayQYqdB+NDpW0c+UltXHPHuxTIZNkcxLS8ftsRd08fE2CuEWYwvAX0rXapdPuOW2jeEk17wX8ppEk0/5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=684384970044107&ev=PageView&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&rl=&if=false&ts=1722260521415&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722260520957.998444980459383744&ler=empty&cdl=API_unavailable&it=1722260520608&coo=false&rqm=GET
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=16, mss=1380, tbw=3357, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 29 Jul 2024 13:42:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=684384970044107&ev=PageView&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&rl=&if=false&ts=1722260521415&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722260520957.998444980459383744&ler=empty&cdl=API_unavailable&it=1722260520608&coo=false&rqm=FGET
Requested by
Host: xnestrade.xnes.co.il
URL: https://xnestrade.xnes.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 29 Jul 2024 13:42:01 GMT
document-policy
force-load-at-top
x-fb-server-load
49
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397052613022968856", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=52, rtx=0, c=16, mss=1380, tbw=6786, tp=-1, tpl=-1, uplat=49, ullat=0
pragma
no-cache
x-fb-debug
O6D+90Dgi3iEdsWrnnGfQD8EUfrFbusGZz0LFIy4r36aDYfsIno7i+xpkUV+6aHEu+x1bRPYGrwzHBCsjqJSHQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397052613022968856"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
xnestrade.xnes.co.il/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://xnestrade.xnes.co.il/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.65.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.65.96.34.bc.googleusercontent.com
Software
rhino-core-shield / ASP.NET
Resource Hash
8628238af7d6dc13ed6eb5f0a993d52474324dfadb8c490e9c92cd8f042b5e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includesubdomains
via
1.1 google
x-content-type-options
nosniff
date
Mon, 29 Jul 2024 13:32:02 GMT
last-modified
Sat, 03 Jul 2021 20:16:09 GMT
server
rhino-core-shield
age
599
x-powered-by
ASP.NET
etag
"c2ab4d434870d71:0"
content-type
image/x-icon
cache-control
public, max-age=600, s-maxage=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1150
x-xss-protection
1; mode=block
menu_icon
portal.allyable.com/aportal/storage/c4283f08-1e98-4175-b3c3-3bd7d616f939/ 		621 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.allyable.com/aportal/storage/c4283f08-1e98-4175-b3c3-3bd7d616f939/menu_icon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.206.57.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-57-155.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
9e06b4ae0f2f579c8c93edc4cd22684b3e2c8a23286dc4f25318cfdabb017cb8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 13:42:03 GMT
strict-transport-security
max-age=2592000
server
Microsoft-IIS/10.0
content-length
621
x-mks
E2-01
content-type
image/png
storage
portal.allyable.com/aweb/ Frame FDA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.allyable.com/aweb/storage?license=c4283f081e984175b3c33bd7d616f939&runtime=3.40.8
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.20.39.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-39-30.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://xnestrade.xnes.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
public,max-age=60
content-encoding
gzip
content-type
text/html
date
Mon, 29 Jul 2024 13:42:04 GMT
etag
MwAuADQAMAAuADgAOgAzAC4AMQAwAC4AeAA=
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
vary
Accept-Encoding,Accept-Encoding
version_aweb
3.40.8
x-mks
E2-01
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TX6SFL8YH7&gtm=45je47o0v9118777012z8566269za200zb566269&_p=1722260519355&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=34292403.1722260520&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1722260520&sct=1&seg=0&dl=https%3A%2F%2Fxnestrade.xnes.co.il%2F&dt=%D7%A4%D7%AA%D7%99%D7%97%D7%AA%20%D7%97%D7%A9%D7%91%D7%95%D7%9F%20%D7%A0%D7%99%D7%99%D7%A8%D7%95%D7%AA%20%D7%A2%D7%A8%D7%9A&_s=2&tfd=7428
Requested by
Host: qp-sdk.cl-11.privacy-rating.com
URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/websdk2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://xnestrade.xnes.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 29 Jul 2024 13:42:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xnestrade.xnes.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-YX2KV7BQHT&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| QPServer string| QPSegment object| QPTrustedDomains object| QPPolicyFallback object| QPTrustedParamExpression string| QPWorkerPath object| QPHostnameRegex function| QPMaskWord string| QPGuid object| QPTrustedCookieRegex object| QPIgnoreEvents object| QPTriggerWords string| QPBlockedUrl string| QPBlockedMessage object| QPIgnoreChannels function| qpCheck function| qpSavePreferences function| QPCheckRegex function| QPSdkVersion function| n3EE function| e8NN function| f1xx function| v1xx function| x8ii function| u1dd function| B011 function| p111 function| b2JJ string| idx string| test function| winsocks object| rbzns object| webpackJsonpclosedsystem object| browserDetails object| regeneratorRuntime string| GoogleAnalyticsObject function| ga object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| AWEB_PARAMS object| webpackJsonpaweb boolean| __AWEB_EMBEDDED__ object| AWEB_ERROR_REPORTER function| requestAnimationFramePollyfill function| cancelAnimationFramePollyfill object| aweb string| $AWEB_REMOTE_SERVER$ function| $AWEB_ADJUST_LICENSE$ object| google_tag_manager function| postscribe object| google_tag_manager_external function| hj object| _hjSettings function| fbq function| _fbq function| onYouTubeIframeAPIReady object| GooglebQhCsO object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

26 Cookies

Domain/Path Name / Value
xnestrade.xnes.co.il/ Name: BIGipServerIIS-POOL-XNES-TRADE-PROD_2601
Value: 51012362.10506.0000
xnestrade.xnes.co.il/ Name: GCLB
Value: CML5y_-Inq-6VxAD
.xnes.co.il/ Name: _gid
Value: GA1.3.657478699.1722260520
xnestrade.xnes.co.il/ Name: _gid
Value: GA1.3.657478699.1722260520
.xnes.co.il/ Name: _gat
Value: 1
xnestrade.xnes.co.il/ Name: _gat
Value: 1
xnestrade.xnes.co.il/ Name: _gcl_au
Value: 1.1.1918600296.1722260520
.xnes.co.il/ Name: _gcl_au
Value: 1.1.1918600296.1722260520
xnestrade.xnes.co.il/ Name: _ga
Value: GA1.1.34292403.1722260520
.xnes.co.il/ Name: _ga
Value: GA1.1.34292403.1722260520
.doubleclick.net/ Name: ar_debug
Value: 1
.xnes.co.il/ Name: _fbp
Value: fb.2.1722260520957.998444980459383744
xnestrade.xnes.co.il/ Name: _fbp
Value: fb.2.1722260520957.998444980459383744
.doubleclick.net/ Name: IDE
Value: AHWqTUlZtCwgGdLdZcxBVZ9XvyXTDhQUvc7O-W5j8EhacXqmjDWI-5v3K9G5-MRIcTw
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
xnestrade.xnes.co.il/ Name: _hjTLDTest
Value:
.xnes.co.il/ Name: _hjSessionUser_2800501
Value: eyJpZCI6IjFjNTFiZTFkLTE4OWQtNTVkYi04ZGRmLWExNDdiMjkzMTUzMyIsImNyZWF0ZWQiOjE3MjIyNjA1MjExNTMsImV4aXN0aW5nIjpmYWxzZX0=
xnestrade.xnes.co.il/ Name: _hjSessionUser_2800501
Value: eyJpZCI6IjFjNTFiZTFkLTE4OWQtNTVkYi04ZGRmLWExNDdiMjkzMTUzMyIsImNyZWF0ZWQiOjE3MjIyNjA1MjExNTMsImV4aXN0aW5nIjpmYWxzZX0=
.xnes.co.il/ Name: _hjSession_2800501
Value: eyJpZCI6IjE1ZmY0NzU2LTc0MzEtNGM4MS1iMjM0LTdiNzc1NTQ2MDJhZiIsImMiOjE3MjIyNjA1MjExNTYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
xnestrade.xnes.co.il/ Name: _hjSession_2800501
Value: eyJpZCI6IjE1ZmY0NzU2LTc0MzEtNGM4MS1iMjM0LTdiNzc1NTQ2MDJhZiIsImMiOjE3MjIyNjA1MjExNTYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
xnestrade.xnes.co.il/ Name: _ga_TX6SFL8YH7
Value: GS1.1.1722260520.1.0.1722260521.59.0.0
.xnes.co.il/ Name: _ga_TX6SFL8YH7
Value: GS1.1.1722260520.1.0.1722260521.59.0.0
.xnes.co.il/ Name: qp_debug
Value: 832181722260524147
.xnes.co.il/ Name: aweb-runtime-context
Value: %7B%22language%22%3A%22he-il%22%7D
xnestrade.xnes.co.il/ Name: aweb-runtime-context
Value: %7B%22language%22%3A%22he-il%22%7D
portal.allyable.com/ Name: AWSALBCORS
Value: FGVwfEguoZkZVbZ1xCb9COMZwr3+vMbyMgBgwlnMDrdRPSfxevdgRNe0Tj5ncRVlr/jS302LnuRcbrx170NEeblRw9wQZzwozVy5aUL862fyXdGWgqG3EGtyM06P

1 Console Messages

Source Level URL
Text
worker info URL: https://qp-sdk.cl-11.privacy-rating.com/websdk/worker.js(Line 10)
Message:
policy downloaded + 200 status + valid

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includesubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4694204.fls.doubleclick.net
ad.doubleclick.net
ajax.googleapis.com
analytics.google.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
portal.allyable.com
qp-sdk.cl-11.privacy-rating.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googletagmanager.com
xnestrade.xnes.co.il
www.googletagmanager.com
13.32.27.19
142.250.184.200
142.250.185.102
142.250.185.142
142.250.185.170
142.250.185.206
142.250.185.226
142.250.185.67
142.250.185.68
157.240.0.6
157.240.253.35
172.217.16.202
173.194.76.154
18.173.187.36
18.239.94.35
23.20.39.30
34.96.65.250
44.206.57.155
01046cc1a45c69a08df36d4dba880f1194edf16a94e9c7a8b457ece56bde8ced
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08eadd59afa0ffbb55a7283ea2edb39391768b1a6c4baab464aa9f4d5c21a7c1
1aa882950670b4af0a4e6ca948d1882abd9de0caa5d34bef7bd422daf4f41620
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
231466536535051edb849bf71d119cf52cea6fe13ba0b0bcf743a9b3f963915f
308183945da36824e85363dfc903131139a9d9023b443841a40dde0a35fe9b1e
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
558942d6d96ab853763f6bb208887a7e876cadd1659690ddb58edf022f13ee65
58f1b9b438e8942fbc348b06d6815d83a879f7836c4ea626138985e943d2a5a5
6839a5a868e7c5c4908e04fe3fd777572bf181690eb2d8201a2eb7292e0fe5f1
6c709c2a7d5a68aecdda35323e004a4cf5790eaea6de68727838ec2a3233c729
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
719f37cfd1d047f03b5b196c5667e337c458a5f3cb54302d64062454650d8ecc
7313df0d64de073fe7b20c0ca14d8c830f940516b6323a127805bd3bbd27f0ee
7bbdd6a0031cdb2bbaf58ba0eb998c43a422b6207be5c7622e8a5d53ad6fcfa4
8628238af7d6dc13ed6eb5f0a993d52474324dfadb8c490e9c92cd8f042b5e85
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
878b0fa0dd305b3755b5d98df8bef9cda01fde0f4cf544c816d1ec121406ab02
94bc0d6c5458bf7696f8bcb4830b33c499a170b18dd5b103bbad21ede061b6a0
9a924ee0084de30190eb637d68ab4a90fca9bdd54d3d4f464ce4d22a2dc56b92
9e06b4ae0f2f579c8c93edc4cd22684b3e2c8a23286dc4f25318cfdabb017cb8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad8db215c7ef8270a295b17d0101208464505571de3a823124c122811a11f8ab
b3547ac4c5cdd20ee19f50be43cabb9fbed7b25998dc89ae1ee365150084164c
b46031e4d236fcbae5d0f72a87ff1bf920dcf62e5e5f9b1eb37f4ddab09a840f
ba510538bcc260ca0addab25d31d303bb1a6bc5519903745c9bf8d4d4a2d3cbe
bd2ef14c0014e183f3f36b61f597e62122c3f376da65734e9e00ad283bd51676
cdc388b703dfaaee94b55bd89949acba43f61946d8119f5d4619ad9baa6f8758
cde2568a1209c2df72c5399c7c4d720497a28222d7d1479b7ed2ba19daa5be3f
ce090457f88ef84bb0f409bd4e3cc4521c3a4113eb1059dea6ac484053cc6b24
d127458e4a7a736b71bd9e521236e6686fe5777efd7cf0b253378a2873f3d7ec
d31456e1c0ec3af6770376233760a8388753b403285d0d9d0acd0bc7e0e75919
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e280eb767c2b8bb611d515245714e125a37d7892f0f39040fa919ada348abc22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ed950bc369f6ec7f8060989768300247a6d90fcfb411e4877c3dad9093085bb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35acc99e621fe76d27d19848704d6b48428afc51f6931e3e38aca0fea2134dc
f6357f4819d462124e881a0920f7c58f880fa6b49b982ce6e6b2b540efb7ef75